May 18, 2020

Maximator and other European SIGINT alliances

(Updated: May 27, 2020)

One of the topics covered by this weblog is international cooperation among signals intelligence agencies. The Snowden-revelations already provided many details about the various multilateral groups formed by the NSA's partners, like the SIGINT Seniors Europe (SSEUR or 14-Eyes) and the Afghanistan SIGINT Coalition (AFSC or 9-Eyes).

None of the NSA documents gave a hint that a few European countries also have their own secret alliance for cooperation in the fields of signals intelligence and crypto analysis. This alliance, which already exists since 1976, is codenamed Maximator and was unexpectedly revealed on April 7 in an academic article.

(This overview isn't meant to be complete, other multilateral cooperations between European agencies may exist or have existed)

The countries participating in the Maximator alliance
(click to enlarge)

The Maximator alliance

An interesting aspect to start with is that the existence of the Maximator alliance was revealed in an article by prof. dr. Bart Jacobs in Intelligence and National Security, which is an academic journal about intelligence and national security. Usually, this kind of revelations are published by major newspapers, but they didn't even pick up this story. So far only a Dutch investigative radio program, a Dutch regional newspaper and a German tech website have reported about Maximator.
Update: Meanwhile, The Register and The Economist have also reported about Maximator.
Professor Bart Jacobs is one of the leading Dutch experts on computer security and teaches at Radboud University in Nijmegen. He is also a member of the knowledge network (Dutch: kenniskring) of the CTIVD, the oversight committee for the Dutch secret services, and a member of the independent commission that is currently conducting an evaluation of the new Dutch intelligence law. Both assignments require a security clearance, which makes this revelation even more remarkable.

The secret purchase of Crypto AG

The revelation of Maximator came forth from another big scoop: the fact that in 1970, the CIA and the German foreign intelligence service BND had secretly purchased the Swiss manufacturer of encryption equipment Crypto AG, which was codenamed operation RUBICON. This was revealed on February 11, 2020, as a result of a cooperation between The Washington Post, the German broadcaster ZDF, the Swiss broadcaster SRF and the Dutch radio program Argos.

The CIA and the BND didn't install rude "backdoors" in the Crypto AG equipment, but only manipulated the cryptographic algorithms which "streamlined the code-breaking process, at times reducing to seconds a task that might otherwise have taken months." This made it very difficult to detect the manipulation. In this way, Crypto AG produced secure encryption devices that would be sold to a select number of friendly governments, and weakened systems for the rest of the world (including some European countries like Spain, Italy and Greece):

The countries that bought and used manipulated Crypto AG devices
(graphic: The Washington Post - click to enlarge)

It appeared that not only American and German intelligence benefited from the manipulated crypto devices: a few other countries (France, Sweden, the Netherlands, Denmark, the United Kingdom, Israel among others) were also informed about the weaknesses. An internal BND report from November 2012 titled "Einführung: Die Operation THESAURUS/RUBICON" calls them the cognoscenti, the ones with inside knowledge.

One of the experts consulted for the reporting about Crypto AG was Bart Jacobs, who in February of this year studied the CIA and BND documents about operation RUBICON. After reading the references to the involvement of the Netherlands he started to investigate more closely. Jacobs asked people from the intelligence community who then told him about the Maximator alliance and even provided him with some documents.

The "cognoscenti" mentioned in a BND report as shown
on Dutch television on February 13, 2020
(click to enlarge)

Start and growth of the Maximator alliance

The Maximator alliance was established in 1976 at the initiative of Denmark and at that time included only Sweden and Germany. The Netherlands was invited to join in 1977 and did so in 1978. Between these four countries there were already various bilateral cooperations and they also benefited from information about the manipulated Crypto AG algorithms.

According to Jacobs, the idea behind the alliance was to combine forces and divide tasks in order to reduce costs, especially those of the investments required by the upcoming satellite interception. Exchanging methods and jointly working on technical challenges would also make the partners more effective.

The former Dutch satellite intercept station at Zoutkamp, operational since 1983.
In 2008 it was closed after a new facility had been built in nearby Burum.
(screenshot from regional television - click for the video)

The idea to cooperate might have came up from lower level SIGINT employees with close personal ties and a shared high level of technical and cryptanalytical skills. It's not known whether or since when the responsible ministers knew about the alliance; Jacobs estimates that in total only up to 100 people may have known about it.

In 1983, France requested to join the alliance, which was supported especially by Germany and as a result France was invited in 1984 and joined in 1985. Other countries, like Norway, Spain and Italy, also asked to join, but this was rejected. One of the main reasons was that "within the Maximator alliance they were considered as lacking relevant expertise and/or experience."

Belgium was not invited to join Maximator for the same reason, but this country was also not fully trusted when it came to discipline in communications security: at least once it compromised its own communications via a basic mistake in key management.

Codenames within the Maximator alliance

Initially, the alliance between the first three members, Denmark, Sweden and Germany, was codenamed Ostsee (German for Baltic See), which in 1977 was changed to Alpenjäger (Alpine hunter). In 1979 the group got its final designation: Maximator.

This name was derived from the Bavarian beer brand Maximator. Representatives of the alliance members were drinking this beer when they met in 1979 at the former BND headquarters in Pullach near the Bavarian capital Munich.

The Maximator beer from the Augustiner brewery in Munich
(click to enlarge)

Each of the participants in the Maximator alliance also had a codename, which seem to be chosen randomly:

Member since 1976
Codename: Concilium
Participating organization: Forsvarets Efterretningstjeneste (FE)

Member since 1976
Codename: Thymian
Participating organization: Försvarets radioanstalt (FRA)

Member since 1976
Codename: Novalis
Participating organizations:
- for signals interception: Bundesnachrichtendienst (BND)
- for cryptanalysis (until 1991): Zentralstelle für das Chiffrierwesen (ZfCh)

Member since 1978
Codename: Edison
Participating organizations: Wiskundig Centrum (WKC), since 1982: Technisch InformatieVerwerkingsCentrum (TIVC), since 1996: Strategisch Verbindingsinlichtingen Centrum (SVIC), since 2014: Joint Sigint Cyber Unit (JSCU)

Member since 1985
Codename: Marathon
Participating organization: Direction Générale de la Sécurité Extérieure (DGSE)

The two components of the alliance

According to the article by professor Jacobs, the Maximator alliance was about cooperation in both signals analysis and crypto analysis:

- Signals analysis:

This was about coordinating interception mechanisms and efforts, as well as exchanging intercepted, but still encrypted messages. The focus was on intercepting and decrypting diplomatic communications, either from HF radio transmissions or SHF satellite links. These signals interception issues were discussed in multilateral meetings attended by representatives of all five Maximator members. Jacobs' article includes the covers of some of the booklets of these meetings:

Booklets from the meetings of the Maximator alliance
(source: Bart Jacobs, Maximator - click to enlarge)

- Cryptanalysis:

This involved the exchange of algorithms used in various (deliberately weakened) encryption devices used by target countries. However, it was left up to each of the individual participants to find out how to exploit the weaknesses in these algorithms and subsequently decrypt the messages. According to Jacobs, this is common practice in the intelligence community in order to prevent being fed cooked-up information. Succesful exploitations, also called "solutions", were not exchanged.

