Showing posts with label Germany. Show all posts
Showing posts with label Germany. Show all posts

October 26, 2022

A new secure red telephone for German chancellor Scholz

(Updated: August 21, 2023)

In December last year, Olaf Scholz succeeded Angela Merkel as chancellor of Germany. Since about half a year ago, he has a remarkably large red telephone at his desk, which appears to be the SINA Communicator H. This is a brand new device to conduct secure phone calls at different classification levels and part of the widely-used SINA architecture.


German chancellor Scholz with his new red telephone for secure calls
(photo: Jesco Denzel - click to enlarge)



The chancellor's office

When the German government moved back to Berlin in 1999, a new Federal Chancellery was being built that was opened in May 2001 by chancellor Gerhard Schröder. Built in a postmodern style, it is said to be one of the world's largest government headquarters, with nine floors in the central part and over 300 offices in the wings.

On the 4th floor of the main building there's a room shielded against eavesdropping for meetings of the crisis staff (Krisenstab) and the weekly meeting of the heads of the secret services with the head of the chancellery (there's no bunker underneath the building).


The small situation room in the federal Chancellary (source)
with at least three Alcatel 4039 office telephones


Next to the secure conference room is a small situation room (Lage und Krisenzentrum) where information from all over the world is collected 24/7, a selection of which is put in a folder titled Nachrichtenlage which the chancellor finds on his desk every morning, similar to the President's Daily Brief for the American president.

The chancellor's office is on the 7th floor and is very spacious, with a seating area, a conference table and a large, almost 4 meter long black desk. Chancellor Merkel didn't like this desk and used it only for phone calls to foreign leaders. For her daily work she preferred the small conference table at the opposite end of the room.



Various phones at the desk of chancellor Olaf Scholz (source)



Video impression of the chancellor's office (August 2023)


The chancellor's telephones

When Olaf Scholz took over the office from Angela Merkel in December 2021, he found two Alcatel 4039 telephone sets on his desk, one of them with an extension module providing 14 additional direct line buttons. The Alcatel 4039 is a high-end IP office phone with a tiny alphabetic keyboard as a distinctive feature.

Alcatel was the telecommunications branch of the French conglomerate Compagnie Générale d’Électricité (CGE), which in 1986 was merged with the telephone equipment part of ITT Corp. from the United States. This made Alcatel NV the world's second-largest telecommunications company. In Germany, Standard Elektrik Lorenz (SEL) had become an Alcatel subsidiary as well, with 20 percent of Germany's telephone equipment market in the early 1990s, second only to Siemens AG. In 2006, Alcatel merged with the American manufacturer Lucent Technologies to become Alcatel-Lucent, which was acquired in 2016 by the Finnish company Nokia and merged into their Nokia Networks division.
In an earlier video we saw that one of the phones had a red label and the other one a blue label. This likely indicates which phone is for classified conversations and which one for unclassified calls, according to the color codes of the German classification system:

- Blue: up to Confidential (VS Vertraulich)
- Red: Secret (Geheim) and Top Secret (Streng Geheim)

Ultimately by February 2022, the Alcatel 4039 with the blue label had been replaced by a stylish new IP phone, the IP222, made by Innovaphone. This is interesting, because Innovaphone is just a small manufacturer, but as a German company its products may be considered less risky than those of foreign manufacturers.


The IP232 made by Innovaphone (click to enlarge)



The new red telephone

The first time the new red telephone on chancellor Scholz's desk was seen was during an interview with T-Online that was published on May 15, 2022. The phone got broader attention by a photo posted on Scholz's Instagram account on September 13, 2022, during or after a 90-minute phone call with Russian president Putin.

This was picked up by the German tabloid paper BILD, which in a video report (see below) suggested that Scholz had used his new red telephone ("back from the days of the Cold War") to make the phone call with Putin. However, on its website, BILD stated that for conversations with for example the Kremlin, Scholz uses another secure line.

The latter is most likely because for a secure phone line, both parties have to use the same encryption system, and in this case it's not very likely that the Germans would provide Putin with their newest secure voice encryption technology. In the United States, a "red phone" is also used for internal command and control communications and, despite widespread popular belief, not on the famous Hotline between Washington and Moscow.






secunet Security Networks AG

BILD had also identified Scholz's new red telephone as the so-called SINA Communicator H. This device is manufactured by the German cybersecurity company secunet Security Networks AG, which is headquartered in Essen and was founded in 1997 as an offspring of the venerable testing association TÜV.

In 2004, secunet became a partner in the IT Security Partnership (Sicherheitspartnerschaft) with the federal Interior Ministry, which by then also included Rohde & Schwarz, Deutsche Telekom, Siemens, IBM Deutschland and Infineon.

Until recently, German government and military departments used voice encryption systems for ISDN, which was very popular in Germany. But German telecommunication providers are phasing out their ISDN service one by one, replacing it by Voice over IP (VoIP) via DSL. This made it urgent for the government to replace their existing voice encryption systems.


The SINA Communicator

Hence, secunet developed the SINA Communicator, for which it already had years of experience when it came to the hardware. For the necessary software for encrypted voice and video communications, secunet acquired the German company Stashcat GmbH, which in 2016 launched the Stashcat secure smartphone messenger that is used by some 50.000 German soldiers, as well as by schools, companies and local governments.

The name "SINA Communicator H" signifies that the device is part of the Secure Inter-Network Architecture (SINA) product family for securing digital data and communications (see below), in this case up to the classification level Secret. The latter is indicated by the letter H, as the last letter of the SINA product designations indicates their maximum classification level:

- S: up to VS-Nur für den Dienstgebrauch (Restricted)
- E: up to VS-Vertraulich (Confidential)
- H: up to Geheim (Secret)

As such, the SINA Communicator H was certified by the Federal Office for Information Security BSI in July 2021. Certification for organizations of the European Union and NATO has been requested.




