Feedback
Tech

Cracked encryption? Back doors? Cellphone snooping may be easier than ever

epa03927009 (FILE) A file picture dated 18 April 2013 shows German Chancellor Angela Merkel with her mobile phone in the German Bundestag parliament i...
An April 18 file photo shows German Chancellor Angela Merkel with her mobile phone in the German Bundestag parliament in Berlin, Germany. U.S. spying agencies have been monitoring German Chancellor Angela Merkel's mobile phone since 2002, German Der Spiegel magazine reported on Oct. 26.

How do you tap the cellphone of a German chancellor? While the particulars aren't confirmed, experts think the allegations that National Security Agency spies have deployed clandestine antennas on the rooftop of the U.S. embassy in Berlin and elsewhere around the world — capable of intercepting communications from virtually any cellphone, wireless network and satellite — are not only possible but pretty likely.

German news magazine Der Spiegel, in an article Sunday describing allegations that the NSA has listened in on cellphone calls by German Chancellor Angela Merkel, describes "sophisticated equipment" — antennas hidden behind windows made with "dielectric" material that allows even weak radio signals to pass through them, and attic-level rooms full of equipment to process the intercepted signals.

Beyond that, details are thin on what exactly the equipment is or how it works. Experts contacted by NBC News avoided specifics when asked to comment on the technology and techniques that may be involved, largely because the details are, at least for now, little known. But no one was surprised by the suggestion that such technology may exist and is in use.

"The odds are negligibly close to zero that the stuff isn't there," security expert and writer Bruce Schneier told NBC News in an email. "But … we don't know how it works," he added, noting that such details are lacking in the documents leaked by former NSA contractor Edward Snowden. 

Wireless is weakness
The fact that the government possesses equipment to net wireless communications is hardly new, noted Jon Peha, a professor of electrical and computer engineering at Carnegie Mellon University in Pittsburgh. "I would wager that almost as long as there have been wireless communication systems, there has been surveillance," he told NBC News.

While he does not know what equipment may be on the U.S. embassy in Berlin, he said it is straightforward to set up an antenna to intercept all sorts of signals — cellphone, Wi-Fi, satellite — "if you design systems that mimic the behavior of the intended recipient."

Digital communications are "inherently prone to eavesdropping" because they have to transit from one device to another and thus vulnerable to interception along the way, Yoshi Kohno, a computer security and privacy expert at the University of Washington, told NBC News.

In the old days, he noted, people who wrote letters and put them in the mail risked a snoop at the post office opening them, reading the contents, and then resealing them for delivery. The same is true for digital communications today. 

"Something we say is put into a digital envelope that then goes through multiple intermediaries to finally reach the destination," he explained. "And just as it would've been possible for someone in the post office to actually open letters and look inside and then reseal them, the same thing can happen for our digital communications. The question is, what access does the adversary have?"

Government-level entities, he said, may have access throughout the major telecommunications networks that allows them to intercept and read anything sent through them. This could include spy equipment embedded into the root of the telecommunications infrastructure as well as antennas to intercept communications at coffee shops (and embassy rooftops).

"It is important for people to realize that unless you're using a suitable level of encryption, the things that we are communicating on our phones are subject to eavesdropping," Kohno said.

Encryption gets cracked
The trick, noted Peha, comes in the ability to decode the stream of information the eavesdropping equipment gathers. Whether and how easily this can be done depends on the type of encryption, if any, used. That, and the capabilities of the spies.

"Does the NSA have the ability to break the encryption in a standard GSM system in real time?" Peha said in a follow-up email referring to the mobile communications system. "They obviously don't advertise the answer to that."

If done correctly, modern cryptography is impossible to break, according to Vern Paxson, a computer security expert at the University of California at Berkeley. "However, there are all sorts of algorithms from the past that do have weaknesses. There are standards that have known problems that misapply cryptography," he told NBC News.

What's more, there is an allegation — unverified — "that the NSA worked to weaken one of those standards deliberately," Paxson said.

How wide is the net?
The scope and intent of the NSA's alleged communications-gathering apparatus is what worries Paxson most. While the game of intercepting communications and finding keys to decode their contents has been played for decades, these recent allegations suggest the agency now engages in information vacuuming at a heretofore unimagined scale, with not only well-placed antennas but potentially the cooperation of telecommunications companies. 

The alleged practice is different than tapping a particular phone or bugging an office, which is subject to a policy and legal framework that provides oversight of the spying activities. What has raised increasing concerns in the past few months is the possibility of indiscriminate data collection. 

"You start getting this world where you are just potentially archiving it forever — possibly planting the seeds for incredible repression down the line if the access to that information, or the policies or the laws about it, change," Paxson said. "That just seems hugely dangerous."

Another concern for Peha stems from media reports that the NSA deliberately introduced vulnerabilities into commercial products to facilitate surveillance, such as the installation of so-called backdoors on networking equipment. 

"If those allegations are true, that concerns me because that does allow better intelligence gathering, but it also allows criminals and terrorists to break into the systems of innocent people," he said. "Vulnerabilities work for everybody."

John Roach is a contributing writer for NBC News. To learn more about him, visit his website.