In the first few decades of the Maximator alliance, these cryptanalysis issues were discussed only bilaterally, but later on this allso happened multilaterally. For this purpose, there were bilateral communication links between the Maximator partners which were secured by dedicated crypto systems as shown in this diagram from 1990 (a direct connection between the Netherlands (E) and France (M) was established later):

Sketch of the communication lines between the Maximator partners in 1990
(flags added for clarity). The triangles seem to indicate how information
(especially intercepts) can flow from one party to another.
(source: Bart Jacobs, Maximator - click to enlarge)

A parallel alliance: the Ring of Five

While the Maximator alliance was focused on diplomatic communications, there "seems to be (or, has been) a parallel alliance for intercepting (metadata of) military communications" according to Jacobs.

It's possible that this other alliance still exists, because in a report from May 2016, the Dutch oversight committee CTIVD says that the military intelligence service MIVD participates in five alliances in which unevaluated (meta)data are exchanged. Three of these alliances also include the civilian intelligence and security service AIVD.

Jacobs suggests that the parallel alliance may be identical with a group that was created in the early 1980s and was described in 2010 by Richard Aldrich as a "mini-UKUSA-alliance called "The Ring of Five", consisting of the sigint agencies of Germany, the Netherlands, France, Belgium and Denmark - although this did not prevent them from intercepting and reading each other's communications traffic".*

These groups are not identical but are easily confused because the military alliance partly used the communications network of the Maximator group (shown in the diagram from 1990). The latter includes Sweden but not Belgium, while the Ring of Five includes Belgium but not Sweden:

Other alliances: NSA's European partners

Not mentioned in professor Jacobs' piece are some similar groups of European countries under guidance of the NSA. One of them was already mentioned in the contribution of Dutch intelligence historian Cees Wiebes to the book Secrets of Signals Intelligence during the Cold War and Beyond from 2001. Many new details emerged from the Snowden documents published from 2013 to 2019.

Since the 1950s, the members of both the Maximator alliance and the Ring of Five are so-called third party partners of the NSA, which means there's a formal bilateral relationship based upon a Memorandum of Understanding (MoU). Although this can lead to very close cooperation, it does not prevent spying on each other.

SIGINT Seniors Europe

The first multilateral group of European third party partners is that of the SIGINT Seniors Europe (SSEUR), which was founded in 1982 for sharing information on the Soviet Union's military. This group started with nine members and after 2001 grew to 14 nations, hence it is also known as the 14-Eyes. Besides the Five Eyes, the SSEUR now includes the (signals) intelligence agencies of nine European countries (see the map below).

The SSEUR is chaired by the director of the NSA and there's an SSEUR Executive Board (SSEB) that governs the day-to-day operations and oversees various subordinate groups. There's also an annual SSEUR Principals Conference in which the heads of the 14 agencies come together to discuss issues of common concern.

In 2013, GCHQ was encouraged to host a permanent joint SSEUR collaboration center where analysts from partner nations could be co-located (similar to the collaboration center of the Counter Terrorism Group (CTG) which is hosted by the Dutch AIVD).

SSEUR Counter Terrorism coalition

In December 2001, a subordinate group of the SSEUR was created called the SIGINT Seniors Europe Counter Terrorism coalition (SISECT), in which the domestic security services from the SSEUR member countries partcipate, except for those from Australia and New Zealand. This counter-terrorism group consists of many subgroups focusing on specific terrorist groups or technologies used by terrorists. SISECT also organizes a semi-annual conference and its communications facilities seem to be hosted by Norway.

Afghanistan SIGINT Coalition

In 2009, the Five Eyes plus Denmark, France, the Netherlands and Norway established the Afghanistan SIGINT Coalition (AFSC), which was initially known as the 9-Eyes. In 2010, this group was joined by Sweden and Germany and later on, Belgium, Italy and Spain also joined, after which it had the same 14 members as the SSEUR. Their military SIGINT units in Afghanistan collected GSM metadata which were fed into the NSA's Real Time Regional Gateway (RT-RG) data analysis platform. The AFSC seems to have been dissolved by the end of 2014.

SIGINT Support to Cyber Defense

The latest initiative involving the NSA's European third party partners is probably a working group of the SSEUR aimed at using signal intelligence as an early-warning against cyber attacks, a method known as SIGINT Support to Cyber Defense (SSCD). Except for Germany it's not known which the participating countries are. The earliest reference to this SSCD group is from July 2013 in a German document published by Wikileaks.

The SIGDASYS system

The SSEUR maintain a database and communications system called SIGDASYS (for Signals Intelligence Data System). It was proposed by the BND to push SIGINT to front-line NATO commanders and became operational in 1986.*

The system also acted as a back-up in case one of the countries lost its own SIGINT capacity. Later it was used for exchanging military SIGINT and other information on a quid pro quo basis. SIGDASYS helped to decrease the enormous overlap in targeting and played an important role during the 1990-1991 Gulf War (there was a seperate framework for the exchange of acoustic signals).*

Since 9/11, the system is also used for the exchange of data for SISECT's counter-terrorism mission, including call chaining diagrams, voice clips and textual materials for translation. In 2013, the NSA proposed to replace the "dated and functionally limited (but sovereign) SIGDASYS infrastructure" by an SSEUR Community of Interest (CoI) within the more advanced Global Collaboration Environment (GCE) hosted by the US.

In 2005, the SSEUR set up a dedicated tactical communications platform codenamed CENTER ICE to support the military operations of its members in Afghanistan.

