« Dept. for Business, Innovation and Skills' poor use of research in THES article | Main | UK MoD Defence Cultural Specialist Unit to deploy to Helmand »
April 02, 2010
GCHQ: BBC fails to crack the code
Earlier this week, the BBC broadcast a programme on the Government Communications Headquarters (GCHQ): a UK intelligence agency. Security correspondent Gordon Corera was, very unusually, allowed some access. However, the programme was extremely disappointing: strikingly uncritical and un-probing. A few aspects of the show particularly stand out, and I will discuss them below.
Most problematically, Corera gives Iain Lobban (GCHQ's director) the opportunity to discuss what Corera calls “speculation about things called Echelon and some systems for being able to listen to all kinds of private communications”. Lobban is allowed to assert unchallenged that “it’s simply not like that”. However, there is some convincing evidence regarding the Echelon system. For example, a 2001 European Parliament report [PDF, p. 133] concludes
That a global system for intercepting communications exists, operating by means of cooperation proportionate to their capabilities among the USA, the UK, Canada, Australia and New Zealand under the UKUSA Agreement, is no longer in doubt. It may be assumed, in view of the evidence and the consistent pattern of statements from a very wide range of individuals and organisations, including American sources, that the system or parts of it were, at least for some time, code-named ECHELON. What is important is that its purpose is to intercept private and commercial communications, and not military communications. Analysis has revealed that the technical capabilities of the system are probably not nearly as extensive as some sections of the media had assumed.
It is a real shame that Corera did not push Lobban on this point. It would be fascinating to know what exactly GCHQ is claiming: are they arguing that no such system ever existed? That no such system exists now? Or, simply, that there is no longer a system which is codenamed Echelon?
Also interesting is that Joanna, a GCHQ mathematician, states that a brute force attack on encrypted files would take 50-100 years to crack the encryption. This is surprising: with 256-bit AES encryption (easy to implement on a home computer) it would take massively longer than 100 years for an implausibly large and powerful computer to crack the key through a brute force attack (PGP's CTO offers an interesting discussion of some of the issues here). The 50-100 year statement is therefore interesting, and there are a number of possible reasons for it:
- Joanna may have been outright mistaken. Possible, but seems unlikely - mathematicians tend to be rather precise, and good with numbers.
- GCHQ may have invented some kind of secret ultra-computer which goes far, far beyond what is currently thought to be possible. However, it is hard to conceive how such a thing might work (at least, way beyond my technical ability) and, if it had been invented, one would expect GCHQ to have avoided dropping any hints on a BBC programme!
- GCHQ's targets tend to use lower levels of encryption. This is possible, and seems most likely (though it's quite possible I'm missing something). Encryption which takes 'just' 50 years to brute force would generally be quite good enough for terrorist groups.
Sadly, Corera didn't seem to follow up on this - so we don't have any more information regarding why this odd timescale was mentioned.
Surprisingly, Dave (on GCHQ's Information Assurance team) claims not to employ “so-called bad people, the hackers. We don't employ hackers”. I would be rather concerned if the UK government did not make use of 'white hat' hackers in order to test their security, and it would be surprising if an agency like GCHQ did not employ any hackers (there can be lots of grey areas here - but hackers certainly aren't all bad people!) Again, Corera failed to challenge this claim.
A local news story about the programme focuses on what it revealed about the dress code of mathematicians. While the programme could have been really interesting - had it taken a more investigative approach - I suspect, sadly, that what was broadcast does not reveal much beyond some anecdotes about mathematicians wearing socks and sandals. A major missed opportunity.
Posted by jon_mendel at April 2, 2010 06:29 PM
Trackback Pings
TrackBack URL for this entry:
http://www.watsonblogs.org/cgi-bin/mt/mt-tb.cgi/1758
Comments
Remember that all the public sources about ECHELON describe a system designed in a world where the amount of global electronic communications was orders of magnitude less than what is flowing today.
Iain Lobban's comments about "surgical focus" were probably true even in the 1990's and must surely be the only way that GCHQ and NSA etc. can work today.
Brute force is not the only method of de-ciphering encrypted communications - dictionary attacks are popular, on password / pass phrases which protect the private public key encryption key, which in turn protects the private (usually machine generated) symmetric encryption key is also popular, especially where terrorist or organised criminal computers have been seized as evidence or have been under intrusive surveillance.
The most interesting bit of the programme was Iain Lobban's denial of Gordon Corera's repeated question about a "super huge database" of Communications Data - which he opined as being "impossible".
This directly contradicts the Home Office's plans for their Interception Modernisation Programme / Communications Data Bill
Posted by: wtwu at April 5, 2010 01:41 PM
Thanks for your comment. Good point re Echelon and current magnitude of electronic communications. Clearly, any present-day systems will be significantly different - and there's interesting discussion re how a 'surgical focus' might function. However, it would have been interesting to have clarified Lobban's arguments re what was and is the case.
Agree re alternatives to brute force attacks (I presume this is at least part of what Joanna was talking about when she said people make mistakes). It did sound to me like Joanna was talking about brute force approaches when she gave the 50-100yr figure, though.
Interesting point about the denial of a "super huge database" of Communications Data, and where this fits with broader plans.
Posted by: Jon Mendel at April 5, 2010 02:14 PM
