If you want to use the internet and you don’t want the National Security Agency to see what you’re doing, you would likely turn to Tor, a network that anonymizes web traffic by bouncing it between servers.
The NSA has been working on ways to get around "the Tor problem" for years with limited success. "It should hardly be surprising that our intelligence agencies seek ways to counteract targets’ use of technologies to hide their communications," the agency told BusinessWeek.
The original funding for this thorn in the NSA’s side actually came from the US Department of Defense; the Naval Research Laboratory originally funded the project to protect Navy employees abroad.
The military is building anonymity tools and breaking them, both in the name of national security
The NSA says Tor is now used by "terrorists, cybercriminals, [and] human traffickers," so you’d think the Pentagon might consider that investment a mistake.
The military has been working on a new generation of even bigger and better anonymity tools to supplement and replace Tor.
The Defense Advanced Research Projects Agency or DARPA, the Pentagon’s high-tech research lab, started working on anonymity roughly four years ago through the Safer Warfighter Communications program, a collection of tools designed to thwart blacklisting, redirection, and content filtering.
The program covers several anonymity projects, including cutting-edge encryption and a project called Service-Oriented Netcoded Architecture for Tactical Anonymity (SONATA). Details on SONATA are thin, but one researcher familiar with the work referred to it as a next-generation competitor to Tor. Like Tor, SONATA will rely on a distributed network run by volunteers. Unlike Tor, SONATA traffic is "mixed" at each relay in the network by randomly multiplying traditional packets by a constant and adding them together, while also switching up secondary markers that would identify traffic. "Traffic flows like water, making it very difficult to block," says Brian DeCleene of BAE Systems, who is working on SONATA.
DARPA is also investing in Curveball, a "decoy routing" system developed by Raytheon BBN Technologies, that lets you pretend you’re surfing an unblocked website when you’re actually connecting to Facebook, the Pentagon, or some other sensitive site.
Why the apparent contradiction?
Curveball uses a nifty trick that requires some cooperation from friendly internet providers. Those providers would install Curveball routers throughout their networks. Users with the Curveball client would then surf around randomly until they find a Curveball router. The router confirms with the client, then tunnels any subsequent traffic through the Curveball connection disguised as innocuous traffic. As the surfer moves around on Facebook, the Curveball connection pretends he or she is moving around on an unblocked site, say, Amazon.
The fact that Curveball is embedded within a regular network makes it impractical for a government to block it without blocking lots of useful sites, impairing commerce or irritating citizens.
Unlike Tor, Curveball doesn’t protect the user’s identity. However, it could be used to secretly get to Tor in countries where access to the network is restricted.
So why is one branch of the military building tools that will one day be used to thwart another branch?
Dan Kaufman, director of DARPA’s Innovation Information Office, which covers the Safer Warfighter Communications program, says there isn’t any tension caused by DARPA working on tools that could one day be used to dodge the NSA.
"[The program] started with a conversation I had with Special Forces," Kaufman says. "While obviously there may be multiple uses… we built it for Special Forces. People are welcome to take the technology and do stuff, but that’s not why we built it."
State-sponsored censorship and monitoring are increasing in hostile countries
Government surveillance and censorship is growing around the world. Countries like China, North Korea, and Iran exert obsessive control over what people can do online, while laws are getting stricter in places like Turkey and Kazakhstan. Internet censorship was one of the Thai military’s first moves after taking over their country’s government in May.
US military forces don’t always carry their own communications gear. They often use chat rooms or whatever is publicly available even when stationed in hostile, internet-freedom-hating countries.
"You’re in a place where you need to be able to communicate back," Kaufman says. "And you need to make sure that that regime is not blocking you, and you need to make sure that you stay anonymous because you’re undercover."
The Defense Department says it has to invest in technology even if that technology could one day be used against it. "The best way to ensure national security in a fast-changing world is to maintain our technological superiority in critical technology areas," a spokesperson for the Defense Department tells The Verge in a statement. "The department is continuously working to develop important scientific and technological domains and will not limit our research strictly out of concern that the results might someday fall into our adversaries' hands."
There are other ways online secrecy can help the US
The department also takes "the appropriate steps" to ensure technology does not enable the US’s enemies, the spokesperson says. Enabling anonymous communications may bolster national security in other ways. Tor no longer receives support from the Pentagon, but it’s now funded in part by the Bureau of Democracy, Human Rights, and Labor or DRL, a division of the State Department that supports freedom of information around the world.
DRL explicitly supports "anti-censorship and secure communications technology" with the hope of spreading Western democratic values. Tor is also used by journalists, activists, and whistleblowers. Many believe US national security will benefit overall from the free flow of media, especially in countries that censor the news and circulate anti-American propaganda.
Still, we may see a leaked NSA presentation in a few years: "the SONATA problem."