Slide from an NSA presentation about the Afghanistan SIGINT Coalition (June 2009)
Published by The Intercept in May 2019
(click to enlarge)

Some final thoughts

One final question is about why the existence of the Maximator alliance has been leaked. Already the fact that apparently people from inside the Dutch intelligence community were willing to talk is highly surprising, because signal intelligence and crypto analysis are seen as the most secret parts of this business, with international cooperation on these topics being even more sensitive.

Jacobs assumes that his sources may have talked about the alliance because it all happened long ago - in the United States there's automatic declassification, which means documents from the intelligence agencies have to be declassified after 25 years, unless a specific exemption applies. In the Netherlands there's no such rule, so classified information only becomes public through a specific request for information (which is rarely very successful) or by leaking.

The claim that it's long ago could be valid when the Maximator alliance was something from the past and had been dissolved without implications for current operations and relations (it's not done to unilaterally disclose things about international cooperations), but even then (former) intelligence employees would be very reluctant to provide information. And in this case Jacobs clearly says that the alliance is still functional today.

Another option is that over the years the purpose and/or the activities of the Maximator group have changed, similar to how the SIGINT Seniors Europe moved their focus from the Soviet Union to counter-terrorism. An indication could be that in 1993, Germany retreated from its involvement in Crypto AG because spying on its European partners didn't fell comfortable anymore. After this, the BND lost its ability to exploit the Crypto AG algorithms, but Sweden apparently not.

It's not clear whether the other Maximator members continued to benefit from the weaknesses in Crypto AG's hardware encryption devices, but if so, this knowledge became largely obsolete after the year 2000, when more and more target countries shifted to software-based encryption based on public standards. Crypto AG wasn't very useful anymore and so the CIA eventually sold the company in 2018.

Links & sources
- Crypto Museum: MAXIMATOR - European signals intelligence alliance
- De Gelderlander: Het geheime afluistergenootschap van Maximator bleef vijftig jaar onder de radar (April 2020)
- Geheimdienst-Kooperation "Maximator": Die Five Eyes Europas? (April 2020)
- Argos: De afluistervrienden van Nederland (April 2020)
- Bart Jacobs: Maximator: European signals intelligence cooperation, from a Dutch perspective (April 2020)
- The Washington Post: ‘The intelligence coup of the century’ (February 2020)
- The Intercept: The powerful global spy alliance you never knew existed (March 2018)
- Cees Wiebes, "Dutch Sigint during the Cold War, 1945-94", in: Matthew M. Aid & Cees Wiebes, "Secrets of Signals Intelligence during the Cold War and Beyond", London, 2001, p. 276-277.

March 26, 2020

Edward Snowden and the STELLARWIND report

Last September, Edward Snowden published his memoir titled Permanent Record (see Part I and Part II of my extensive review). According to this book, he had one of his "atomic moments" when he read a highly classified report about the controversial NSA program codenamed STELLARWIND, somewhere in 2009 or 2010.

But one month after the book release, during a podcast interview in October 2019, Snowden said that he found that particular report only somewhere in 2012. This discrepancy makes it worth to take a close look at the STELLARWIND program: what it was about, how it was revealed, which conspiracy theories it evoked and how it's misrepresented in Snowden's book.

- Introduction
- The first revelations about STELLARWIND
- The Inspectors General report
- Searching for the classified Stellarwind report
- Bill Binney and the Utah Data Center
- Democracy Now! and a Surveillance Teach-In
- The classified STELLARWIND report
- Snowden's revelations
- Conclusion


STELLARWIND is the cover name and the classification compartment for what was officially called the President's Surveillance Program (PSP), which was authorized by president George W. Bush on October 4, 2001 as a response to the 9/11 Attacks.

The NSA had noticed that al-Qaeda terrorists used American networks and providers for their e-mail communications, but because this was cable-bound, the Foreign Intelligence Surveillance Act (FISA) from 1978 required a warrant from the FISA Court to intercept them. Had these communications been wireless, like previously over a satellite link, the NSA would not have been required to get a warrant.

Requesting a FISA warrant took four to six weeks, so terrorists could have changed their phone numbers and e-mail addresses well before the NSA received court approval.* To "fix" this, Bush unilaterally allowed the NSA to also track down the cable-bound communications of foreign terrorists without having to obtain a warrant. Therefore, this became also known as the Warrantless Wiretapping.

In a very controversial legal opinion by Justice Department lawyer John Yoo, the PSP was justified by the president's wartime powers according to Article Two of the US Constitution.* In practice, the program encompassed four components for collecting the following types of data ("internet" actually means e-mail communications):

- Telephony content
- Internet content
- Telephony metadata
- Internet metadata

It should be noted that although these data were intercepted at internet backbone cables and switching facilities inside the United States, the targets were some clearly defined groups of foreign enemies: Al-Qaeda terrorists and other targets related to Afghanistan as well as the Iraqi Intelligence services.

Overview of the President's Surveillance Program a.k.a. STELLARWIND
(click to enlarge)

The first revelations about STELLARWIND

Parts of the President's Surveillance Program were first revealed by The New York Times on December 16, 2005, saying that the NSA "has monitored the international telephone calls and international e-mail messages of hundreds, perhaps thousands, of people inside the United States without warrants over the past three years in an effort to track possible "dirty numbers" linked to Al Qaeda."

In a radio address the next day, president Bush admitted that the NSA was intercepting one-end foreign telephone and internet communications of people related to al-Qaeda. He called this publicly acknowledged part of STELLARWIND the Terrorist Surveillance Program (TSP), but stayed silent about the other components of the PSP, which involved the bulk collection of domestic metadata.

One of the sources for The New York Times story was former NSA employee Russell Tice, who had his security clearance revoked in May 2005 based on what the NSA called psychological concerns. In January 2006, Tice claimed that "the number of Americans subject to eavesdropping by the NSA could be in the millions if the full range of secret NSA programs is used."

Three years later, in December 2008, Newsweek revealed that Thomas Tamm, a former lawyer at the Justice Department, had also been one of the sources for The New York Times. Because Tamm wasn't "read into" the PSP he wasn't able to explain its full scope and the exact details. It seems that Newsweek was also the first to disclose the code name of this program: "Stellar Wind".