The SINA Communicator is a fairly large and heavy device (weight ca. 5,5 kg) and despite the bulky look of its backside it won an iF Design Award earlier this year. Unlike common telephones, the SINA Communicator only has four buttons (for mute, up, down, and headset); all other functions are accessible through the 10,1" LCD touchscreen.

It seems that currently, the device can only be used for secure phone calls. A secure messenger, video telephony and the integration of thin client functionality will be part of future upgrades. Other options such as web clients, fax support, file and document transfer and multi-party messaging can also be added.

A special feature of the SINA Communicator is the Multi Level Data Separation, which means that users can communicate at different classification levels by selecting one of the approved levels via the touchscreen display. This will make it possible to use the same device to communicate with foreign partners as well.




The SINA Communicator supports up to three different networks, depending on the need of the user, which enable them to communicate at various German classification levels, or at (classified) networks of European and NATO partners, up to the level Secret.

For access to a particular network at a particular classification level, users get a hardware token in the form of a small key for each network they are authorized to. The key for each network has to be plugged into the phone to provide two-factor authentication:




The SINA Communicator can be used on dedicated government networks or directly on the public internet and is also compatible with the modernized command and control systems (Harmonisierung der Führungsinformationssysteme or HaFIS) of the German armed forces.

The Communicator uses standard VoIP protocols, including the Session Initiation Protocol (SIP) for common commercial systems and the Secure Communications Interoperability Protocol (SCIP) for secure communications with NATO partners.

Encryption is conducted with a "type A cryptographic suite" and key management through a Public Key Infrastructure (PKI) or the Internet Key Exchange version 2 (IKEv2), which can be upgraded to provide resistance against attacks by future quantum computers (PQC).


Update:

In October 2022, minister of state in the foreign office Tobias Lindner tweeted a high-resolution photo of the SINA Communicator in red, like the one on chancellor Scholz' desk (see below).

The photo shows that in the upper right corner the phone is marked with the abbreviation R-VSK, which stands for Ressortübergreifende Verschlusssachen-Kommunikation or in English: Interagency Classified Communication. This version is for use at federal government ministries and is currently being rolled out.

Next, foreign partners will be included (International, I-VSK) as well as companies where there's a need for secure communications with government agencies (Firmen, F-VSK). There are also plans to offer the system to German state governments (Länderbehörden).

To ensure its availability, the SINA Communicator is manufactured both by secunet and Rohde & Schwarz, the latter providing experience with secure communications for vehicles. The new phone system is also made redundant so it continues to function when there's a electricity blackout.



The SINA Communicator comes standard in black; the version in red seems to be for German government users to communicate up to the classification level Secret. It's not clear why this is signified with an almost completely red device, instead of with a less-eyecatching marking.

In the US, for example, the phones for calls at the highest level simply have a bright yellow bezel surrounding the display, but for the Oval Office apparently even that was standing out too much, so there the phone for secure calls looks almost identical to the one for regular phone calls, similar to the two Alcatel 4039 phones that had been on Scholz's desk.


Introduction of the SINA Commnicator H in red
(source - click to enlarge)


The SINA architecture

The SINA Communicator is the latest addition to the Sichere Inter-Netzwerk Architektur or Secure Inter-Network Architecture (SINA) to protect classified information and communications. Following a tender by the BSI, secunet started developing the SINA architecture in 1999.

SINA enables the secure processing, storage, transmission and documentation of classified information and consists of a range of terminals and network encryption devices, including:

- SINA L2 Box: Encryption at OSI layer 2 with data throughput of up to 100 GBit/s.

- SINA L3 Box: IPSec encryption at OSI layer 3 with data throughput of up to 5 GBit/s.

- SINA Workstation: Providing secure access to both classified and unclassified networks.

- SINA Workflow: Dedicated document management system for classified information




SINA encryption

At the lower classification levels, message encryption was initially conducted via the classified cryptographic algorithm CHIASMUS, but this has been replaced with the publicly available AES block cipher. The SINA products also use the Elliptic-curve Diffie-Hellman (EC-DH) for key exchange and the Elliptic-curve German Digital Signature Algorithm (EC-GDSA).

At the higher classification levels, SINA products used the classified cryptographic algorithm LIBELLE, which was stored on the PLUTO crypto processor made by Infineon. This chip was integrated in a Hardware Security Module (HSM) called PEPP1, which was manufactured by Rohde & Schwarz. LIBELLE was gradually replaced by a new classified encryption algorithm.


Usage of SINA products

In Germany, SINA products are installed at goverment departments, military facilities, companies working with classified information and critical infrastructures. Also secured by SINA encryption devices are the wide-area networks for Secret information of the German foreign intelligence service BND, as well as the global secure network connecting German embassies via the internet.

Data that are intercepted under Germany's lawful interception authorities are also secured by SINA network encryptors when they are transferred from the telecommunications provider to the appropriate government agency.

SINA devices are also certified by the responsible authorities of NATO and the European Union and used by public institutions and commercial enterprises in other countries as well. Meanwhile, some 170,000 SINA products have been installed in over 30 countries.

In the Netherlands, for example, the cybersecurity company Fox-IT equips SINA boxes with its RedFox encryption module, which comes in a commercial version and one with classified algorithms for government users.



Links and Sources
- Tagesspiegel: Sicher über Geheimes reden (2022)
- secunet: SINA Communicator H factsheet
- BSI: SINA Broschüre (2016)
- BILD: Wenn beim Kanzler das rote Telefon klingelt (2022)
- Der Spiegel: Im Kanzleramt (2005)
- Verwaltungsvorschriften: Hinweise zur Handhabung von Verschlusssachen
Geplaatst door op No comments:
Labels: ,

July 22, 2020

A unique note from the BND about European SIGINT alliances

(Updated: July 31, 2020)

Last April, an academic article by the Dutch professor for computer security Bart Jacobs revealed the existence of Maximator, a hitherto unknown SIGINT-sharing alliance of five European countries.

