How the US (probably) spied on European allies’ encrypted faxes

Part of a secret document published by The Guardian detailing "Dropmire," a program that reportedly spied on encrypted faxes sent to the European Union's Washington, DC, mission.
The Guardian

US intelligence services implanted bugging tools into cryptographic facsimile devices to intercept secret communications sent or received by the European Union's Washington, DC outpost, according to the latest leak from former National Security Agency staffer Edward Snowden. Technical details are scarce, but security experts reading between the lines say the program probably relies on an old-school style of espionage that parses electric currents, acoustic vibrations, and other subtle types of energy to reveal the contents of encrypted communications.

The bugging method was codenamed Dropmire, and it appears to rely on a device being "implanted on the Cryptofax at the EU embassy, DC," according to a 2007 document partially published Sunday by The Guardian. An image included in the document, presumably taken from a transmission traveling over a targeted device, showed highly distorted text that can just barely be read by the human eye as the letters "EC" followed by "NCN." The fax device was used to send cables between foreign affairs ministries and European capitals, according to Sunday's report.

The ability to approximate the plaintext message but not capture it as it appeared when fully decrypted likely means Dropmire didn't crack the precise algorithm or key used to encrypt the message. That—along with the detail about something being "implanted" in the fax device—has led to speculation that the program monitored electrical, mechanical, or acoustical energy emanating from the device to deduce clues about the plaintext messages being received. Such techniques fall under the umbrella term Tempest, which was coined more than three decades ago as an NSA tactic for reading sensitive communications relating to national security. More recently, Tempest has come to mean any investigation or analysis that uses so-called "compromising emanations" to reveal the contents of sensitive communications or lead to the decryption of encrypted data.

Read 11 remaining paragraphs | Comments