Two less-known revelations

On May 10, 2006, USA Today revealed that the NSA "has been secretly collecting the phone call records of tens of millions of Americans, using data provided by AT&T, Verizon and BellSouth", which the NSA used "to analyze calling patterns in an effort to detect terrorist activity". This was one of the STELLARWIND components that president Bush had kept secret, so a big scoop, which nonetheless got very little public attention.*

Also largely unnoticed was the surprisingly frank interview that Director of National Intelligence John McConnell gave to the El Paso Times in August 2007. He provided numbers about the targeted content collection under the PSP: "On the U.S. persons side it's 100 or less. And then the foreign side, it's in the thousands. Now there's a sense that we're doing massive data mining. In fact, what we're doing is surgical."

Snowden's narrative

In his book Permanent Record, Snowden writes about the initial revelation by The New York Times, which angered him because the paper delayed it more than a year because of pressure from the White House. (p. 245)

Snowden's book doesn't mention the USA Today article, nor the McConnell interview, probably because they didn't fit his narrative: USA Today had revealed the bulk collection of domestic phone records seven years before The Guardian did based upon Snowden's documents, while McConnell made it clear that the PSP was limited and targeted instead of the alleged domestic mass surveillance.

New legal authorities

In the beginning of 2004, two newly appointed officials at the Justice Department, Jack Goldsmith and James Comey, had become worried that the bulk collection of internet metadata might be illegal. This led to a dramatic fight with the White House, after which the various components of STELLARWIND were transferred from the president's authority to that of the FISA Court (FISC). The final presidential authorization expired on February 1, 2007.

The first transfer was of the bulk collection of internet metadata, which was henceforth based on Section 402 FISA (the Pen Register/Trap & Trace (PR/TT) provision) and first authorized as such by the FISC on July 14, 2004.

The new legal basis for the bulk collection of domestic telephone records was found in Section 215 of the Patriot Act, which was approved by the FISC on May 24, 2006. Because these two components of the STELLARWIND program were not publicly acknowledged, this happened in secret.

The parts of the program that had already been disclosed by the press and admitted by president Bush, the targeted collection of content, got a temporary authorization under FISC orders as of January 2007 and were then legalized by the Protect America Act (PAA) from August 2007, which was replaced by Section 702 of the FISA Amendments Act (FAA) in July 2008.

The Inspectors General report

The FAA required the inspectors general (IG) of all five agencies that participated in the President's Surveillance Program (NSA, CIA, Defense Department, Justice Department and the Office of the Director of National Intelligence) to conduct a comprehensive review of the program.

The original and highly classified joint report of these five inspectors general is almost 750 pages long and was finished on July 10, 2009. It was eventually declassified (but with significant sections redacted) in September 2015.

A short unclassified summary of this report had already been published in July 2009:

Front page of the unclassified report about the PSP
(click for the full report)

At that time, Edward Snowden worked as a systems administrator at the NSA's Pacific Technical Center (PTC) in Japan and in Permanent Record he says that he read the unclassified report about the President's Surveillance Program in the Summer of 2009, so shortly after it came out. (p. 173)

He concluded that the new FAA extended the NSA's powers: "In addition to collecting inbound communications coming from foreign countries, the NSA now also had policy approval for the warrantless collection of outbound telephone and internet communications originating within American borders." (p. 173)

It seems that Snowden, at least at the time, didn't really understand this subject, because the expansion provided by the FAA wasn't from inbound to outbound communications, but from a few specific foreign enemies (like al-Qaeda) to a wider variety of foreign intelligence targets. As such, Section 702 FAA became the legal basis for Upstream collection and the PRISM program.


Searching for the classified Stellarwind report

Snowden read the unclassified PSP report very closely because he noticed that the program also encompassed "Other Intelligence Activities" that remained classified. This gave him the impression that graver things had been going on than just targeted interception and so he went searching for the original, classified version of the report. To his surprise he couldn't find it and so after a while he dropped the issue. (p. 174)

In Permanent Record, Snowden says that "It was only later, long after I'd forgotten about the missing IG report, that the classified version came skimming across my desktop". He doesn't share how much later, but apparently it was before he left Japan in September 2010: "After reading this classified report, I spent the next weeks, even months, in a daze. [...] that's what was going on in my head, toward the end of my stint in Japan." (p. 175 & 180)

An unexpected discrepancy

But on October 23, 2019, one month after Permanent Record was published, Snowden was interviewed in the Joe Rogan Experience podcast. There, he revealed that he found the classified report only somewhere in 2012. It turned up when he ran some "dirty word searches" to help out the Windows network systems administration team that sat next to him when he was the sole employee of the Office of Information Sharing at NSA Hawaii.

Another new detail that Snowden provided during the podcast interview is that the draft report was from someone from the office of the NSA's Inspector General who had come to Hawaii. This person then left the document on a lower-security system where its classification marking STLW popped up during the dirty word search as something that shouldn't be there.

A decisive moment?

The moment when Snowden found the classified Stellarwind report is of some importance because it could have incited him to download and eventually leak the NSA files to the press. On October 18, 2013, The New York Times wrote:
"Mr. Snowden said he finally decided to act when he discovered a copy of a classified 2009 inspector general's report on the N.S.A.'s warrantless wiretapping program during the Bush administration."

Many people, however, will remember another moment that Snowden claimed as a "breaking point", namely when Director of National Intelligence James Clapper was forced to lie during a Senate committee hearing on March 12, 2013, which Snowden recalled in an interview from January 23, 2014 with the German broadcaster ARD:
"I would say sort of the breaking point was seeing the Director of National Intelligence, James Clapper, directly lie on oath to Congress. There’s no saving an intelligence community that believes it can lie to the public and the legislators who need to be able to trust it and regulate its actions.

Seeing that really meant for me that there was no going back. Beyond that, it was the creeping realisation that noone else was going to do this. The public had a right to know about these programmes."

Clappers testimony is also described in Snowden's book Permanent Record, but only as an example of how the legislative branch of government fails to exercise effective oversight of the Intelligence Community. It says nothing about whether the hearing had any special impact on himself. (p. 231)

All this seems contradictory, but the memoir suggests there actually was no single decisive moment: "The most important decisions in life are never made that way [at an instant]. They're made subconsciously and only express themselves consciously once fully formed". (p. 214)

So, if discovering the STELLARWIND report, nor Clapper's testimony were the single decisive moments and it apparently was a more gradual process, then there may have been other moments or events that influenced Snowden - like the following ones:

Bill Binney and the Utah Data Center

On March 15, 2012, Wired published a piece about the Utah Data Center (UDC), written by James Bamford, a well-known author of three books about the NSA. This article includes a number of speculations and accusations which are almost identical to those expressed later on by Snowden, who presents this data center as the "corpus delicti" for his claim that the NSA wants to store all our data forever. (p. 246-247)

Bamford's article says that "the NSA has turned its surveillance apparatus on the US and its citizens" and now wants to "collect and sift through billions of email messages and phone calls, whether they originate within the country or overseas" - hence the need for the huge new data center near Bluffdale, Utah.

