Editing National Security Agency (section)

== Research and development ==
NSA has been involved in debates about public policy, both indirectly as a behind-the-scenes adviser to other departments, and directly during and after [[Bobby Ray Inman|Vice Admiral Bobby Ray Inman]]'s directorship. NSA was a major player in the debates of the 1990s regarding the [[export of cryptography in the United States]]. Restrictions on export were reduced but not eliminated in 1996. Its secure government communications work has involved the NSA in numerous technology areas, including the design of specialized communications [[computer hardware|hardware]] and software, production of dedicated [[semiconductor]]s at the [[Fort Meade, Maryland|Ft. Meade]] chip fabrication plant), and advanced [[cryptography]] research. For 50 years, the NSA designed and built most of its in-house computer equipment, but from the 1990s until about 2003 (when the U.S. Congress curtailed the practice), the agency contracted with the private sector in the fields of research and equipment.<ref>{{cite news|title=Congress curbs NSA's power to contract with suppliers|author=Sabar, Ariel|date=July 20, 2013|url=https://www.baltimoresun.com/2003/07/20/congress-curbs-nsas-power-to-contract-with-suppliers/|work=Baltimore Sun|publisher=Tribune Company|access-date=June 17, 2013|archive-date=May 10, 2013|archive-url=https://web.archive.org/web/20130510235528/http://articles.baltimoresun.com/2003-07-20/news/0307200276_1_nsa-eavesdropping-agency|url-status=live}}</ref>

=== Data Encryption Standard ===
{{Main|Data Encryption Standard}}
[[File:Frostburg.jpg|thumb|[[FROSTBURG]] was the NSA's first [[supercomputer]], used from 1991 to 1997]]

NSA was embroiled in some controversy concerning its involvement in the creation of the Data Encryption Standard (DES), a standard and public [[block cipher]] [[algorithm]] used by the [[U.S. government]] and banking community.<ref name=outofthecloset>{{cite web |url=https://cryptome.org/2021/04/Joseph-Meyer-IEEE-1977.pdf |title=The NSA Comes Out of the Closet: The Debate over Public Cryptography in the Inman Era (U) |work=Cryptologic Quarterly |publisher=U.S. National Security Agency |quote=Public cryptography issues were overwhelming Inman and the NSA. (p.12) |access-date=2024-06-07 |archive-date=2024-05-12 |archive-url=https://web.archive.org/web/20240512130341/https://cryptome.org/2021/04/Joseph-Meyer-IEEE-1977.pdf |url-status=live }}</ref> During the development of DES by [[IBM]] in the 1970s, NSA recommended changes to some details of the design. There was suspicion that these changes had weakened the algorithm sufficiently to enable the agency to eavesdrop if required, including speculation that a critical component—the so-called [[S-box]]es—had been altered to insert a "[[Backdoor (computing)|backdoor]]" and that the reduction in key length might have made it feasible for NSA to discover DES keys using massive computing power. It has since been observed that the S-boxes in DES are particularly resilient against [[differential cryptanalysis]], a technique that was not publicly discovered until the late 1980s but known to the IBM DES team.

=== Advanced Encryption Standard ===
{{Main|Advanced Encryption Standard}}
The involvement of the NSA in selecting a successor to the Data Encryption Standard (DES), the Advanced Encryption Standard (AES), was limited to hardware performance testing (see [[Advanced Encryption Standard process|AES competition]]).<ref>{{cite web|title=Hardware Performance Simulations of Round 2 Advanced Encryption Standard Algorithms|author=Weeks, Bryan|url=http://csrc.nist.gov/archive/aes/round2/NSA-AESfinalreport.pdf|publisher=National Institute of Standards and Technology|access-date=June 29, 2013|display-authors=etal|archive-url=https://web.archive.org/web/20111024234406/http://csrc.nist.gov/archive/aes/round2/NSA-AESfinalreport.pdf|archive-date=2011-10-24|url-status=dead}}</ref> NSA has subsequently certified AES for protection of classified information when used in NSA-approved systems.<ref name="suitB">"the NIST standards that define Suite B..." in {{cite web|title=Suite B Cryptography / Cryptographic Interoperability|url=https://www.nsa.gov/ia/programs/suiteb_cryptography/|publisher=National Security Agency|access-date=June 29, 2013|archive-url=https://web.archive.org/web/20160101091229/https://www.nsa.gov/ia/programs/suiteb_cryptography/|archive-date=2016-01-01|url-status=dead}}</ref>

