[cryptography] [Cryptography] Equation Group Multiple Malware Program, NSA Implicated

Watson Ladd watsonbladd at gmail.com
Tue Feb 17 11:42:21 EST 2015

On Mon, Feb 16, 2015 at 4:58 PM, Jerry Leichter <leichter at lrw.com> wrote:
> On Feb 16, 2015, at 3:39 PM, John Young <jya at pipeline.com> wrote:
> Kaspersky Q and A for Equation Group multiple malware program, in use early
> as 1996. NSA implicated.
> https://securelist.com/files/2015/02/Equation_group_questions_and_answers.pdf
> Dan Goodin: How “omnipotent” hackers tied to NSA hid for 14 years­and were
> found at last
> http://ars.to/1EdOXWo
> Two articles that are well worth reading.
> Back in the 1980's, I knew a bunch of the security guys at DEC.  While this
> was a much less threatening time, even the DEC internal network of that
> period saw attacks here and there.  What the security guys said was that
> they had all kinds of attacks that they would find, analyze, and lock out.
> But there was this residual collection of "ghosts":  They'd see hints that
> something kind of attack had taken place, but they couldn't find any
> detailed trace of how, where, or by whom.  The guys doing it could get in
> and out and at most leave a bit of an odd, unexplainable event behind.  They
> assumed it was government attackers, but could never prove anything.
> It should be no surprise that this kind of thing has been going on for
> years.  The first papers on attacks on and defenses of computer systems from
> a military point of view go back to the 1970's.  (The Air Force took the
> early lead - or perhaps they just let more out.)  For a while, some of this
> work was in the open; the famous Rainbow Series of reports was one result.
> But then it all went dark - a fact that's now obvious in retrospect, though
> I don't recall anyone commenting on it at the time.  (One wonders if this
> was the result of the NSA taking over fully.)
> With unlimited funding and years of practice, these guys are way ahead of
> the rest of us.
> Here's an interesting comparison.  Most academic cryptographers believe that
> the NSA has lost its lead:  While for years they were the only ones doing
> cryptography, and were decades ahead of anyone on the outside, but now we
> have so many good people on the outside that we've caught up to, and perhaps
> even surpassed, the NSA.  I've always found this reasoning a bit too pat.
> But getting actual evidence has been impossible.
> So now we have some evidence from a closely related domain.  It's not as if
> the world isn't full of people attacking software and hardware, for academic
> fame, for money, just for the hell of it.  And yet here we have evidence
> that the secret community is *way* out ahead.  Sure, there are papers
> speculating about how to take over disk drive firmware.  But these guys
> *actually do it*, at scale.
> Should we be so confident that our claims about cryptography are on any
> firmer ground?

Consider the difference in motivation between the NSA and your usual
bunch of malcontents from Elbonia. The Elbonians don't have a target
list: anything that gives them credit card numbers is good. The NSA
has a target list: they need the crush depth of the Russian's latest
submarine, they can't hand over Putin's dry cleaning bill and get
credit. As a result, the NSA is going to invest more in not being
detected, and in keeping their presence beyond a few months.

However, academic cryptographers and the NSA had an interest in very
similar problems. When we see things like the MD5 collision in Flame,
they look very much like the attacks that were academically known, but
a bit different. When we see Skipjack or the DES S-box changes, it
makes a lot of sense. What is true is a lot of the more theoretical
work (Brent Water's stuff, verifiable computing) isn't relevant to the
NSA or GCHQ, as we know from declassified reports from CRYPTO. At the
same time, we don't spend years trying to crack North Vietnamese rotor
machines to figure out exactly what they were doing during the Tet
Offensive, for example.


>                                                         -- Jerry
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography

"Those who would give up Essential Liberty to purchase a little
Temporary Safety deserve neither  Liberty nor Safety."
-- Benjamin Franklin

More information about the cryptography mailing list