Documents

Black Budget: Cryptanalysis and Exploitation Services – Analysis of Target Systems

Mar. 10, 2015

1/3
Download
Page 1 from Black Budget: Cryptanalysis and Exploitation Services – Analysis of Target Systems
(U) EXPLOITATION SERVICES (U) ANALYSIS OF TARGET SYSTEMS This Exhibit FY 20? 1 FY 2012 Enacted FY 2013 Request FY 2012 FY 2013 Actual Base 0CD Total Base 0CD Total Change thige Funding 39.4 35.l 35.l 34.3 34.3 ?2 Civilian FTE 240 2? 2ll 2Ul 2Ul ?lU ?5 Civilian Positions 240 2l 2l 2Ul 2Ul ?lU ?5 Military Positions 2 2 2 2 2 IIncludes enacted 0CD funding. Tm?! 5 ?133? add dug Wilding- (U) Project Description (SHSIHREL TD USA, FVEY) The Analysis of Target Systems Project produces prototype capabilities to exploit new communications technologies and systems which are then integrated into the SIGEJT system via the Exploitation Solutions Project in this Expenditure Center (EC). This Project enables the defeat of strong commercial data security systems; develops capabilities to exploit emerging information systems and technologies that are employed or may be employed by SIGEJT targets; develops analytic algorithms, processes, and procedures to exploit emerging information systems technologies; and develops initial recognition, exploitation, and prototype solutions against new technology targets. This Project contains the Information Systems Analysis and 1iv?ulnerability Discovery St Exploitation Solutions Sub?Projects. (U) Base resources in this project are used to: (SIESIHREL TD USA, FVEY) Conduct vulnerability analysis and develop exploitation capabilities against network communications protocols and commercial network security products, including protocol structure, authentication and access control, data integrity, and non?application layer for integration into Endpoint and MidPoint access solutions for use against high?priority SIGINT targets. (TSHSIHREL TD USA, FVEY) Provide target exemplar secure communications products, both foreign and domestic produced, to pursue vulnerability analysis and develop exploitation capabilities against the authentication and schemes. (SEISIHREL TD USA, FVEY) Support work to provide capabilities against emerging communications technologies through error correction, demodulation, reverse?engineering, multiplexers, and personal communications interfaces. (SEISIHREL TD USA, FVEY) Perform analysis of information security systems, products, and services in order to develop exploitation solutions designed to address customer?driven and anticipatory requirements. (SEISIHREL TD USA, FVEY) Anticipate future technologies of SIGINT targets and prepare strategies to exploit those technologies. (TSHSIHREL TD USA, FVEY) Develop, enhance, and implement software attacks against signals. (TSHSIHREL TD USA, FVEY) Develop exploitation capabilities against speci?c key management and authentication schemes. (TSHSIHREL TD USA, FVEY) Analyze and develop exploitation capabilities against emerging multimedia applications (video, voice, fax, data compression, and file formats) and multiplexer capabilities. 199
(U) EXPLOITATION SERVICES (U) ANALYSIS OF TARGET SYSTEMS This Exhibit FY 20? 1 FY 2012 Enacted FY 2013 Request FY 2012 FY 2013 Actual Base 0CD Total Base 0CD Total Change thige Funding 39.4 35.l 35.l 34.3 34.3 ?2 Civilian FTE 240 2? 2ll 2Ul 2Ul ?lU ?5 Civilian Positions 240 2l 2l 2Ul 2Ul ?lU ?5 Military Positions 2 2 2 2 2 IIncludes enacted 0CD funding. Tm?! 5 ?133? add dug Wilding- (U) Project Description (SHSIHREL TD USA, FVEY) The Analysis of Target Systems Project produces prototype capabilities to exploit new communications technologies and systems which are then integrated into the SIGEJT system via the Exploitation Solutions Project in this Expenditure Center (EC). This Project enables the defeat of strong commercial data security systems; develops capabilities to exploit emerging information systems and technologies that are employed or may be employed by SIGEJT targets; develops analytic algorithms, processes, and procedures to exploit emerging information systems technologies; and develops initial recognition, exploitation, and prototype solutions against new technology targets. This Project contains the Information Systems Analysis and 1iv?ulnerability Discovery St Exploitation Solutions Sub?Projects. (U) Base resources in this project are used to: (SIESIHREL TD USA, FVEY) Conduct vulnerability analysis and develop exploitation capabilities against network communications protocols and commercial network security products, including