The 1.5 million square feet Utah Data Center near Bluffdale, Utah in June 2013
(photo: AP/Rick Bowmer - click to enlarge)

The Wired article was also the first time that Bill Binney spoke out publicly. Binney worked at the NSA for almost four decades, first as a crypto-mathematician and later as the technical director of the NSA's World Geopolitical and Military Analysis Reporting Group. He was also the chief and one of the two co-founders of the agency's Signals Intelligence Automation Research Center (SARC).

Binney left the NSA late 2001, disillusioned by the fact that the agency chose the TRAILBLAZER collection and analysis system instead of the more efficient and cheaper THINTHREAD, which he had helped designing. Binney critized the NSA's operations after 9/11 as unconstitutional, claiming that we are close to a "turnkey totalitarian state" - which Snowden shortened to "turnkey tyranny".

In Wired, Binney claimed that STELLARWIND was far larger than has been publicly disclosed and included not just eavesdropping on domestic phone calls, but also the inspection of domestic e-mails. Binney suspected that STELLARWIND was now simply collecting everything, including financial records. Just like Snowden, Binney saw only one method to prevent this: strong encryption.

Democracy Now! and a Surveillance Teach-In

One month later, on April 20, 2012, Bill Binney appeared for the first time on American national television. Together with documentary filmmaker Laura Poitras and hacktivist Jacob Appelbaum he was interviewed in Amy Goodman's news program Democracy Now! (a full transcript can be found here).

Binney again claimed that after 9/11 "all the wraps came off for NSA, and they decided to eliminate the protections on U.S. citizens and collect on domestically". He saw this as a direct violation of the constitution and various other laws and decided he could not stay at NSA anymore.

Appelbaum repeated what he said at the HOPE conference in 2010: "I feel that people like Bill need to come forward to talk about what the U.S. government is doing, so that we can make informed choices as a democracy" - which is exactly what Snowden would do: leaking documents because "the public needs to decide whether these programs and policies are right or wrong."

Binney also said that a secret interpretation of Section 215 gave the government a "license to take all the commercially held data about us" and "having that knowledge then allows them the ability to concoct all kinds of charges, if they want to target you" - an allegation that comes back almost literally in Snowden's memoir. (p. 178)

A Surveillance Teach-In

Right after the Democracy Now! interview, Binney, Poitras and Appelbaum went to the Whitney Museum of American Art in New York City, where Poitras organized a Surveillance Teach-In, an event to present an "artistic and practical commentary on living in the contemporary Panopticon":

During the Teach-In, Bill Binney and Jacob Appelbaum discussed government surveillance and came up with claims like "each and everyone of us is targeted by the NSA". Appelbaum also presented a list with eight specific addresses of "possible domestic interception points" which he had received from an anonymous source.
(In June 2018, The Intercept identified eight locations in the United States where there's cable interception equipment for the NSA's FAIRVIEW program. Six of these locations appeared to be identical with those on Appelbaum's list. However, these facilities are not for spying on Americans, but for collecting communications of legitimate foreign targets)

Appelbaum then called upon anyone to infiltrate AT&T to find out whether these locations are really NSA listening posts: "taking direct, non-violent action is not a violation of the constitution". This, he said, was also important for privacy and civil liberties organizations: because of a lack of hard evidence and concrete harm it was almost impossible for them to fight NSA surveillance in court.

The actual incentive?

It's not clear whether there was a livestream of this meeting, so we don't know whether or when Snowden, who was in Hawaii at that time, was able to see it (the official video was put online on September 11, 2012). The Democracy Now! interviews must certainly have attracted his attention, while the Wired article about the Utah Data Center is explicitly mentioned in Permanent Record. (p. 246)

These three events took place just around the time that Snowden started his new job at the NSA in Hawaii by the end of March 2012. Therefore, it may have actually been those statements by Binney, Bamford and Appelbaum, rather than the classified STELLARWIND report that confirmed Snowden's vague suspicions of domestic mass surveillance.

And with his all-prevailing curiosity, their claims must have been an incentive to search for the evidence for those allegations. Providing that to the press would enable the public to "understand what’s actually happening in their names" and give civil liberties organizations standing in court: ACLU attorney Ben Wizner said that in his first conversation with Snowden, one of his first questions was "Do you have standing now?"

The classified STELLARWIND report

According to the podcast interview, it was at some moment during his job in Hawaii that Snowden found the highly classified draft report about the STELLARWIND program. It's not known whether this was before or after he started downloading NSA files, but given what has been discussed above, the report seems not that important anymore as starting point for that effort. The question is rather why it didn't stop him.

The first page of the highly classified STELLARWIND report
(click for the full report)

Snowden likely read this classified report as close as the unclassified version back in 2009. Doing so, the first thing he must have noticed is that the STELLARWIND program was not meant for monitoring innocent Americans. The report clearly says that it was used to track down specific groups of foreigners:
- Members of al-Qaeda and its affiliates (since October 2001)
- Targets related to Afghanistan (until January 2002)
- The Iraqi Intelligence Service (from March 2003 to March 2004)

The classified report also specifies the approximate number of selectors that had been used for targeted collection of content between October 2001 and January 2007:
- Foreign telephone numbers: 15,646
- Domestic telephone numbers: 2,612
- Foreign e-mail addresses: 19,000
- Domestic e-mail addresses: 406

Because targets located in the US (not necessarily US citizens) were extremely sensitive, each of their selectors had to be approved by the chief of the Counterterrorism product line, to ensure strict compliance with the presidential authorization.
According to the final joint Inspectors General report, the NSA IG inspected a sample of the domestic selectors in 2006 and found that 95% of them were linked to al-Qaeda or international terrorist threats inside the US. Almost all the "tippers" that the NSA sent to the FBI contained domestic selectors (phone numbers, but also some content).

The draft report says that the bulk collection of telephone records was also strictly limited to "perform call chaining and network reconstruction between known al Qaeda and al Qaeda-affiliate telephone numbers and previously unknown telephone numbers with which they had been in contact."
The final joint Inspectors General report says that in 2006, as result of the contact chaining, one of every four million metadata records were seen by analysts, who determined that it was not analytically useful to chain more than two hops from a target, even though that wasn't prohibited by the presidential authorization.