On July 1, the German newspaper Frankfurter Rundschau (FR) also published an article about the Maximator alliance, which includes a handwritten note by an employee of the German foreign intelligence service BND.

This note appeared to be rather spectacular, as it provides some details about two different European SIGINT alliances. Such international cooperation is among the most sensitive and secretive aspects of the intelligence business.




The handwritten note about SIGINT cooperation between BND and DGSE
(click to enlarge)



Transcript and translation

According to the Frankfurter Rundschau, the note was written in 1986 by a manager from the BND who was responsible for the Maximator alliance.

Unfortunately, his handwriting is very difficult to read, but with some puzzling and guessing it was possible to clarify most of the text (please leave a comment if you think you can correct something or fill in some of the remaining gaps).

Below is the original text of the note in German on the left side (with the abbreviations written in full) and a translation in English on the right side (updated with some good suggestions):


Title:

Tech[nische] Zusammenarbeit BND/Wicke
 		Technical cooperation BND/France


First column:

Mil[itärisch]
---------------
- .. 50 (Richtfunk VHF/UHF)
- RohMat[erial]
aust[ausch]
- 5er Club
(Wicke, Begon[ie]
Kresse-H, Pfingst-
rose)
- Bilaterale
Bespr[echungen] 2x jährlich
zusammen mit
UW
 		Military
-----------
- .. 50 (Microwave VHF/UHF)
- Raw data
exchange
- Club of Five
(France, Denmark
Netherlands-Army, Bel-
gium)
- Bilateral
talks twice a year
together with
UW


Second column:

Pol[itisch]
--------------
- Col
- RohMat[erial]
aust[ausch]
- Maximator
(Wicke (seit 1 jahr), Mohn
Begon[ie], Kresse-Mar
- Aust[ausch] Klar[text]
mat[erial] wird
abgeklärt
(Wortbanken)
einziger PD
- Bilaterale
Bespr[echungen]
 		Political
------------
- ...
- Raw data
exchange
- Maximator
(France (since 1 year), Sweden
Denmark, Netherlands-Navy
- Exchange of plain text
material will be
clarified
(Dictionaries)
only PD
- Bilateral
Talks


Third column:

Elint
------------
Austausch
Radar-Sign[ale]
Bilateral
(Wicke schwach)
CREM
 		Elint
--------
Exchange
Radar signals
Bilateral
(France weak)
CREM


Fourth column:

Krypto
------------
Col.
 		Crypto
-----------
...



Transcription of the handwritten note about cooperation between BND and DGSE
(click to enlarge)



Discussion of the content

The title of the note is hardly legible, but the Frankfurter Rundschau says it reads "Technische Zusammenarbeit" or technical cooperation between the German Bundesnachrichtendienst (BND) and the French foreign intelligence service Direction Générale de la Sécurité Extérieure (DGSE).

Then there are four columns for the subsets of Signals Intelligence (SIGINT) involved in this cooperation: first Communications Intelligence (COMINT) related to military issues as well as to political issues, then Electronic Intelligence (ELINT), and finally Crypto or cryptography which is needed to decipher communications that are encrypted.


Crypto

Regarding the cryptologic cooperation between BND and DGSE, the note only has the mysterious abbreviation "Col.", which reminds of terms like "collection" and "collaboration" but these doesn't seem to fit, given that the rest of the text is in German, which has very few words that start with "col".

According to the article by professor Jacobs, the members of the Maximator alliance (see below) exchanged algorithms used in various (deliberately weakened) encryption devices used by target countries. It was then up to the individual partners to find out how to exploit these weaknesses.


Electronic Intelligence

The note also doesn't provide much information about the cooperation between France and Germany in the field of Electronic Intelligence (ELINT), which is the collection and analysis of signals that do not contain human communications.

ELINT aims at the electronic parts of an enemies' defense network, like radars, surface-to-air missile systems and aircraft systems, so ships, aircraft and missiles can be detected by their radar and other electromagnetic radiation.

According to the note, BND and DGSE exchanged data about radar transmissions on a bilateral basis, but it also seems to say that the French capabilities were rather weak.

There are also the letters CREM or CIREM, which is probably the abbreviation of Centre d’Information sur les Rayonnements ÉlectroMagnétiques, or Center for Information on Electromagnetic Radiations, which is the old name for the French center for military SIGINT CFEEE.


Political Communications Intelligence / Maximator

The second column of the note is about Communications Intelligence about political issues. Here we see the mysterious abbreviation "Col." again, which is also in the Crypto column.

On this topic, BND and DGSE exchanged raw communication intercepts which were also shared multilaterally within the Maximator alliance. According to Jacobs, the focus of this group was on intercepting and decrypting diplomatic communications, both from HF radio transmissions and SHF satellite links.


The Maximator alliance has its own cover names for each of its partners, but in the BND note the members are listed by the regular cover names that the BND used for its foreign partners, which are names of flowers and plants:
Wicke - France (with the additional remark: "since 1 year")
Mohn - Sweden
Begonie - Denmark
Kresse-Mar - Netherlands, naval intelligence


From professor Jacobs' article we now that France requested to join the Maximator alliance in 1983. This was supported especially by Germany and as a result France was invited in 1984 and joined in 1985. So when the BND note says "since 1 year", it means the (undated) document was written somewhere in 1986.

For the Netherlands it was the Technisch Informatieverwerkings Centrum (TIVC) that participated in the Maximator group. The TIVC was the cryptanalysis centre of the Dutch Navy, which is indicated by the abbreviation "Mar" for Marine behind the cover name for the Netherlands.



