February 15, 2020

The serial numbers of NSA reports

(Updated: February 16, 2020)

On January 14, the NSA disclosed a serious vulnerability in the CryptoAPI service of the Windows 10 operating system (vulnerability identifier: CVE-2020-0601). In a rare public Cybersecurity Advisory the agency even offered further details about this issue.

An interesting detail is that this Cybersecurity Advisory has two serial numbers in the same format as the NSA uses on their Top Secret intelligence reports, some of which have been published by Wikileaks and as part of the Snowden-leaks.



The serial numbers on the NSA's Cybersecurity Advisory from January 14, 2020



The NSA's Cybersecurity Advisory has three groups of letters and numbers, the last one being the date of the document in the format month/day/year, which is typical for the United States.

The first group seems to be an external serial number, while the second group is more like an internal serial number. Below, the components of both serial numbers will be discussed in detail.



External serial number

The first serial number on the public Cybersecurity Advisory is similar to the serial numbers on a range of highly classified intelligence reports which were published by Wikileaks in June and July 2015 and in February 2016. These documents were not attributed to Edward Snowden, so they were probably provided by a still unknown "second source".


These intelligence reports were part of various editions of the "Global SIGINT Highlights - Executive Edition" briefings. Wikileaks published only one report in the original layout with header and a disclaimer. In the bottom right corner they have one or two serial numbers, one number for each source of intelligence:



NSA intelligence report about an intercepted conversation between French president
François Hollande and prime minister Jean-Marc Ayrault, May 22, 2012.
(Watermarked by Wikileaks - Click to enlarge)


The serial numbers are followed by a timestamp in the standard military notation: for example, 161711Z stands for the 16th day, 17 hours and 11 minutes ZULU (= Greenwich Mean) Time, with the month and the year as mentioned in the briefing.

The first five intelligence reports published by Wikileaks were from 2006 to 2012 and have the following serial numbers:
G/OO/6411-06
G/OO/503290-08
Z-3/OO/507179-10
Z-G/OO/513370-11
Z-G/OO/503643-12
Z-G/OO/503541-12


These kind of briefings are called serialized reports, which are described in the NSA SIGINT Reporter's Style and Usage Manual as "The primary means by which we provide foreign intelligence information to intelligence users, most of whom are not part of the SIGINT community. A report can be in electrical, hard-copy, video, or digital form, depending on the information's nature and perishability."

The NSA Style Manual also explains the serial numbers of these reports: "Serial numbers are assigned to NSA reports on a one-up annual basis according to the PDDG issuing the report. Every serial includes the classification level, the PDDG of the originator, and a one-up annual number, as in the following examples:
2/OO/500123-10
3/[redacted]/123-09
S/OO/50085-09
E/OO/10466-09
I/OO/100123-10
Z-3/[redacted]/133-10"


The classification level of a report can be represented by a variety of codes. Comparing the first part of the serial number with the classification marking of a particular report shows that they are assigned according to the following scheme (updated and corrected):

1 = ?
2 = ?
3 = (Top Secret) Comint
  E = ?
G = (Top Secret) Comint-Gamma
I = ?
  S = ?
U = Unclassified
Z = NoForn


The Producer Designator Digraph (PDDG) consists of a combination of two letters and/or numbers and designates a particular "collector". These codes refer to NSA collection facilities and programs, but those with double vowels stand for the signals intelligence agencies of the Five Eyes partnership, as was already revealed in Nicky Hager's book Secret Power from 1996:
AA = GCHQ, United Kingdom
EE = DSD, now ASD, Australia
II = GCSB, New Zealand
OO = NSA, United States
UU = CSE, Canada

The one-up annual number doesn't seem like a continuous number for each year: on the Windows vulnerability report the one-up number is 104201, which would mean that the NSA produced already over one hundred thousand reports in the first two weeks of 2020 alone. That's not realistic, so maybe there are number ranges assigned to each producer or something similar.

Finally, the year in which the report was issued is represented by its last two digits.





Internal serial number

The second series of letters and numbers on the NSA's Cybersecurity Advisory seems to be an internal serial number. In this case it's PP-19-0031, a format that we also saw on the draft of the famous NSA Inspector General's report about the STELLARWIND program, which was leaked by Edward Snowden. This draft report is dated March 24, 2009 and has the serial number ST-09-0002:




Comparing these two serial numbers indicate that the two digits in the middle represent the year and the last four digits are most likely a one-up annual number. The first two letters may be an internal code for the producer: the office, bureau or unit that prepared and issued the report.

This two-letter code doesn't correspond to the PDDG and also not to NSA's organizational designators, which has D1 for the Office of the Inspector General, so there must be another, unknown system for these codes.



Conclusion

After this comparative analysis it has become clear that the serial numbers (and the date) of the NSA's Cybersecurity Advisory can be explained as follows:




January 16, 2020

US government uses Swiss diplomatic network to communicate with Iran

(Updated: February 12, 2020)

A number of countries are connected to each other through bilateral hotlines in order to prevent misunderstandings and miscommunications in times of severe crisis. But what when there's a crisis between two countries that don't have a hotline?

Such a situation occurred after the United States killed the Iranian general Qassem Soleimani on January 3. Because there's no hotline between these countries, the US government used the Swiss diplomatic network urging Tehran not to escalate the crisis, as was reported by the Wall Street Journal.