Althogether, the classified review of the STELLARWIND program shows that the NSA did filter telephone and internet backbone cables inside the US and collected a huge amount of domestic metadata, but did not use this for monitoring millions of American citizens, as many critics had assumed.*

Snowden's problems with the program

After reading the report, Snowden could have concluded that his fears about domestic mass surveillance turned out to be unfounded. But on the contrary, he hid the exculpatory evidence by leaving all the aforementioned details out of his book and even said that what he found in the report was "so deeply criminal that no government would ever allow it to be released unredacted". (p. 176)

Permanent Record says that Snowden found two things in the report which he considered evidence of illegal domestic surveillance. The first thing is that the President's Surveillance Program marked a transition "from targeted collection of communications to "bulk collection", which is the agency's euphemism for mass surveillance". (p. 176)

But that's not what happened. The NSA has always conducted bulk collection for contact chaining, although traditionally that involved foreign military communications. The real shift in 2001 was not from targeted to bulk collection, but from collection abroad to collection inside the United States - but still against foreign targets.

Section from the full report of the 5 Inspectors General about STELLARWIND
(July 10, 2009, pdf-page 30, declassified in September 2015)

A redefinition of collection?

An issue that upset Snowden even more was an alleged "redefinition" that allowed the NSA to "collect whatever communications records it wanted to, without having to get a warrant, because it could only be said to have acquired or obtained them, in the legal sense, if and when the agency "searched for and retrieved" them from its database." (p. 177-178)

But while Snowden claims that the Bush administration used this redefinition in 2004 to legitimize STELLARWIND's collection of "communications" ex post facto, the report itself says that the aforementioned theory was used as a justification only for the bulk collection of internet metadata and only until March 2004.

A few months later the collection of internet metadata was brought under FISA Court authority and based upon Section 402 FISA (PR/TT). Nothing supports the idea that this definition was used as a trick to turn the NSA into "an eternal law-enforcement agency" able "to retain as much data as it could for as long as it could - for perpetuity" as Snowden wildly speculates. (p. 178)

The NSA's original privacy rules, the 1980 US Signals Intelligence Directive 18, defined "collection" as the "intentional tasking and/or selection" of specific communications, but as Timothy Edgar noted in his book Beyond Snowden: "Even if data are not "collected" under the agency's internal definition, that does not mean the agency may violate federal laws or the Constitution."

Unprotected phone records

For the bulk collection of telephone metadata the legal situation was different, but this is also misrepresented in Snowden's book. To justify this collection, the NSA didn't need a sneaky definition, because in 1979 the Supreme Court had ruled that telephone records provided to a telecom provider are not protected under the Fourth Amendment of the US Constitution. The FISA Court also applied this to metadata collected in bulk.*

In his memoir, however, Snowden made it seem like it was the NSA's own interpretation that the Fourth Amendment didn't apply to telephone metadata,* but in the Joe Rogan podcast he explained it correct, saying that "the scandal isn't how they're breaking the law, the scandal is that they don't have to break the law" - basically admitting that the NSA's bulk collection of phone records wasn't illegal.

Section from the classified STELLARWIND report, page 16

The STELLARWIND report didn't confront Snowden with something clear and outright illegal (despite saying so in Permanent Record), but with legal interpretations he didn't agree with and which he thought the public should know about. Anyone may disagree with certain policies and legal interpretations, but that's not something covered by whistleblower protection laws.

Snowden's revelations

Even though the STELLARWIND report didn't show significant abuses, one can argue that leaking it to the press was in the public interest because it revealed the true scope of the NSA's most controversial program. But wasn't that enough? Why did Snowden continued downloading classified files? What could they reveal more than one of the NSA's most sensitive and highly classified documents?

His memoir says: "It wouldn't be enough, after all, to merely reveal a particular abuse or set of abuses, which the agency could stop (or pretend to stop) while preserving the rest of the shadowy apparatus intact. Instead, I was resolved to bring to light a single, all-encompassing fact: that my government had developed and deployed a global system of mass surveillance without the knowledge or consent of its citizenry". (p. 239)

Publication of the Verizon order

Snowden's continued scraping of NSA networks actually paid off: eventually he not only found the PRISM presentation, but also the Verizon order from April 25, 2013. This appeared to be an even better catch than the STELLARWIND report, not only because it was about the current situation, but maybe also because it contained less "inconvenient" facts.

The first page of the Verizon order from April 25, 2013
(click for the full document)

And indeed, the very first story of the Snowden-leaks was not about STELLARWIND, but about the Verizon order. It was published by The Guardian on June 5, 2013 and revealed the Section 215 program, which this time generated a lot more attention than when USA Today first wrote about this program back in 2006.

Section 215 became the most controversial part of the Snowden revelations and was therefore replaced in 2015 by the USA FREEDOM Act, under which the NSA cannot collect domestic metadata in bulk anymore, but has to request these from the telecommunication providers based upon a warrant from the FISA Court.

Publication of the STELLARWIND report

Some three weeks later, on June 27, 2013, The Guardian published the STELLARWIND report. The accompanying article, however, was only about the NSA's collection of domestic internet metadata, probably because this was the only part of the President's Surveillance Program that hadn't been reported on before.

The Guardian said nothing about how the report debunked the fears for massive domestic surveillance, but focused on the fact that bulk collection of internet metadata had continued under Obama and eventually had been ended in 2011.

The Guardian's report about the STELLARWIND program, June 27, 2013

Along with the STELLARWIND report, The Guardian published a 2007 memorandum from the Justice Department, which revealed that American's metadata (both telephone and internet) may still be subject of database queries when these metadata have already been collected (through collection systems abroad for example). This is based upon the rather controversial theory that because such metadata have already been lawfully collected, there's no actual interception and therefore no breach of applicable laws.


Ever since the NSA illegally assisted the FBI in monitoring subversive Americans and civil liberties organizations in the 1950s and 1960s, there have been people who assumed or were convinced that CIA and NSA continued to spy on American citizens, despite the strict separation between foreign intelligence and domestic surveillance imposed by the Foreign Intelligence Surveillance Act (FISA) from 1978.

The idea of CIA and NSA as all powerful enemies of the people became a conspiracy theory which Hollywood gratefully made use of. It got a new impulse in 2006, when Russell Tice claimed that the NSA could be eavesdropping on millions of Americans and Mark Klein revealed that there was interception equipment inside the AT&T switching facility in San Francisco.