The participants in the Maximator alliance and their internal cover names
(click to enlarge)


After listing the members of the Maximator alliance, the BND note probably says that the exchange of plain text intercepts will be clarified. An interesting term is Wortbanken, which seems similar* to the "dictionaries" containing the selectors used to filter content of interest out of the intercepted data streams, a method well known from the Five Eyes agencies. There also seem to be some "PD" which may stand for "Points of Discussion".

For the coordination of the exchange of political intelligence there were bilateral talks, but it's not clear whether that's just between BND and DGSE or that it also applies to the Maximator alliance. The latter would contradict Jacobs' article, which says that signals interception issues were discussed in multilateral meetings attended by all members.


Military Communications Intelligence / Club of Five

Finally, the first column of the note is about Communications Intelligence related to military issues. It starts with some letters or numbers (maybe 50?), followed by the remark that the cooperation is apparently about intercepting microwave (Richtfunk) and possibly other VHF and UHF radio transmissions.

Since the 1950s, microwave radio relay links were widely used for long-range point-to-point communications, both for civilian and military purposes. During the Cold War, the United States had the unique capability to intercept Soviet microwave traffic using satellites such as the Rhyolite/Aquacade, which could pick up the beam of a microwave link that passes the receiving antenna and radiates towards the horizon and then into space:


Interception of microwave signals by spy satellites
(image: Decora/Wikimedia Commons)


Germany and France, nor other European countries had such satellites to intercept microwave signals, so collaboration and sharing their own intercepts could have strengtened their own position compared to the capabilities of the Americans.

Just like political intelligence was shared within the Maximator group, this military intelligence was also exchanged multilaterally, but in a different group which was called "5er Club" or "Club of Five". The note also lists the members of this group, again using the regular BND cover names:
Wicke - France
Begonie - Denmark
Kresse-H - Netherlands, army intelligence
Pfingstrose - Belgium



Note that the membership of the Club of Five is slightly different from the Maximator alliance: it has Belgium instead of Sweden as a member. For the Netherlands, it was the 898th signal battalion of the Dutch army that participated in the Club of Five, probably supported by the TIVC for the cryptanalysis.

Through several listening stations along its borders as well as mobile SIGINT units, the BND itself was able to intercept microwave and radio transmissions from inside the German Democratic Republic (DDR). The signals intelligence units of the French military have similar capabilities, probably also aboard dedicated spy ships.

This Club of Five was also mentioned in professor Jacobs' piece, who referred to a book by Richard Aldrich which says that since the early 1980's there was a "mini-UKUSA-alliance called "The Ring of Five", consisting of the sigint agencies of Germany, the Netherlands, France, Belgium and Denmark". In a note, Jacobs also suggests that this group may also "have been called Fünfgruppe".

According to the BND note, the exchange of military intelligence was also discussed during bilateral meetings, in this case twice a year and together with "UW", but it is unknown what that stands for.



The scan of the note

The Frankfurter Rundschau did not only publish the written part of the note about the cooperation between BND and DGSE, but the whole sheet of notebook paper as it was scanned, including another sheet of paper that was used as a background:



The full scan of the note about cooperation between BND and DGSE
(click to enlarge)


A close look at the bottom of the scan reveals some text that bleeds through from the back side of the larger sheet of paper. Rotating, mirroring and enhancing the image shows that it's part of a bill from the German cell phone provider Smartmobil for mobile data usage for the month of May 2019:



The back side of the sheet of paper behind the BND note
(click to enlarge)


This shows that the BND note wasn't scanned before May 2019 and maybe it could even provide a lead to the person who leaked the note to the press. Therefore, it's quite sloppy that Frankfurter Rundschau didn't cut off this part to make sure that there's no trace to the source.



Thanks to Le cueilleur and Zone d'Intérêt for providing some useful information for this blog post.

Links & sources
- Zone Militaire: Cinq pays européens, dont la France, s’échangent des renseignements au sein de la discrète alliance « Maximator » (July 2020)
- Le Monde: Une petite note manuscrite du renseignement extérieur allemand brise un très vieux secret (July 2020)
- Frankfurter Rundschau: Exklusiv-Recherche: BND spionierte jahrzehntelang am Parlament vorbei (July 2020)
- Bart Jacobs: Maximator: European signals intelligence cooperation, from a Dutch perspective (April 2020)
- German website: Fernmelde- und Elektronische Aufklärung - Funk- und Funktechnische Aufklärung
- Dutch websites: 898 Verbindingsbataljon - WKC/TIVC/SVIC
- Matthew M. Aid & Cees Wiebes, "Secrets of Signals Intelligence during the Cold War and Beyond", London, 2001.

Geplaatst door op 3 comments:
Labels: ,

June 5, 2020

Bulk interception by Germany's BND and what the Constitutional Court said about it

(Updated: November 2, 2020)

On May 19, the German Constitutional Court presented its decision in a case about the untargeted interception of foreign communications by the German foreign intelligence service BND.

Unlike suggestive headlines, the Court didn't forbid this kind of collection, but ruled that more specific safeguards and more thorough oversight are needed to make it compliant with the German constitution.

The Court's decision and some recent press reports also provide interesting details about how the BND is conducting its bulk collection of data from internet cables, especially at the German internet exchange DE-CIX.




Interior of the BND data center in Pullach, near Munich in Bavaria
(screenshot from ARD television - click to enlarge)



The BND's untargeted cable tapping

It's assumed that the BND's first experience with large-scale cable tapping started with operation Eikonal, under which the Germans cooperated with the NSA for access to some fiber-optic cables at a switching center of Deutsche Telekom in Frankfurt. Operation Eikonal was part of the NSA umbrella program RAMPART-A, which aimed at gathering intelligence about targets from Russia, the Middle East and North-Africa.