=== NSA encryption systems ===
[[File:STU-IIIphones.nsa.jpg|thumb|[[STU-III]] secure telephones on display at the [[National Cryptologic Museum]]]]
{{Main|NSA encryption systems}}

The NSA is responsible for the encryption-related components in these legacy systems:
* [[FNBDT]] Future Narrow Band Digital Terminal<ref>{{cite book|title=C4ISR for Future Naval Strike Groups|author=Committee on C4ISR for Future Naval Strike Groups, National Research Council|isbn=978-0-309-09600-3|publisher=National Academies Press |year=2006|page=167 |url=https://books.google.com/books?id=NByKhCK3edkC&pg=PA167}}</ref>
* [[KL-7]] ADONIS off-line rotor encryption machine (post-WWII – 1980s)<ref>"Adkins Family asked for a pic of the KL-7. Here you go!..." in {{cite web|url=https://www.facebook.com/NationalCryptologicMuseum|date=March 20, 2013|title=NSA – National Cryptologic Museum|publisher=Facebook|access-date=June 30, 2013|archive-date=June 5, 2013|archive-url=https://web.archive.org/web/20130605203039/https://www.facebook.com/NationalCryptologicMuseum|url-status=live}}</ref><ref name="NSA3997687">{{cite web|title=Cryptographic Damage Assessment: DOCID: 3997687|year=1968|url=https://www.nsa.gov/public_info/_files/uss_pueblo/Section_V_Cryptographic_Damage_Assessment.pdf|publisher=National Security Agency|access-date=June 30, 2013|url-status=dead|archive-url=https://web.archive.org/web/20130918031554/http://www.nsa.gov/public_info/_files/uss_pueblo/Section_V_Cryptographic_Damage_Assessment.pdf|archive-date=September 18, 2013}}</ref>
* [[KW-26]] ROMULUS electronic in-line teletypewriter encryptor (1960s–1980s)<ref name="NSA50th">{{cite web|title=Cryptologic Excellence: Yesterday, Today and Tomorrow|year=2002|url=https://www.nsa.gov/about/_files/cryptologic_heritage/publications/misc/50th_anniversary.pdf|publisher=National Security Agency|access-date=June 30, 2013|page=17|archive-url=https://web.archive.org/web/20130918014341/http://www.nsa.gov/about/_files/cryptologic_heritage/publications/misc/50th_anniversary.pdf|archive-date=2013-09-18|url-status=dead}}</ref>
* [[KW-37]] JASON fleet broadcast encryptor (1960s–1990s)<ref name="NSA3997687" />
* KY-57 [[VINSON]] tactical radio voice encryptor<ref name="NSA50th" />
* [[KG-84]] Dedicated Data Encryption/Decryption<ref name="NSA50th" />
* [[STU-III]] secure telephone unit,<ref name="NSA50th" /> phased out by the [[Secure Terminal Equipment|STE]]<ref name="Hickey">{{cite news|url=http://gcn.com/articles/2010/01/06/nsa-certifies-viper-for-classified-communications.aspx|author=Hickey, Kathleen|date=January 6, 2010|title=NSA certifies Sectera Viper phone for classified communications|publisher=1105 Media|work=GCN|access-date=June 30, 2013|archive-date=January 25, 2014|archive-url=https://web.archive.org/web/20140125092308/http://gcn.com/articles/2010/01/06/nsa-certifies-viper-for-classified-communications.aspx|url-status=dead}}</ref>