Six years later, James Bamford presented the Utah Data Center as "fresh evidence" that the NSA was now spying inside the United States while Bill Binney turned the STELLARWIND program into something like the sum of all fears by suggesting that it collected almost everything. Jacob Appelbaum urged insiders to leak classified information about these programs to the public.

And that became the mission of NSA contractor Edward Snowden: providing the press with as much information about the NSA's collection efforts as possible so the general public could decide whether it was right or wrong - an unprecedented action that could only be justified when (afterwards) these files would reveal clear evidence of illegal activities and massive abuses.

Therefore Snowden seems to have had no choice but to continue and uphold the narrative of people like Tice, Binney and Bamford, which is that the NSA was unconstitutionally monitoring millions of Americans. However, one of his luckiest finds, the highly classified STELLARWIND report, actually debunks that story, which explains why its content is misrepresented in Permanent Record.

Links & sources

- Emptywheel: Stellar Wind IG Report, Working Thread (2015)
- Ars Technica: What the Ashcroft “Hospital Showdown” on NSA spying was all about (2013)
- The Guardian: NSA collected US email records in bulk for more than two years under Obama (2013)
- The Washington Post: U.S. surveillance architecture includes collection of revealing Internet, phone metadata (2013)
- Wired: The NSA Is Building the Country's Biggest Spy Center (Watch What You Say) (2012)
- NSA: STELLARWIND Classification Guide (2009)
- The NSA's STELLARWIND Classification Guide (2009)
- USA Today: NSA has massive database of American's phone calls (2006)
- The New York Times: Bush Lets U.S. Spy on Callers Without Courts (2005)

February 15, 2020

The serial numbers of NSA reports

(Updated: May 5, 2020)

On January 14, the NSA disclosed a serious vulnerability in the CryptoAPI service of the Windows 10 operating system (vulnerability identifier: CVE-2020-0601). In a rare public Cybersecurity Advisory the agency even offered further details about this issue.

An interesting detail is that this Cybersecurity Advisory has two serial numbers in the same format as the NSA uses on their Top Secret intelligence reports, some of which have been published by Wikileaks and as part of the Snowden-leaks.

The serial numbers on the NSA's Cybersecurity Advisory from January 14, 2020

The NSA's Cybersecurity Advisory has three groups of letters and numbers, the last one being the date of the document in the format month/day/year, which is typical for the United States.

The first group seems to be an external serial number, while the second group is more like an internal serial number. Below, the components of both serial numbers will be discussed in detail.

External serial number

The first serial number on the public Cybersecurity Advisory is similar to the serial numbers on a range of highly classified intelligence reports which were published by Wikileaks in June and July 2015 and in February 2016. These documents were not attributed to Edward Snowden, so they were probably provided by a still unknown "second source".

These intelligence reports were part of various editions of the "Global SIGINT Highlights - Executive Edition" briefings. Wikileaks published only one report in the original layout with header and a disclaimer. In the bottom right corner they have one or two serial numbers, one number for each source of intelligence:

NSA intelligence report about an intercepted conversation between French president
François Hollande and prime minister Jean-Marc Ayrault, May 22, 2012.
(Watermarked by Wikileaks - Click to enlarge)

The serial numbers are followed by a timestamp in the standard military notation: for example, 161711Z stands for the 16th day, 17 hours and 11 minutes ZULU (= Greenwich Mean) Time, with the month and the year as mentioned in the briefing.

The first five intelligence reports published by Wikileaks were from 2006 to 2012 and have the following serial numbers:

These kind of briefings are called serialized reports, which are described in the NSA SIGINT Reporter's Style and Usage Manual as "The primary means by which we provide foreign intelligence information to intelligence users, most of whom are not part of the SIGINT community. A report can be in electrical, hard-copy, video, or digital form, depending on the information's nature and perishability."

The NSA Style Manual also explains the serial numbers of these reports: "Serial numbers are assigned to NSA reports on a one-up annual basis according to the PDDG issuing the report. Every serial includes the classification level, the PDDG of the originator, and a one-up annual number, as in the following examples:

The classification level of a report can be represented by a variety of codes. Comparing the first part of the serial number with the classification marking of a particular report shows that they are assigned according to the following scheme (updated and corrected):

1 = ?
2 = ?
3 = (Top Secret) Comint
  E = ?
G = (Top Secret) Comint-Gamma
I = ?
  S = ?
U = Unclassified
Z = NoForn

The Producer Designator Digraph (PDDG) consists of a combination of two letters and/or numbers and designates a particular "collector". These codes refer to NSA collection facilities and programs, but those with double vowels stand for the signals intelligence agencies of the Five Eyes partnership, as was already revealed in Nicky Hager's book Secret Power from 1996:
AA = GCHQ, United Kingdom
EE = DSD, now ASD, Australia
II = GCSB, New Zealand
OO = NSA, United States
UU = CSE, Canada

The one-up annual number doesn't seem like a continuous number for each year: on the Windows vulnerability report the one-up number is 104201, which would mean that the NSA produced already over one hundred thousand reports in the first two weeks of 2020 alone. That's not realistic, so maybe there are number ranges assigned to each producer or something similar.

Finally, the year in which the report was issued is represented by its last two digits.

Internal serial number

The second series of letters and numbers on the NSA's Cybersecurity Advisory seems to be an internal serial number. In this case it's PP-19-0031, a format that we also saw on the draft of the famous NSA Inspector General's report about the STELLARWIND program, which was leaked by Edward Snowden. This draft report is dated March 24, 2009 and has the serial number ST-09-0002:

Another declassified report from the NSA's Inspector General, about the "Special Study of NSA Controls to Comply with the FISA Amendments Act §§704 and 705{b) Targeting and Minimization Procedures" has a similar serial number: ST-15-0002:

Comparing these three serial numbers indicate that the two digits in the middle represent the year and the last four digits are most likely a one-up annual number. The first two letters may be an internal code for the producer: the office, bureau or unit that prepared and issued the report.

This two-letter code doesn't correspond to the PDDG and also not to NSA's organizational designators, which has D1 for the Office of the Inspector General, so there must be another, unknown system for these codes.

Two audit reports by the NSA Inspector General have the following serial numbers:
- April 3, 2019: AU-17-0008
- March 4, 2019: AU-18-0003
This could indicate that the two letter code doesn't designate an office, bureau or unit, but a particular type of report, like AU for an audit report.