Operation Eikonal started in March 2004 with intercepting telephone and fax messages and shifted to e-mail and VoIP communications in 2006. However, this resulted in only a few hundred reports a year (each consisting of one intercepted e-mail, fax message or phone call). For the NSA this was a big disappointment and the BND realized that it was impossible to fully separate foreign and domestic communications. Therefore, the operation was terminated in June 2008.

Earlier blog postings about operation Eikonal:
- Unnoticed leak answers and raises questions about operation Eikonal
- New details about the joint NSA-BND operation Eikonal
- The German operation Eikonal as part of NSA's RAMPART-A program


Overview of the joint NSA-BND operation Eikonal (2004-2008)
(click to enlarge)


(Between 2004 and 2013, BND and NSA also cooperated in satellite interception at Bad Aibling Station. Years of neglicence over there resulted in what is known as the "Selector Affair")
Detailed insights into operation Eikonal emerged from the hearings of the German parliamentary investigation commission (#NSAUA) between March 2014 and February 2017. This inquiry was set up to investigate the NSA spying activities, but soon turned its focus on the Signals Intelligence (SIGINT) operations of Germany's own foreign intelligence service.


Cable tapping at DE-CIX

While operation Eikonal itself wasn't very successful, it did provide the BND with the knowledge and the experience for conducting cable tapping on its own: in 2009 they started intercepting cables from 25 (out of over 300) internet service providers, this time at the DE-CIX internet exchange in Frankfurt am Main.

Among these 25 providers were foreign companies from Russia, Central Asia, the Middle East and North Africa, but also 6 German providers: 1&1, Freenet, Strato AG, QSC, Lambdanet and Plusserver, who almost exclusively handle domestic traffic.

It appears that this interception took place in cooperation with the DE-CIX Management and that the various providers themselves didn't knew that this was happening. A smart move, as this provides BND with just one single point-of-contact, while the individual providers could honestly deny that their cables were being intercepted.


Current practice

More information about the BND's current efforts to intercept data streams from internet exchanges like DE-CIX were provided recently by reports from the German magazine Der Spiegel en the Bavarian broadcaster Bayerischer Rundfunk (BR) in anticipation of the decision of the Constitutional Court. Additional details can be found in the full text of the Court's decision.

Both press reports were based on several internal documents from the German government and the BND, including its 72-page SIGINT Policy Manual (German: Dienstvorschrift Sigint), which provides detailed regulations for what's allowed and what's prohibited when conducting untargeted interception of communications between foreigners abroad (Ausland-Ausland Fernmeldeaufklärung).

(Intercepting one-end foreign communications is regulated by the G10 Law with the G10 Commission for approval and oversight. This commission is also responsible for interception by the domestic federal security service BfV)

Intelligence priorities

Like many other intelligence agencies, the BND is not only trying to prevent terrorism, but also provides the German government with information to support its foreign policy, as well as to prevent the proliferation of weapons of mass destructing and cyber attacks. The government arranges these goals in a document similar to the National Intelligence Priority Framework (NIPF) in the United States.

The German version of this Top Secret document is called Auftragsprofil der Bundesregierung (APB) and ranges from Priority 1 for topics that require a complete coverage (umfassender Informationsbedarf) to Priority 4 for issues with a low information need (niedriger Informationsbedarf).

According to these information needs, the BND considers whether it's necessary to intercept internet communications. In Germany, this can happen at 23 internet exchanges, with DE-CIX in Frankfurt as one of the biggest in the world, but the BND also has satellite intercept stations in Schöningen, Rheinhausen and Bad Aibling.


Access directives

Once the BND has determined where they need access, the federal chancellery (Bundeskanzleramt) issues a directive granting that access based upon the BND Law. Currently, there are 17 network access directives (Netzanordnungen): 3 of them for internet exchanges inside Germany, the other 14 mainly for satellite networks.* In practice, the BND copies about 10% of the capacity of a network that it's allowed to tap.*

Based upon these network access directives, the BND provides the network providers with an extraction directive (Ausleitungsanordnung), which usually identifies multiple networks of interest. The specific parts of these networks or transmission links which the BND is interested in are specified in separate tables (Statustabellen).*


Splitting off data streams at DE-CIX

In October 2019, DE-CIX provided the Constitutional Court with an assessment saying that it handled an average number of 47,5 trillion IP connections (IP-Verkehrsverbindungen) a day and that the BND would technically be able to copy 1,2 trillion of those IP-connections, which is 2,5% of the total traffic.

However, in the Court's decision it's said that the BND's technical installations at DE-CIX have the capacity of capturing and processing 5% of its data traffic.* The management of the exchange has no insight in how many data the BND actually extracts.

Usually traffic at internet exchanges is measured in bits per second: in October 2019, the average traffic at DE-CIX was 5 terabit per second (Tb/s). If the BND copies between 2,5 and 5% of that, that would make between 125 and 250 gigabits per second (Gb/s).

For comparison: from the Snowden revelations we know that in 2011, GCHQ had access to more than 200 communications channels ("bearers") of 10 Gb/s each - out of the around 1600 channels within all the commercial cables transiting the UK. However, GCHQ could process data from only 46 of them at a time (or 460 Gb/s).


Update:
Already in July 2013, the German television magazine FAKT reported that the BND may have acquired Narus filtering devices, which the NSA allegedly used for its Upstream collection, through a small firm called GTS (for Gesellschaft für technische Sonderlösungen) from Frankfurt am Main. From 2007 to 2010, GTS was the exclusive reseller of Narus equipment in Germany.


The DAFIS filtering system

Once data streams of interest are copied, the BND leads them to a multi-stage filter system called DAFIS. First, different types of data are identified in order to discard irrelevant ones, like video streams.* The first stage of DAFIS then deletes all communications that involve German citizens or residents.

