Hard to decipher what is actually happening
New details have emerged about the ISIS comms channel from Europe back to ISIS Central. The details are slightly garbled, but could indicate a fairly sophisticated use of a combination of tools and techniques to evade digital surveillance. Until someone who knows about encryption tools reviews the documents and clarifies things, we will have to guess.
The Dead Letter Drop
The following garbled account of an encrypted communications protocol can be interpreted in a number of ways.
Hame also revealed to interrogators that ISIS had set up an elaborate encrypted communication system so that it could keep in touch with its European operatives.
While with ISIS in Raqqa, he said he was instructed to encrypt communications with a software tool called “Truecrypt,” which authorities found on a thumb drive he had been given by Abaaoud. Hame said he had been taught to copy a message into the software, select an encryption option and then paste the message into a password-protected sharing site.
“An English speaking expert on clandestine communications I met over there had the same password,” Hame told interrogators. “It operated like a dead letter drop.”
TrueCrypt does not provide facilities for creating encrypted messages. The designer of this security protocol has selected a non-standard usage of the TrueCrypt software to allow two parties to communicate in a secure way which provides minimal meta-data for surveillance. There is no direct link between the two parties, the message is left on a website by the sender and recovered by the recipient. If they are careful to use the right tools, then can be a very anonymous system.
TrueCrypt, Thats Not How It Works
The software that the reporter explicitly names, TrueCrypt, is used to create encrypted disks (either on physical media, or as a file that emulates a device). Since Hame had the software on a USB key, we can deduce that he was not using it to encrypt and protect the USB key itself. It must be that TrueCrypt was being using to create and access a virtual device. This is an encrypted file, called a volume, stored on disk that is decrypted in memory and files can be placed inside. Like an encrypted locker, or cabinet.
The problem with the description provided by the reporter is that it is not possible to “paste” a TrueCrypt volume into a sharing site. It must be uploaded. Also, the message would not be the TrueCrypt volume itself, but rather the contents inside which would be the message. The TrueCrypt volume would provide the security against monitoring because the contents, the files it contains, would be encrypted.
Essentially the TrueCrypt volume is an encrypted envelope for the message.
Hame’s handler would be able to access the contents of the TrueCrypt volume because he had the same password. Essentially both parties would have access to a shared encrypted locker to which they both possessed the key. The problem is then, how to transfer the locker from one party to the other? Here the actual characteristics of the TrueCrypt volume become a problem.
- The volume is fairly large (much larger than a typical PGP email, for example).
- The volume has no canonical ASCII safe representation, that is, there is no standard way to convert the volume into something that can be “pasted” into a site.
How Crap Is This System?
This security protocol for message transfer can provide a high level of anonymity and strong security against a third party reading the message. There are a number of operational problems with this system, and also some single points of failure (which I will not enumerate here, sorry “English speaking expert on clandestine communications.”)
- This system requires the use of a laptop or desktop computer. It will not work from an Android mobile phone (there is a toolchain that could allow this from an Android, but it would be extremely cumbersome to use in practice.)
- This system makes non-standard use of the tools, which means the user has to take a number of additional manual steps to compensate. Requiring users to do a manual process generally means there will be mistakes. For example, I would expect that the user might forget to put the message into the volume before sending. Or the user might send an old version of the volume rather than the latest one. Or the user might fail to save the volume after copying the message in, and the contents get lost. Or the user might attempt to download the volume while the current volume is still open, and experience failures saving to disk. There are a number of places that this protocol can break down.
- This system has no way to indicate that the dead letter drop has been filled or that it has been serviced. These are the two states that a dead letter drop can be in, and typically the parties involved will have a signalling protocol to indicate to each other that it has been filled and serviced. Without a signalling protocol, the users will need to poll — check repeatedly — whether there is a new message. This is tedious, so they will probably only do this a few times a day at most. As a result, the message system will be very slow. Possibly taking hours or day for a complete comms round trip.
- Depending on the size of the file, the upload might take a while. It seems that Hame was not briefed on how to anonymise his IP address, and if he was using a special ISIS operated file transfer site (possible), then he would be vulnerable to very basic network surveillance. There is no mention of Tor or VPNs, and given the current climate about privacy software, I would expect any of the various news agencies to have name dropped them by now.
What it all means
There is someone in ISIS who knows how to design and construct secure anonymous messaging systems that are resilient against many types of surveillance. The dead letter drop system that has been outlined above is confusing and clearly incomplete, however it could refer to a protocol that is quite secure against monitoring. There are problems with the protocol which would make it open to exploitation by intelligence agencies (not enumerated here, for obvious reasons). The protocol is also quite cumbersome to use and requires a lot more equipment than an Android smartphone — the burner phones so popular with the Belgian ISIS network.
Anonymous, secure, resilient against monitoring. Slow, cumbersome, error prone, and potentially vulnerable to exploitation. Not a bad secure communication protocol, but far from ideal.
Update: further thoughts on the technique.