• Choose a category
• All
• Classic-Fiction

By Root 809 0

and spies, to communicate instantly and easily, from anywhere to anywhere in the wired world. The global popularity and availability of Internet services allowed users who wished to remain undetected to blend their few messages in with billions of daily e-mails and file transfers; the hard-to-find needle in the haystack became the nearly-impossible-to-track electron in terabytes of data. Intelligence agencies recognized the potential to exploit the Internet, as they had with satellites and cell phones in earlier decades. Covert use of the Internet, however, still demanded that traditional requirements for secure and nonattributable message exchange be met. The digital technology made message encryption and steganography far easier, but every successful covcom system, whether based on dead drops, SRAC, satellites, or the Internet, had to meet four conditions.15 The protection of the agent and the integrity of the operation demanded that covert communications be “SPAM” proof:

Top: Line drawing of the Insectothopter, an early CIA attempt to develop a miniature unmanned aerial vehicle, disguised as a dragonfly, for intelligence operations, circa 1976.

Bottom: Two prototypes of the flying Insectothopter created by the CIA, showing variations of wing-propulsion systems, circa 1976.

Secure: The message content must be unreadable to anyone other than the intended recipient. OTPs and software encryption are different paths to the same end—they protect the meaning of a covert message, even if it should be intercepted.16

Personal: The message presence must be inaccessible to anyone other than the intended recipient. A loaded-brick concealment and a video file loaded with digital steganography both provide a host for secret messages that would appear uninteresting and normal for their environment. Only the intended recipient would know to look inside.

Avoid traffic analysis: The existence of a communications link between the agent and handler must be hidden for the same reason that officers and agents traditionally used dead drops to preclude awareness of their covcom. There must not be any record of clandestine activity, including malicious software on the agent’s hard drive, to raise suspicions about the agent during a search.17

Mask the existence of the fact of communication: The fact that a communication is or has occurred must remain secret. Dead drop sites would be used only once and not approached by either the agent or the case officer if suspicion of surveillance existed. Covert Internet exchanges can use remailers, cutouts, public systems, and digital dead drops for a similar objective.

The two critical components in a successful covert digital communication system are the message and its method of delivery. The message is made secure using digital encryption and secret, or invisible, using digital steganography. Both communication techniques can be used separately or together—first performing the encryption and then hiding within another file to be transmitted over the Internet.

For centuries encryption that protected information was generated by humans and early mechanical ciphers were vulnerable to being broken by other clever humans. The development of the first high-level electromechanical encryption machine took place in 1918 and produced ciphers that were, at the time, “unbreakable” by the unaided human mind alone. Though the electromechanical machines produced secure cipher text, the technology was controlled by governments with an extraordinary need for secrecy. 18 In the mid-1970s, however, strong encryption algorithms began migrating from the sole preserve of government agencies into the public domain. By the 1990s, digital encryption algorithms were widely used for protecting Internet e-commerce, mobile telephone networks, and automatic teller machines. The end of the Cold War saw the development and broad distribution via the Internet of sophisticated encryption algorithms to any user anywhere.

Phil Zimmermann is credited with developing the first version of a public