NSA tapping undersea fibers?

Dave Emery die at die.com
Sun May 27 21:43:45 EDT 2001


On Wed, May 23, 2001 at 04:08:34PM -0700, Steve Bellovin wrote:
> There's a long, fascinating article in the 23 May Wall Street Journal 
> on how NSA is (allegedly) tapping undersea fiber optic cables.  It's 
> not clear that this is feasible, but the article claims that the 
> USS Jimmy Carter, a nuclear-powered sub, is undergoing a $1 billion, 
> five-year retrofit to equip it to do the taps.  The article points out 
> that even if they can tap the cable, there's another problem: making 
> sense of that much data.

	I think the later argument is just as disengenuous as the late
60's Bell System officials who said exactly the same thing about the
open unencrypted microwave radio telephone links of that era.   Both
those microwave links and the undersea fibers contain highly structured
and organized information streams - individual voice channels, T1s, T3s,
IP streams, wideband data circuits are not at all difficult to extract
from the composite traffic and mapping the layout of the whole river of
information is by no means overwhelmingly difficult (and might be aided
by quiet help from the carriers or individual employees of the
carriers).  And the mapping tends to be pretty static over time, or at
least to change in predictable ways.  Finding and recording the most
interesting circuits is by no means an insurmountable task - nor is
filtering out most of the stuff that isn't interesting.   The only hard
problem is if the NSA insists on groveling through absolutely everything
sent, but this is true of their problem in general these days and not
just special to undersea cables.   And clearly the right undersea cables
contain an awful lot of useful stuff if you are the NSA... 

	And given modern high capacity digital storage systems, handling
low gigabytes a second is not that difficult either (most current
undersea cable systems only transmit between 2.5 and 20 gigabits a
second or so).   IO bandwidths in large fast servers are of this order
or more these days... 

	The much more interesting problem that gets rather short shrift
in the WSJ article is how the real time time critical intercepts get
from a submarine hiding in stealth 1200 feet under the ocean to Fort
Meade and then to policy makers.  Some fraction of the traffic is still
interesting after weeks or months when tapes or disks can be flown back
to Fort Meade but much more of it is only useful if it is available
within seconds or minutes during a crisis and not weeks or months later.
  Traditional microwave radio and satellite intercepts get back to Fort
Meade or the RSOCs in milliseconds but as more and more traffic flows
through cables that can only be tapped by hiding billion dollar nuclear
submarines a lot of the timeliness of NSA operations goes away.

	The IVY BELLS tap technology exmplyed against Soviet analog
undersea cables in the 70s allegedly involved hooking up a nuclear
radioisotope powered pod with tape recorders in it that was left in
place for almost a year between submarine visits to recover the tapes -
this would be rather hard to do with the gigabytes per second flowing
through a modern fiber cable - there is no (unclassified) recording
technology with anything like the storage capacity to record everything
or even a significant fraction of everything for that long a period in a
form factor that would fit in a pod on the sea floor.

	According to published accounts, in the early Reagan years the 
intelligence community considered  running their own fiber cable to the
tap site on the Soviet analog cables to recover the data in real time -
I imagine that the same thing has been considered as a solution to the
current problem of recovering data from undersea fiber taps while it
is still fresh enough to be useful.  But in general it is a harder problem
than actually tapping the cable or dealing with the rivers of data it
contains.



-- 
	Dave Emery N1PRE,  die at die.com  DIE Consulting, Weston, Mass. 
PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2  5D 27 BD B0 24 88 C3 18




---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com




More information about the cryptography mailing list