NSA Documents Attacks on VPN, SSL, TLS, SSH, Tor
Attacks against Crypto
- Guide for Analysts on how to use the PRISM Skype Collection
- GCHQ Briefing on the BULLRUN Program
- GCHQ Presentation on the BULLRUN Programs Decryption Capabilities
- NSA LONGHAUL program for end-to-end attack orchestration and key recovery service
- BLUESNORT program on "Net Defense" from Encrypted Communications
- Presentation from the SIGDEV Conference 2012 explaining which encryption protocols and techniques can be attacked and which not
- NSA program SCARLETFEVER explaining how attacks on encrypted connections are orchestrated
- Description of VOIP Telephony Encryption methods and cryptanalytic and other ways to attack
Attacks on SSL/TLS
Attacks on VPN
- NSA High Level Description on TURMOIL / APEX Programs on Attacking VPN
- Explanation of the GALLANTWAVE that decrypts VPN Traffic within LONGHAUL
- Intro to the VPN Exploitation Process mentioning the protocols attacked - PPTP, IPSEC, SSL, SSH)
- Analytic Challenges from Active-Passive Integration when NSA attacks IPSEC VPNs
- Overview of the capabilities of the VALIANTSURF program
- MALIBU Architecture Overview to exploit VPN Communication
- POISENNUT Virtual Private Network Attack Orchestrator (VAO)
- NSA Presentation on the development of Attacks on VPN
- NSA Presentation on the Analysis and Contextualisation of data from VPN
- Description of existing projects on VPN decryption
- Explanation of the Transform Engine Emulator when attacking VPN
- Explanation of the POISENNUT Product and its role when attacking VPN
- Explanation of the TURMOIL GALLANTWAVE Program and its role when attacking VPN
- Processing of data from exploited VPN in the TURMOIL program
- Decryption of VPN Connections within the VALIANTSURF program
- Description on the processing of VPN data packets within the TURMOIL program
- Explanation on the SPIN9 program on end-to-end attacks on VPN
Deanonymizing
- Explanation of a potential technique to deanonymise users of the TOR network
- Analytics on security of TOR hidden services
- Overview on Internet Anonymization Services on how they work
- TOR deanonymisation research
- TOR Overview of Existing Techniques
- A potential technique to deanonymise users of the TOR network
Cryptanalytics
- General Description how NSA handles encrypted traffic
- Intercept with PGP encrypted message
- Classification Guide for Cryptanalysis
- Procedural GCHQ Document on how analysts are to handle encrypted traffic
- NSA / GCHQ Crypt Discovery Joint Collaboration Activity
- NSA Cryptographic Modernization (CryptoMod) Classification Guide
- "National Information Assurance Research Laboratory (NIARL)": Newsletter, Keyword TUNDRA
- What Your Mother Never Told You About the development of Signal Intelligence
- Intercept with OTR encrypted chat