After this comparative analysis it has become clear that the serial numbers (and the date) of the NSA's Cybersecurity Advisory can be explained as follows:

On April 24, 2020, the NSA published a survey of videoconferencing services in the same format as the Cybersecurity Advisory and accordingly it has the two serial numbers and the date as discussed above:

January 16, 2020

US government uses Swiss diplomatic network to communicate with Iran

(Updated: February 12, 2020)

A number of countries are connected to each other through bilateral hotlines in order to prevent misunderstandings and miscommunications in times of severe crisis. But what when there's a crisis between two countries that don't have a hotline?

Such a situation occurred after the United States killed the Iranian general Qassem Soleimani on January 3. Because there's no hotline between these countries, the US government used the Swiss diplomatic network urging Tehran not to escalate the crisis, as was reported by the Wall Street Journal.

The Swiss embassy in Tehran
(photo: FDFA - click to enlarge)

Intermediary since 1980

Already since 1980, when Iranian revolutionaries had seized the US embassy in Tehran and took 52 Americans hostage, the Swiss acted as a messenger (or briefträger) between the American and the Iranian government. The US appointed Switzerland as its "protecting power" in Iran and a special United States Interest Section was established in the Swiss embassy for handling informal contacts.

After the American invasion of Iraq in 2003, Swiss diplomats transmitted messages with Iran to prevent direct clashes and under president Obama Switzerland hosted the talks that led to the Iran nuclear deal from 2015. The Swiss ambassador in Iran regularly visits Washington to explain Iran's politics to officials from the Pentagon, the State Department and US intelligence agencies.

The Swiss embassy in Washington DC
(photo: keystone - click to enlarge)

The Soleimani crisis

Details about the informal contacts between the US and Iran have now been revealed by the Wall Street Journal (WSJ): immediately after Washington confirmed the death of general Soleimani on January 3, the US government sent a first urgent message to Tehran asking not to escalate the situation.

The Swiss ambassador delivered the American message by hand to the Iranian foreign minister Javad Zarif early on Friday morning, as the WSJ learned from US and Swiss officials. But Zarif apparently responded to the message with anger, saying that "[U.S. Secretary of State Mike] Pompeo is a bully" and that "The U.S. is the cause of all the problems."

Two days later, on January 5, Zarif called the Swiss ambassador asking to relay his response to the US government, which appeared more restrained. This was followed by a range of back and forth messages, "far more measured than the fiery rhetoric traded publicly by politicians", which for now seem to have helped prevent a military clash between both countries.

The Swiss diplomatic network

The message from the US government to Iran "arrived on a special encrypted fax machine in a sealed room of the Swiss mission" and the WSJ adds that this "equipment operates on a secure Swiss government network linking its Tehran embassy to the Foreign Ministry in Bern and its embassy in Washington. Only the most senior officials have the key cards needed to use the equipment."

Using the secure diplomatic communications network of a third party is a good option for exchanging sensitive messages between two countries, because it's not always possible to set up a direct communications link. One of the difficulties is that in order to encrypt such communications, both parties have to use the same algorithms and, obviously, countries don't like to share their crypto systems with others.

Similar to an official direct bilateral hotline, the back channel through the Swiss diplomatic network appears to be effective, because both parties "can trust a message will remain confidential, be delivered quickly, and will reach only its intended recipients. Statements passed on the back channel are always precisely phrased, diplomatic, and free of emotion" - according to the WSJ report.

The west wing of the Federal Palace (Bundeshaus) in Bern, Switzerland,
home of the Federal Department of Foreign Affairs (FDFA)
(photo: Mike Lehmann/Wikimedia Commons - click to enlarge)

Swiss crypto manufacturers

Switzerland's neutrality is not only useful for diplomatic negotiations, but was also an advantage for the manufacturers of crypto equipment.

One of the oldest companies was Gretag AG, which goes back to 1947. In 1987 most of its cryptographic business was split off and transferred to Omnisec AG, which had been founded especially for this purpose. However, the civil encryption machines as well as those for the Swiss government were sold to AT&T in 1991. Under a new owner, this product line was renamed to Safenet Data Systems, but the company declined rapidly and was liquidated in 2004.

Most of the business had already been taken over by Omnisec AG, which had become one of the most trusted crypto-companies in the world, selling its voice, fax and data encryptors to governments, armies and intelligence services. But gradually the market for proprietary Swiss encryption technology became smaller and smaller and so the company was dissolved in February 2018.

Another Swiss crypto manufacturer is Crypto AG, which was established in 1952 by Boris Hagelin for the activities of his original Swedish company AB Cryptoteknik. Crypto AG became one of the most famous companies in the crypto business, but there were also several allegations that it cooperated with intelligence agencies like the NSA and the German BND.

On February 11, 2020, American and German news outlets revealed that in 1970, the CIA and the German foreign intelligence agency BND took over the ownership of Crypto AG, which provided them an easier access to the encrypted diplomatic and military communications of over 100 countries (the Swiss government always got the secure versions of Crypto AG's equipment though). In 1993, the BND sold its share to the CIA, which continued to run the company until 2018, when Crypto AG was sold to a Swedish entrepreneur.

The Crypto AG Fax Encryption HC-4221
(photo: Crypto AG brochure)

Swiss fax encryption systems

Both Omnisec AG and Crypto AG produced devices for encrypting fax transmissions. Omnisec had the Omnisec 525 Fax Encryptor, which was available in 2007, while Crypto AG manufactured the Fax Encryption HC-4220, which was succeeded by the HC-4221 and was still available in 2011.

These aren't secure fax machines in the strict sense, but separate crypto devices, which encrypt the signals from a commercial fax machine before being transmitted through the public switched telephone network (PSTN). As can be seen in the photo, the HC-4220 was designed to put the actual fax machine on top of it.

Currently, Crypto AG offers the HC-9300 Crypto Desktop, which is a futuristic looking touchscreen device that performs the encryption of telephone, fax, VoIP and e-mail communications. This device is available at least since 2015 and is approved by the Technical Secretariat of the OPCW to be used for inspections for example.

Maybe the Swiss diplomatic network already uses the HC-9300 to secure its fax messages, but in general, government agencies tend to be rather conservative and stick to older versions, also because new crypto equipment has to undergo rigorous testing before it may be used to protect classified information.

See also:
- The hotline between Washington and the former German capital Bonn
- The Washington-Moscow Hotline