Echelon Photos
|
So What is Project ECHELON?
Most of you have probably heard about ECHELON. The aim of this
document
is to clarify what ECHELON really is.
The highly automated UKUSA system for processing Comint, often
known
as ECHELON system was brought to light by the
author Nicky Hager in his 1996 book, "Secret Power: New Zealand
s role
in the International Spy Network".
ECHELON is a global electronic surveilance network which is designed
and
coordinated by NSA, United States Goverment and has been operated
since
1980'-it is part of the post Cold war developments based on the
UKUSA
agreement signed between the UK, USA, Canada, Australia and New
Zealand
in 1948.
It is a global network which can intercept all:
- Telephone
- Telex
- Satellite communications
- Fax
- E-mail communications
The monitoring of all these mediums of communications is done
on a
"routine and indiscriminate" basis. Meaning that the system works
by
indiscriminately intercepting very large quantities of communications
and using
computers to identify and extract messages from the mass of unwanted
ones".
Details on the security of the communications medium
Standard Telephone
This is the most unsecure means of communication. All voice signals
travel
without any encryption and the telephone system is the most
trivial one to
wiretap. Wiretapping techniques are largerly undetectable by
the target!
Voice Scrambling telephones
These are special telephone devices (like the red telephone Dr.
Strangelove has)
and now are also available on the market. Their level of security
may be very
modest depending on the legislation currently in force in their
country of origin.
Fax machines
As things stand, fax machines should be considered as insecure
as telephones.
Fax-encrypting machines do exist, but their security level is
contingent on
legislation in their country of origin, as above. Cordless telephones
Some older models transmit just above the AM broadcasting band
and can thus
be easily intercepted. Commercially-available scanners enable
the more recent
models to be tapped. Sometimes certain sound wave inversion
techniques are
recommended in order to combat tapping, but these solutions
only provide
a very low level of confidentiality.
Cellular phones
The situation here is more complex.
It is worth mentioning here the US Administration s attempt to
impose the
Clipper standard on all portable phones developed in the United
States.
This would have allowed government agencies to retain keys enabling
them to
eavesdrop on conversations.
Moreover, details of the encryption algorithm Skipjack , developed
by
the NSA, have not been made public.
GSM
With regard to confidentiality, GSM uses a protocol known as A5.
There are two versions of this system: A5/1 and A5/2, which meet
different needs.According to some experts, A5/2 is less secure
than A5/1,
which we will now discuss.
- The A5/1 protocol in theory uses 64 bits. But Wagner told us
that in practice
, in every phone he had seen, 10bits had been systematically
replaced with
zeros, thus reducing the theoretical security of the system to
54 bits.
The system is therefore even less secure than the 56 bits offered
by DES,
which can now be cracked all too easily.
Work conducted before this discovery had already reduced the real
security
of the system to 40 bits. It is therefore quite possible that
by using similar
methods, i.e. assuming that 10 bits are equal to zero, the actual
security level
of A5/1 and hence the confidentiality of conversations - can
bereduced
even further.
On 24 February 1999, at the GSM World Congress in Cannes (France),
Charles Brookson
announced that GSM security had been reviewed and in particular
that
COMP128 had been revised.
ISDN
It is technically possible to tap an ISDN telephone with the help
of software
that remotely activates the monitoring function via the D channel,
obviously
without physically lifting the receiver.It is therefore easy
to eavesdrop on
certain conversations in a given room.
Internet communications
In a nutshell, the traditional mail equivalent of an e-mail on
the Internet is a
postcard without an envelope. Basically, such messages can be
read. If they
are in plaintext, they can be understood and any secret reader
can take
measures which are detrimental to the two parties wishing to
communicate.
The TEMPEST effect
TEMPEST is the acronym for Temporary Emanation and Spurious
Transmission, i.e. emissions from electronic components of electromagnetic
radiation in the form of radio signals. These emissions can
be picked up by
AM/FM radio receivers within a range varying from a few dozen
to a few
hundred metres. Building on these data it is then possible to
reconstruct the
original information. Protective measures against such risks
consist of placing
the source of the emissions (central processors, monitors, but
also cables)
in a Faraday cage, or jamming the electromagnetic emissions.
The NSA has published several documents on TEMPEST.
NOTE: All computers work by means of a micro-processor (chip).
The PC chip market is dominated by Intel, which has a market
share of over
80%. On 20 January 1999 Intel unveiled its new PSN- equipped
Pentium III processor.
PSNs
Pentium III processors have a unique serial number called PSN
(Processor Serial Number).Intel devised this technique in order
to promote
electronic commerce. The aim of the serial number is to enable
anybody
ordering goods via the Internet to be identified. Intel maintains
that all users
will be able to retain control over whether or not to allow
their serial number
to be read. However, software techniques enabling the number
to be read have
already been discovered.
It is therefore possible to obtain the PSN secretly and to track
the user without
his or her knowledge.
Political details
Some of you might be wondering after all these, how can it be
possible for a
goverement to have such intercepting capabilities without breaking
some
Privacy or Human Rights Act.
The Wassenaar Arrangement
Acknowledging the end of the Cold War, on 16 November 1993
in The Hague representatives of the 17 member states of COCOM
decided to
abolish the committee and replace it with a body which reflected
the new
political developments.