According to government documents, this filter has a 96% to 98% accuracy, but with over a trillion connections a day, that would still leave 2 to 4 billion connections with an incorrect attribution. Therefore, the BND implements additional algorithms to prevent the collection of German communications.

Second stage

The second stage of DAFIS uses selectors (Suchbegriffe) to filter both metadata (Verkehrsdaten) and content (Inhaltsdaten). According to BR and Der Spiegel, The BND uses more than 100.000 selectors, not only telephone numbers and e-mail addresses, but also the names of chemical components of weapons of mass destruction.

In the decision of the Constitutional Court it's said that between 50 and 60%(!) of these selectors are provided by foreign partner agencies, but the BND only uses them when their type and purpose can be verified.*

Before feeding these selectors into the filtering system, BND checks whether they comply with the law, which says that it is not allowed to intercept the communications of German citizens and residents. Telephone numbers are automatically excluded by filtering out the country code 0049 for example. Also, no selectors may be tasked to monitor children under 14, except when it's about child soldiers and suicide attackers.

In the government documents it's acknowledged that no filter system can provide 100% protection, like when a German citizen living or working in Syria makes a call from a syrian number. Only by listening in to such a conversation it can be determined that it's actually protected under the German constitution and has to be deleted (and the selector marked accordingly).


Third stage

During the parliamentary investigation, a third stage of the filter system was mentioned, which was aimed at protecting "German interests". During the hearings it became clear that it filters out German companies and foreign companies with German participation (like EADS and Eurocopter) as well as the names of German politicians, among others.

Like it was the case under operation Eikonal, the DAFIS filter system is probably located in a highly secured room at the internet exchange. That saves bandwidth as only the data that remain after the final stage of the filter have to be forwarded to the BND's Signals Intelligence Center (Zentrum Technische Aufklärung), which is still located at the old headquarters compound in Pullach, where a new data center was built in 2012:



Exterior of the BND data center in Pullach, near Munich in Bavaria
(screenshot from ARD television - click to enlarge)


Content

After applying the selectors, the BND's untargeted collection results in some 270.000 pieces of communications content each day, like e-mails, phone calls and chat messages. Approximately 60% comes from collection inside Germany, 40% is collected abroad. A small percentage is received from foreign partner agencies.*

After manually sorting and analyzing these intercepts, analysts produce an average of 260 intelligence reports a day (out of a total of 720 reports from all sources).* But despite all the precautions, there are still about 30 incorrect intercepts a month, like an e-mail message or a telephone call in which a German citizen is involved.*

According to press reports, the BND's SIGINT Policy Manual says that analysts have to delete any intercepts which include sexual content or are about a romantic or sexual relationship, but when there's "sexual bragging" in a "lively public space" the analyst may continue to listen in. The same applies to cases when a target simply says things like "honey I love you".


Metadata

The metadata that remain after the DAFIS filter are stored in full, so they can be combined ("enriched") with other data sets and analyzed by computers.* A meanwhile well-known method used for analyzing telephone metadata is contact-chaining. The BND Law says that metadata may be stored for up to 6 months and can also be shared with foreign partners in an automated way, even when they are not yet evaluated.



Operations room at the former BND headquarters in Pullach
(photo: Martin Schlüter - click to enlarge)



The judgement of the Constitutional Court

Already during the parliamentary investigation of the relationship between the NSA and the BND, the German government came up with a substantial amendment of the law that regulates its foreign intelligence service (BND-Gesetz). This came into effect on December 31, 2016, half a year before the end report of the investigation commission was published.

In January 2018, Reporters sans frontières and seven foreign journalists filed a constitutional complaint at the Federal Constitional Court (Bundesverfassungsgericht). They argued that the law allows the BND to indiscriminately collect the communications of foreign journalists, which imposes a risk on their confidential sources, especially when those data are shared with intelligence or security services of countries where civil liberties and press freedom are at risk.

After oral hearings on January 14 and 15, the Constitutional Court presented its decision on May 19, 2020, with the judges seated at a proper distance of each other due to the threat of the corona virus:



The German Federal Constitutional Court presenting it's
decision on the BND's untargeted cable tapping
(screenshot from Phoenix television - click to enlarge)


The main point of the Court's decision is that the fundamental rights from the constitution also bind the German government when it's acting outside German borders.

The protection of specific rights domestically can be different from the protection offered abroad, but when it comes to untargeted interception, both the protection of the privacy of telecommunication (art. 10) and the protection of the freedom of the press (art. 5) also apply to foreigners in foreign countries.

This doesn't mean that bulk collection of communications is unconstitutional in itself. It may be used as an exceptional method by a government agency that has no operative powers and when it's justified by a specific mission.* Untargeted interception may not be conducted domestically.*


Restrictions

To be in accordance with the constitution, the Court says that for this kind of collection there have to be at least the following restrictions:*
- Separation of the communications of German citizens and residents by all means available, any remaining German communications have to be deleted upon recognition;
- Limitation of the (amount of) data that can be collected;
- Collection goals have to be specified;
- Collection efforts must be in accordance with procedures;
- Additional requirements for interception of personal data;
- Limitations for storing metadata;
- Framework for data processing and analysis;
- Safeguards to protect privileged communications of lawyers and journalists;
- Protection of an inner core of private life;
- Mandatory and accountable data deletion.

The Court also decided that Germans have to be protected when they are communicating as a representative of a foreign company or organization. Previously, the BND argued that German citizens could be legally monitored when in such a position, which was known as the Funktionsträgertheorie.