The Swiss embassy in Tehran
(photo: FDFA - click to enlarge)


Intermediary since 1980

Already since 1980, when Iranian revolutionaries had seized the US embassy in Tehran and took 52 Americans hostage, the Swiss acted as a messenger (or briefträger) between the American and the Iranian government. The US appointed Switzerland as its "protecting power" in Iran and a special United States Interest Section was established in the Swiss embassy for handling informal contacts.

After the American invasion of Iraq in 2003, Swiss diplomats transmitted messages with Iran to prevent direct clashes and under president Obama Switzerland hosted the talks that led to the Iran nuclear deal from 2015. The Swiss ambassador in Iran regularly visits Washington to explain Iran's politics to officials from the Pentagon, the State Department and US intelligence agencies.



The Swiss embassy in Washington DC
(photo: keystone - click to enlarge)


The Soleimani crisis

Details about the informal contacts between the US and Iran have now been revealed by the Wall Street Journal (WSJ): immediately after Washington confirmed the death of general Soleimani on January 3, the US government sent a first urgent message to Tehran asking not to escalate the situation.

The Swiss ambassador delivered the American message by hand to the Iranian foreign minister Javad Zarif early on Friday morning, as the WSJ learned from US and Swiss officials. But Zarif apparently responded to the message with anger, saying that "[U.S. Secretary of State Mike] Pompeo is a bully" and that "The U.S. is the cause of all the problems."

Two days later, on January 5, Zarif called the Swiss ambassador asking to relay his response to the US government, which appeared more restrained. This was followed by a range of back and forth messages, "far more measured than the fiery rhetoric traded publicly by politicians", which for now seem to have helped prevent a military clash between both countries.




The Swiss diplomatic network

The message from the US government to Iran "arrived on a special encrypted fax machine in a sealed room of the Swiss mission" and the WSJ adds that this "equipment operates on a secure Swiss government network linking its Tehran embassy to the Foreign Ministry in Bern and its embassy in Washington. Only the most senior officials have the key cards needed to use the equipment."

Using the secure diplomatic communications network of a third party is a good option for exchanging sensitive messages between two countries, because it's not always possible to set up a direct communications link. One of the difficulties is that in order to encrypt such communications, both parties have to use the same algorithms and, obviously, countries don't like to share their crypto systems with others.

Similar to an official direct bilateral hotline, the back channel through the Swiss diplomatic network appears to be effective, because both parties "can trust a message will remain confidential, be delivered quickly, and will reach only its intended recipients. Statements passed on the back channel are always precisely phrased, diplomatic, and free of emotion" - according to the WSJ report.



The west wing of the Federal Palace (Bundeshaus) in Bern, Switzerland,
home of the Federal Department of Foreign Affairs (FDFA)
(photo: Mike Lehmann/Wikimedia Commons - click to enlarge)


Swiss crypto manufacturers

Switzerland's neutrality is not only useful for diplomatic negotiations, but was also an advantage for the manufacturers of crypto equipment.

One of the oldest companies was Gretag AG, which goes back to 1947. In 1987 most of its cryptographic business was split off and transferred to Omnisec AG, which had been founded especially for this purpose. However, the civil encryption machines as well as those for the Swiss government were sold to AT&T in 1991. Under a new owner, this product line was renamed to Safenet Data Systems, but the company declined rapidly and was liquidated in 2004.

Most of the business had already been taken over by Omnisec AG, which had become one of the most trusted crypto-companies in the world, selling its voice, fax and data encryptors to governments, armies and intelligence services. But gradually the market for proprietary Swiss encryption technology became smaller and smaller and so the company was dissolved in February 2018.

Another Swiss crypto manufacturer is Crypto AG, which was established in 1952 by Boris Hagelin for the activities of his original Swedish company AB Cryptoteknik. Crypto AG became one of the most famous companies in the crypto business, but there were also several allegations that it cooperated with intelligence agencies like the NSA and the German BND.

Update:
On February 11, 2020, American and German news outlets revealed that in 1970, the CIA and the German foreign intelligence agency BND took over the ownership of Crypto AG, which provided them an easier access to the encrypted diplomatic and military communications of over 100 countries (the Swiss government always got the secure versions of Crypto AG's equipment though). In 1993, the BND sold its share to the CIA, which continued to run the company until 2018, when Crypto AG was sold to a Swedish entrepreneur.



The Crypto AG Fax Encryption HC-4221
(photo: Crypto AG brochure)


Swiss fax encryption systems

Both Omnisec AG and Crypto AG produced devices for encrypting fax transmissions. Omnisec had the Omnisec 525 Fax Encryptor, which was available in 2007, while Crypto AG manufactured the Fax Encryption HC-4220, which was succeeded by the HC-4221 and was still available in 2011.

These aren't secure fax machines in the strict sense, but separate crypto devices, which encrypt the signals from a commercial fax machine before being transmitted through the public switched telephone network (PSTN). As can be seen in the photo, the HC-4220 was designed to put the actual fax machine on top of it.

Currently, Crypto AG offers the HC-9300 Crypto Desktop, which is a futuristic looking touchscreen device that performs the encryption of telephone, fax, VoIP and e-mail communications. This device is available at least since 2015 and is approved by the Technical Secretariat of the OPCW to be used for inspections for example.

Maybe the Swiss diplomatic network already uses the HC-9300 to secure its fax messages, but in general, government agencies tend to be rather conservative and stick to older versions, also because new crypto equipment has to undergo rigorous testing before it may be used to protect classified information.



See also:
- The hotline between Washington and the former German capital Bonn
- The Washington-Moscow Hotline