Experts cannot determine how the codes were cracked
Ankara Chief Public Prosecutor Tekin Küçük wrote the indictment on the wiretapping of crypto phones. The indictment reviews the results of the analyses of the experts from the Telecommunications Communication Directorate (TİM). According to the indictment, some of the second generation encrypted phones (Milcep K2) allocated for use by top statesmen and top civil servants were wiretapped in TİM as a target; voice records proving this were found. In other words, it was certain that the phones were intercepted. Well, then, how could these encrypted phones, moreover the ones that had the highest encoding standards in the world, be tapped?
To find the answer to this question, there was another experts’ examination at the institution where these phones were produced, at TÜBİTAK, the Scientific and Technical Research Council of Turkey.
The experts committee, on their way to TÜBİTAK, had two assumptions on how these encrypted phones could have been intercepted. As written on the indictment, one was that the encryption key was carried outside the phone in real time to enable tapping simultaneously with the conversation.
The second option was that, in order to decode the records after the conversations were recorded, the encryption key would be recorded inside the phone and then the recorded encryption key and the recorded data would be matched up with TİB records (it can also be called off-line) to complete the decoding process.
For the first scenario to happen here, the third person intercepting the phone should be able to know the encryption keys the first two speakers on the phone send to each other. How can this be possible?
The experts again assumed two options. One is that the encryption keys to be sent were already known beforehand; the third person wiretapping already had them. The second option is that the phone would send the encryption key it was generating to the third person without the owner of the phone noticing.
What about the second scenario? Actually, the same two possibilities are valid for the second scenario as well (There is also a third option, which is that the phone recorded the encryption key it produced in a place inside the phone, then this recording was taken from there without the knowledge of the owner of the phone).
Let me sum up the situation to this point: The encryption algorithm in these phones is so strong that without knowing the encryption key, it is not possible to decode it (in a reasonable time). Thus, the only way to be able to wiretap the conversations in encrypted phones is to have easy access to that encryption key.
As a matter of fact, if you want to open a case, you would not be engaged in blowing it up while you have access to its key.
For the experts to find out which one of these scenarios they assumed through logic is true, they had to compare the critical software in the phones with the original software at TÜBİTAK.
But, somehow, strangely, the same version of this highly critically important software installed in phones has not been able to be found in TÜBİTAK. Also the source code of the software installed in the phones was not reached.
It is important from the viewpoint of the prosecutor that almost nobody from the team in TÜBİTAK that developed this phone software cooperated with the inspectors. The entire team is now defendants in this case.
Experts on the other hand cannot figure out through which method the encryptions of the phones were actually decoded. They can only guess. Well, of course, the prosecutor can also only guess…