International cooperation

Sharing data related to individual people is generally allowed when the foreign partner will handle them according to human rights and principles of data protection. Data may not be shared when it can be expected that they will be used for human rights violations. This requires the BND to examine the foreign legal and human rights situation. When this isn't convincing at a general level, guarantees in a specific case may also be sufficient. All this has to be documented and accountable.*

When foreign partner agencies provide selectors to be used in BND collection systems, there has to be a careful examination not only of these selectors, but also their hits. This practice also requires that the goals of the foreign partner are in accordance with those of the BND and with the rule of law. Therefore, it's not allowed to let a foreign partner collect what is prohibted domestically ("Ringtausch").*

When data are shared in an automated way without prior evaluation, the foreign partner has to provide meaningful assurances that it will delete data related to German citizens and residents, its handling of privileged communications and other boundaries imposed by the BND. Given the inherent risks, this kind of sharing is only allowed in cases of specific and concrete threats and metadata related to Germans should be filtered out.*


Oversight

Untargeted interception and sharing its results with foreign partners can only be proportionate when there's independent and comprehensive legal oversight. This has to be in the form of a body similar to the judiciary which has to investigate the subsequent stages of the interception process, including taking random samples at its own initiative. This in order to allow a judgment on the lawfulness of the entire collection method.*

For this, the oversight body has to have its own budget, its own personnel and the right to set it own procedures. It has to be provided with everything that is necessary to conduct meaningful and effective oversight. This may also not be hindered by the so-called "Third Party Rule", which means that a secret service treats the oversight body as a third party that is not allowed access to documents or data from foreign partners agencies.


The Constitutional Court gave the German government until December 31, 2021 to change the BND Law in such a way that it will be compliant with the constitution.



Links & sources
- About:intel: Try harder, Bundestag! Germany has to rewrite its foreign intelligence reform (May 22, 2020)
- Der Spiegel: Sieg für Edward Snowden (May 19, 2020)
- Golem.de: Internetüberwachung des BND ist verfassungswidrig (May 19, 2020)
- Der Spiegel: So überwacht der BND das Internet (May 19, 2020)
- Bayerischer Rundfunk: So späht der Bundesnachrichtendienst das Internet aus (May 15, 2020)

Geplaatst door op No comments:
Labels: ,

October 3, 2017

The hotline between Washington and the former German capital Bonn

(Updated: December 1, 2018)

Today, it's the German Unity Day or Tag der Deutschen Einheit, which commemorates the anniversary of the reunification of East and West Germany in 1990.

In recent years, Germany's relationship with the United States had some tough times after it was revealed that chancellor Angela Merkel had been on an NSA targeting list, and a 3-year parliamentary inquiry showed a close cooperation between the NSA and the German foreign intelligence agency BND.

One part of the relationship between Germany and the US that was never reported before, is the existance of a hotline between the White House and the office of the German chancellor. Described for the first time is also the telephone equipment that was used for this kind of top level communications links.





 

Origins

The hotline (German: heißer Draht) between Washington and Bonn was established on Marz 16, 1962, after German chancellor Konrad Adenauer had met US president John Kennedy in Washington in November 1961. Apparently it was Kennedy who came up with the idea, maybe inspired by the secure telephone line with the British prime minister that already existed since World War II. The famous hotline between Washington and Moscow was established more than a year later, in August 1963.

In October 1966, the newspaper General Anzeiger reported that besides their initial call, Kennedy and Adenauer never used the hotline, and that at the American embassy, no one was aware of this telephone link.

This had led to the strange situation that on September 27, 1966, chancellor Ludwig Erhard and US president Lyndon Johnson, unaware of the hotline established under Kennedy, also agreed to set up a direct telephone line between the White House and Palais Schaumburg, which was the German chancellor's office (Kanzleramt) from 1949 till 1976.

After the press had reported about this agreement, Adenauer said that such a hotline already existed: he had used it for four years and had calls with Kennedy quite frequently. Multiple government spokesmen then claimed that the former chancellor was wrong, until an eye-witness was found who finally confirmed what Adenauer had said.

It's not clear how often Erhard and Johnson used the hotline: one source says they used it several times, another one that it was never used, neither by Johnson and Erhard, nor by Johnson and Kurt Georg Kiesinger, who succeeded Erhard in December 1966.* Under Adenauer and Erhard, the hotline consisted of a normal telephone line without encryption.


Secure teletype

In March 1969, US president Nixon offered chancellor Kiesinger to set up a secure teletype link between the White House and Palais Schaumburg. Were they again unaware of the earlier hotline, or was an encrypted link considered more secure? In those days it was much easier to encrypt teletype messages than a telephone channel.

We don't know whether this secure link was actually established and what equipment was used, but if so, it probably consisted of the same devices used for the hotline between Washington and Moscow: a standard teleprinter made by Teletype Corp. with the encryption being performed by an Electronic Teleprinter Cryptographic Regenerative Repeater Mixer II (ETCRRM II, see photo).

The ETCRRM II used the Vernam stream cipher, in which the plain text message is mixed with a random stream of data of the same length to generate the ciphertext. If used correctly, this method has been proved to be unbreakable.


There are no reports or other sources that mention the hotline between Bonn and Washington after 1969. But a close look at some photos of the chancellor's office show dedicated American telephone sets that enable a direct and secure communications link with the White House.
 


STU-I telephone

The secure teletype hotline was replaced by a secure telephone link, probably by the end of the 1970s, after the German chancellor had moved his office to the newly built Federal Chancellery in 1976. This modern, dark brown office building with lots of glass is located near the Rhine, right next to Palais Schaumburg.



Office of chancellor Helmut Kohl in the Kanzleramt building in Bonn, 1985
(photo: Archiv Friedrich/Interfoto - click to enlarge)


On the shelf beneath the painting on the right side of the wall we see two telephone sets: at the left a common gray phone without rotary dial, which was probably part of a dedicated telephone network for government (Bonner Behördennetz?) or military communications. On the right there's a standard American telephone set with some additional buttons, which can be recognized as the STU-I secure telephone:




The STU-I was developed by the NSA and introduced in 1977. It was the first secure telephone system that used a central Key Distribution Center (KDC), as well as Linear Predictive Coding (LPC) for better speech quality. Encryption was conducted through the (classified) SAVILLE algorithm, which was developed in the late 1960s by GCHQ in cooperation with NSA for cryptographic devices used by NATO and NATO countries.

