Yet again activists demonstrate they are less honest than the NSA. Today, Der Spiegel has released more documents about the NSA. They largely confirm that the NSA is actually doing, in real-world situations, what we'ved suspected they can do. The text of the article describing these documents, however, wildly distorts what the documents show. A specific example is a discussion of something call "TUNDRA".
It is difficult to figure out why TUNDRA is even mentioned in the story. It's cited to support some conclusion, but I'm not sure what that conclusion is. It appears the authors wanted to discuss the "conflict of interest" problem the NSA has, but had nothing new to support this, so just inserted something at random. They are exploiting the fact the average reader can't understand what's going on. In this post, I'm going to describe the context around this.
TUNDRA was a undergraduate student project, as the original document makes clear, not some super-secret government program into cryptography. The purpose of the program is to fund students and find recruits, not to create major new advances in cryptography.
It's given a code-name "TUNDRA" and the paragraph in the document is labeled "TOP SECRET". The public has the misconception that this means something important is going on. The opposite is true: the NSA puts codenames on nearly everything. Among the reasons is that by putting codenames even on trivial things, it prevents adversaries from knowing which codenames are important. The NSA routinely overclassifies things. That's why so many FOIA requests come with the "TOP SECRET" item crossed out -- you classify everything as highly as you can first, then relax the restriction later. Thus, unimportant student projects get classified codenames.
The Spiegel article correctly says that the "agency is actively looking for ways to break the very standard it recommends", and it's obvious from context that that the Spiegel is implying this is a bad thing. But it's a good thing, as part of the effort in improving encryption. You secure things by trying to break them. That's why this student project was funded by the IAD side of the NSA -- the side dedicated to improving cryptography. Most of us in the cybersecurity industry are trying to break things -- we only trust things that we've tried to break but couldn't.
ECB penguin" shows. As you can see in the image, when you encrypt a bitmap image of a penguin, you can still see it's a penguin despite the encryption. Finding appropriate modes other than "electronic codebook" is an important area of research. [***]
The NSA already has ways of attacking ECB mode, as the penguin image demonstrates. I point this out because if the NSA already has a "handful of ways" of doing something, adding one more really isn't a major new development. Thus, even if you don't understand cryptography, it should be obvious that the inclusion of TUNDRA in this story is pretty stupid.
Journalism is supposed to be different from activism. Journalists are supposed to be accurate and fair, to communicate rather than convince. The activist has the oppose goal, to convince the reader, even if that means exploiting misinformation. We see that in this Der Spiegel article, where the TUNDRA item is distorted into order to convince the reader that the NSA is doing something evil.
Update: [***] There has been some discussion on Twitter about the ECB penguin above. That's because where the document says "electronic codebook", it may not necessarily be referring to ECB mode (even though ECB stands for "electronic codebook"). That's because "codebook" is also just another name for "block cipher", the more common/modern name for encryption algorithms like AES.
Regardless, the principle still holds: it's not AES that TUNDRA attacks, but the underlying "codebook" property, whatever that refers to, whether it's "block ciphers" or "block ciphers in ECB mode". Also regardless, since it's an undergraduate project designed for recruitment, it's probably something basic (like the ECB penguin) rather than a major advancement in cryptography.