The decision to wind up COCOM was confirmed in
Wassenaar (Netherlands) on 29-30 March 1994 and came into effect
on 31
March 1994.
The foundations of the agreement on COCOM's successor were
laid on 19 December 1995, once again in Wassenaar, and the inaugural
meeting was held on 2-3 April 1996 in Vienna, which since then
has become
the site of the Permanent Representation of the Wassenaar Agreements.
The Arrangement concerns export controls for conventional arms
and sensitive
technological products. Participating countries are:
Germany, Argentina, Australia, Austria, Belgium, Bulgaria, Canada,
Denmark,
United States, Russian Federation, Finland, France, Spain, Greece,
Hungary,
Ireland, Italy, Japan, Luxembourg, Norway, New Zealand, the Netherlands,
Poland, Portugal, Republic of Korea, Slovak Republic, Czech Republic,
Romania, United Kingdom, Sweden, Switzerland, Turkey and Ukraine.
This list of 33 countries includes, in particular, those of the
European Community and the signatories to the UKUSA agreement.
The ECHELON system forms part of the UKUSA system but unlike many
of the electronic spy systems developed during the cold war, ECHELON
is designed for primarily non-military targets: governments, organisations
and
businesses in virtually every country.
Nowadays almost all economic information is exchanged through
electronic
means (telephone, fax, e-mail).All digital telecommunication devices
and
switches have enhanced wiretapping capabilities.
Communication Intelligence (Comint) involving the covert interception
of foreign communications has been practiced by almost every advanced
nation since international communications became available.
NSA (National Security Agency, USA), the largest agency conducting
such operations as "technical and intelligence information derived
from foreign
communications by other than their intended recipient", defines
Comint.
Comint is a large-scale industrial activity providing consumers
with
intelligence on diplomatic, economic and scientific developments.
Besides UKUSA, there at least 30 other nations operating major
Comint
organisations.
The largest is the Russian FAPSI, with 54.000 employees.
China maintains a substantial Signal Intelligence (Signit) system,
two station
of which are directed at Russia and operate in collaboration with
the USA.
Most Middle eastern and asian nations have invested substantially
in Signit,
in particular Israel, India and Pakistan.
Some of the activities that make such a project feasible are:
Operation SHAMPROCK
High frequency radio interception
Space interception
Signit satellites
COMSAT ILC collection
Submarine cable interception
Intercepting the Internet
Covert collection of high capacity signals
New satellite networks
Apart from global surveillance technology systems, additional
tools have
been developed for surveillance. The additional tool used for
information
transferred via Internet or via Digital Global telecommunication
systems
is the capture of data with Taiga software.
Taiga software has the possibility to capture, process and analyse
multilingual information in a very short period of time
(1 billion characters per second), using key-words.
Some technical details: ECHELON modules
There are reported to be three components to ECHELON:
- The monitoring of Intelsats, international telecommunications
satellites
used by phone companies in most countries. A key
ECHELON station is
at Morwenstow in Cornwall monitoring Europe, the Atlantic and
the Indian Ocean.
- ECHELON interception of non-Intelsat regional communication
satellites.
Key monitoring stations are Menwith Hill in Yorkshire and Bad
Aibling
in Germany
- The final element of the ECHELON system is the surveillance
of
land-based or under-sea systems,
which use cables or microwave
tower networks.
Each of the five centers supply to the other four "Dictionaries"
of keywords,
phrases, people and places to "tag" and tagged intercept
is forwarded straight
to the requesting country.
- In the mid 1980s, extensive further automation of
ECHELON Comint processing was planned by NSA as
project P-415.
- The key components of the new system are
"Local Dictionary computers" which store en extensive
database on specific targets. An important point about
the new system is that before ECHELON, different countries
and different countries and different stations knew what
was being intercepted and to whom it was sent.
Now, all but a fraction of the messages selected
by Dictionary computers at remote sites are forwarded to
NSA or other customers without being read locally.
- A dictionary computer is operating at GCHQ 's
(Government Communications Headquarters; the Signit agency
of the UK)Westminster, London office. The system
intercepts thousands of diplomatic, business and personal
messages every day. The presence of dictionary computers
has also been confirmed at Kojarena, Australia;
and at GCHQ s Cheltenham, England.
- There are satellite receiving stations in
Sugar Grove/Virginia,Sabana Seca,Puerto Rico and Leitrim
Canada working also as ECHELON interception sites.
- New Zealand signit agency operates two satellite
interception terminals at Waihopai covering the
pacific Ocean which are working as ECHELON interception
sites as well.
Recommendations
Personally I recommend to people that communicate over an electronic
medium
to use either in house cryptographic technologies or in the case
of conventional
cryptographic protocols key sizes longer than 128bits for symmetric
algoritms
and at least 1024bits in assymetric cryptography.
This will not make your data totally immune to codebraking but
it will give you
a considerable amount of time before someone breaks your system.
Off course
when the adversary is a Goverment or Organised Crime you should
expect them
to have vast amounts of processing power available to them,
making their goal
easier to achieve.
Last normal users may use software such as PGP to protect their
privacy.
"...in God we trust,all others we monitor."
NSA operator moto
|