It was intended that STU-I would be as compact as possible, but in the end it became a system that consisted of two units: a converted Western Electric telephone set as voice and control terminal, and the actual encryption unit which still had the size of a small refrigerator. Therefore it was often placed in an adjacent room, with a thick gray cable leading to the voice terminal. The price of one STU-I system was 35.000,- US Dollar.



STU-I voice and control terminal
(photo: Cryptomuseum.com)


In the US, the STU-I system was replaced by the STU-II and in 1987, NSA introduced the STU-III. This one-piece secure telephone became very successful and widely used throughout the US government and military. For use by NATO forces and governments of friendly nations there was a modified version designated STU-II/B.

It seems that for the hotline with Bonn though, the old STU-I was kept operational, as its voice terminal can still be recognized in this picture of Helmut Kohl's office in 1991:



Office of chancellor Helmut Kohl in the Kanzleramt building in Bonn, 1991
(photo: picture alliance/Ulrich Baumg - click to enlarge)

Update:

Below is a photo of chancellor Kohl's office in 1989, in which we see that the STU-I telephone had been replaced by its successor, the STU-II. It's not clear how that relates to the previous picture from 1991 in which we see the old STU-I: maybe the dates of the photos are not correct, or the STU-II didn't function well and the STU-I was put back.



Office of chancellor Helmut Kohl in the Kanzleramt building in Bonn, 1989
(photo: imago stock&people - click to enlarge)
 


IST telephone

Eventually, the hotline between Bonn and Washington did get an upgrade, and the STU-I was replaced by the Integrated Services Telephone (IST). Unlike the STU phones, which are able to encrypt the voice audio themselves, the IST has no encryption capability. Instead, it is connected to a central switch, which separates secure and non-secure traffic, after which the secure traffic is encrypted in bulk by a network encryptor.

On the far right of this photo of the chancellor's office, we can recognize an IST telephone on almost the same spot as where the STU-I phone set was:



Guided tour in the chancellor's office in the Kanzleramt building in Bonn, 1999
(photo: Wikimedia Commons/Ziko-C - click to enlarge)


The phone we see here is about half the size of the standard IST: instead of the 40 direct line buttons, there are just 6, replacing some of the special function buttons above the AUTOVON keypad with the four red keys for the Multilevel Precedence and Preemption (MLPP) function:




The IST was designed by Electrospace Systems Inc. (ESI) and manufactured by Raytheon as a dedicated device for the Defense Red Switch Network (DRSN) - hence it was called a "red phone". The DRSN is the main secure telephone network for military command and control communications and connects all mayor US command centers and many other military facilities.

The small version of the IST is rarely seen, but it was in the collection of the JKL Museum of Telephony in Mountain Ranch, California, which unfortunately was completely destroyed by a wildfire two years ago:



The small version of the IST displayed
in the JKL Museum of Telephony



It is interesting to see that a secure telephone system that was developed for the internal communications of the United States military was also used for links to foreign government leaders. For this purpose the small IST phone was only seen at the German Chancellery, as well as in the office of British prime minister Tony Blair in 2003 - just like there was also an STU-I in the office of Margaret Thatcher in 1987.


Besides the hotline with Washington, there was a direct facsimile communications link between Bonn and Moscow, which was established in 1989.* The Soviet Union also had a hotline with Erich Honecker as leader of the former East-German Republic (DDR) and during a short period before East and West Germany were united in 1991, there was a hotline between Honecker and Helmut Kohl.*

 

Berlin

On October 3, 1990, East and West Germany were reunited and it was decided to make Berlin the capital again. After being elected chancellor late 1998, Gerhard Schröder moved to Berlin in 1999 and occupied the brand new Chancellery building in May 2001. With over 300 office rooms, this is said to be the largest government headquarters building in the world.

There are several pictures available of the chancellor's office in the Berlin Kanzleramt building, but no one in which equipment for the hotline can be recognized. If this telephone link is still operational, it will be part of the "Head of State network", which is used by the US president to communicate with foreign leaders and was upgraded to an IP-network by the White House Communications Agency (WHCA) in 2009.



Angela Merkel in her office in the new Chancellery building in Berlin, 2016
On her desk there are two regular high-end office phones,
apparently one for secure and one for non-secure calls
(photo: Reuters - click to enlarge)


In October 2013 it was revealed that NSA had tried to eavesdrop on chancellor Merkel's non-secure cell phone. This target was set in 2002, when Merkel was CDU party leader and because then Bundeskanzler Gerhard Schröder refused to join the US in the war against Iraq, the US government was probably interested in knowing the position of his main political opponent.

Although Merkel was an obvious espionage target, the fact that the Americans did so too made her angry: "Spying among friends - that simply isn’t done." She expressed this to president Obama in a phone call on October 23, 2013 and already on July 3, she had talked to him about the Snowden-revelations about Germany. It's not known whether these calls were made using the hotline of the Heads of State network.

This would have been rather ironic, but also typical for the world of espionage and signals intelligence, that on one hand, NSA tried to eavesdrop on chancellor Merkels cell phone, while on the other hand, the US provided highly encrypted equipment for the hotline between both countries.




Links and sources
- Der Westen: Diplomatie am Telefon - Der kurze Draht der Mächtigen
- Telefon Forum: Helmut Kohls Telefone
Geplaatst door op 4 comments:
Labels: ,
Subscribe to: Posts (Atom)
Some older articles on this weblog that are of current interest:
In Dutch: Volg de actuele ontwikkelingen rond de Wet op de inlichtingen- en veiligheidsdiensten via het Dossier herziening Wiv 2017