protocol structure, authentication and access control, data integrity, and non?application layer for integration into Endpoint and MidPoint access solutions for use against high?priority SIGINT targets. (TSHSIHREL TD USA, FVEY) Provide target exemplar secure communications products, both foreign and domestic produced, to pursue vulnerability analysis and develop exploitation capabilities against the authentication and schemes. (SEISIHREL TD USA, FVEY) Support work to provide capabilities against emerging communications technologies through error correction, demodulation, reverse?engineering, multiplexers, and personal communications interfaces. (SEISIHREL TD USA, FVEY) Perform analysis of information security systems, products, and services in order to develop exploitation solutions designed to address customer?driven and anticipatory requirements. (SEISIHREL TD USA, FVEY) Anticipate future technologies of SIGINT targets and prepare strategies to exploit those technologies. (TSHSIHREL TD USA, FVEY) Develop, enhance, and implement software attacks against signals. (TSHSIHREL TD USA, FVEY) Develop exploitation capabilities against speci?c key management and authentication schemes. (TSHSIHREL TD USA, FVEY) Analyze and develop exploitation capabilities against emerging multimedia applications (video, voice, fax, data compression, and file formats) and multiplexer capabilities. 199
Page 2 from Black Budget: Cryptanalysis and Exploitation Services – Analysis of Target Systems
TOP (TSHSIHREL TO USA, FVEY) Provide hardware and software tools for analyzing and developing methods of exploiting known or emerging information systems that are likely to be employed by targets to store, manage, protect, or communicate data of SIGINT values. (SEISIHREL TO USA, FVEY) Perform reverseengineering of hardware and software?based systems, develop reverse?engineering tools and techniques useful to the reverse engineering community at large, and provide engineering services to the community. (SEISIHREL TO USA, FVEY) Maintain state?of?the?art laboratory networks directly supporting analysis of application?layer products, hardware reverse?engineering, communications systems analysis, simulation of target implementation scenarios, vulnerability detection, and assistance to Computer Network Exploitation (CNE). (TSHSIHREL TO USA, FVEY) Develop capabilities and provide comprehensive support to facilitate CNE operations against target systems and to facilitate offensivefdefensive Computer Network Operations (CNO). (SEISIHREL TO USA FVEY) Create comprehensive CNO capabilities, including Radio Frequency based, against highly mobile and re?configurable communications networks, and support their integration into multiple military service?level elements. (SEISIHREL TO USA, FVEY) Guide the future design and effective use of computers to meet the needs of the community. (Shf SIHREL TO USA, FVEY) Support investment in reverse engineering through partnerships with National Laboratories and engineering services contractors. (SEISIHREL TO USA, Develop initial recognition, exploitation, and prototype solutions against new technology targets. These capabilities are integrated into the processing and exploitation infrastructure or into customized tactical exploitation capabilities. (TSHSIHREL TO USA, FVEY) Develop methods to discover and exploit communication systems employing public key (SEISIHREL TO USA, FVEY) Develop methods to exploit communications protected by passwords or pass phrases. (UHPOUO) Serve as the and Exploitation Services (CES) experts in the use of High Performance Computing hardware. Consult with other organizations on the most efficient utilization of these devices and participate in their design and development. (TSHSIHREL TO USA, FVEY) Develop exploitation processes for a variety of advanced communication security systems. These include Public Key and 1?v'irtual Private Network (VPN) systems. Manage mature exploitation processes and develop tools to aid in exploitation of intemet security protocols and administration. (UHPOUO) Provide for training in state?of?the?art computing technologies and travel for collaborative analysis and interaction with foreign and domestic partners. (U) There are no new activities in this Project for FY 2013. (U) The CCP expects this Project to accomplish the following in FY 2013: (SEISIHREL TO USA, FVEY) Develop new capabilities against SD commercial information security device products to exploit emerging technologies. (TSHSIHREL TO USA, FVEY) Contribute to the design and development of four additional enabled solutions to help defeat data security systems that are used or may be used by targets. EDD TOP
TOP (TSHSIHREL TO USA, FVEY) Provide hardware and software tools for analyzing and developing methods of exploiting known or emerging information systems that are likely to be employed by targets to store, manage, protect, or communicate data of SIGINT values. (SEISIHREL TO USA, FVEY) Perform reverseengineering of hardware and software?based systems, develop reverse?engineering tools and techniques useful to the reverse engineering community at large, and provide engineering services to the community. (SEISIHREL TO USA, FVEY) Maintain state?of?the?art laboratory networks directly supporting analysis of application?layer products, hardware reverse?engineering, communications systems analysis, simulation of target implementation scenarios, vulnerability detection, and assistance to Computer Network Exploitation (CNE). (TSHSIHREL TO USA, FVEY) Develop capabilities and provide comprehensive support to facilitate CNE operations against target systems and to facilitate offensivefdefensive Computer Network Operations (CNO). (SEISIHREL TO USA FVEY) Create comprehensive CNO capabilities, including Radio Frequency based, against highly mobile and re?configurable communications networks, and support their integration into multiple military service?level elements. (SEISIHREL TO USA, FVEY) Guide the future design and effective use of computers to meet the needs of the community. (Shf SIHREL TO USA, FVEY) Support investment in reverse engineering through partnerships with National Laboratories and engineering services contractors. (SEISIHREL TO USA, Develop initial recognition, exploitation, and prototype solutions against new technology targets. These capabilities are integrated into the processing and exploitation infrastructure or into customized tactical exploitation capabilities. (TSHSIHREL TO USA, FVEY) Develop methods to discover and exploit communication systems employing public key (SEISIHREL TO USA, FVEY) Develop methods to exploit communications protected by passwords or pass phrases. (UHPOUO) Serve as the and Exploitation Services (CES) experts in the use of High Performance Computing hardware. Consult with other organizations on the most efficient utilization of these devices and participate in their design and development. (TSHSIHREL TO USA, FVEY) Develop exploitation processes for a variety of advanced communication security systems. These include Public Key and 1?v'irtual Private Network (VPN) systems. Manage mature exploitation processes and develop tools to aid in exploitation of intemet security protocols and administration. (UHPOUO) Provide for training in state?of?the?art computing technologies and travel for collaborative analysis and interaction with foreign and domestic partners. (U) There are no new activities in this Project for FY 2013. (U) The CCP expects this Project to accomplish the following in FY 2013: (SEISIHREL TO USA, FVEY) Develop new capabilities against SD commercial information security device products to exploit emerging technologies. (TSHSIHREL TO USA, FVEY) Contribute to the design and development of four additional enabled solutions to help defeat data security systems that are used or may be used by targets. EDD TOP
Page 3 from Black Budget: Cryptanalysis and Exploitation Services – Analysis of Target Systems
TOP (SEISIHREL TO USA, FVEY) Forensics by extracting data from ID additicnal hardware devices in cf explcitaticn capability develcpment. (SEISIHREL TO USA, FVEY) Develcp 40 new capabilities (including new algorithms, processes and procedures) to explcit target systems and (TSl?l?SIl?lf REL TO USA, FVEY) Develcp ID new capabilities tc include new reccyery strategies, new attacks cn new hardware, autcmating attacks, sclying particular public?key disccyering new targets that result in gains for CBS and develcping new attacks against TOP 201
TOP (SEISIHREL TO USA, FVEY) Forensics by extracting data from ID additicnal hardware devices in cf explcitaticn capability develcpment. (SEISIHREL TO USA, FVEY) Develcp 40 new capabilities (including new algorithms, processes and procedures) to explcit target systems and (TSl?l?SIl?lf REL TO USA, FVEY) Develcp ID new capabilities tc include new reccyery strategies, new attacks cn new hardware, autcmating attacks, sclying particular public?key disccyering new targets that result in gains for CBS and develcping new attacks against TOP 201