The NSA oversees encryption in the following systems that are in use today:
* [[EKMS]] Electronic Key Management System<ref>{{cite web|url=http://jitc.fhu.disa.mil/ekms/|title=JITC Networks, Transmissions, and Integration Division Electronic Key Management System (EKMS)|date=February 1991|publisher=U.S. Department of Defense: Defense Information Systems Agency: Joint Interoperability Certifier|access-date=June 30, 2013 |url-status=dead|archive-url=https://web.archive.org/web/20130515225818/http://jitc.fhu.disa.mil/ekms/|archive-date=May 15, 2013}}</ref>
* [[Fortezza]] encryption based on portable crypto token in [[PC Card]] format<ref>{{cite web|url=http://www.rsa.com/rsalabs/node.asp?id=2320|title=6.2.6 What is Fortezza?|publisher=RSA Laboratories, EMC Corporation|access-date=June 30, 2013|url-status=dead|archive-url=https://web.archive.org/web/20120715221703/http://www.rsa.com/rsalabs/node.asp?id=2320|archive-date=July 15, 2012}}</ref>
* [[SINCGARS]] tactical radio with cryptographically controlled frequency hopping<ref>{{cite web|url=http://www.raytheon.com/capabilities/products/arc231/|title=AN/ARC-231 Airborne Communication System|publisher=Raytheon|access-date=June 30, 2013|archive-date=December 25, 2012|archive-url=https://web.archive.org/web/20121225134947/http://www.raytheon.com/capabilities/products/arc231/|url-status=live}}</ref>
* [[Secure Terminal Equipment|STE]] secure terminal equipment<ref name="Hickey" />
* [[TACLANE]] product line by [[General Dynamics C4 Systems]]<ref>{{cite news|url=http://www.upi.com/Business_News/Security-Industry/2007/10/24/NSA-approves-TACLANE-Router/UPI-47061193262728/|date=October 24, 2007|title=NSA approves TACLANE-Router|publisher=United Press International|access-date=June 30, 2013|archive-date=December 15, 2012|archive-url=https://web.archive.org/web/20121215022929/http://www.upi.com/Business_News/Security-Industry/2007/10/24/NSA-approves-TACLANE-Router/UPI-47061193262728/|url-status=live}}</ref> 

The NSA has specified [[NSA Suite A Cryptography|Suite A]] and [[NSA Suite B Cryptography|Suite B]] cryptographic algorithm suites to be used in U.S. government systems; the Suite B algorithms are a subset of those previously specified by [[National Institute of Standards and Technology|NIST]] and are expected to serve for most information protection purposes, while the Suite A algorithms are secret and are intended for especially high levels of protection.<ref name="suitB" />

=== SHA ===
The widely used [[SHA-1]] and [[SHA-2]] hash functions were designed by NSA. SHA-1 is a slight modification of the weaker [[SHA-0]] algorithm, also designed by NSA in 1993. This small modification was suggested by the NSA two years later, with no justification other than the fact that it provides additional security. An attack for SHA-0 that does not apply to the revised algorithm was indeed found between 1998 and 2005 by academic cryptographers. Because of weaknesses and key length restrictions in SHA-1, NIST deprecates its use for [[digital signature]]s and approves only the newer SHA-2 algorithms for such applications from 2013 on.<ref>Draft NIST SP 800-131, June 2010.</ref>

A new hash standard, [[SHA-3]], has recently been selected through the [[NIST hash function competition|competition]] concluded on October 2, 2012, with the selection of [[SHA-3|Keccak]] as the algorithm. The process to select SHA-3 was similar to the one held in choosing the AES, but some doubts have been cast over it,<ref name="cdt.org">{{cite web |last=Lorenzo |first=Joseph |url=https://www.cdt.org/blogs/joseph-lorenzo-hall/2409-nist-sha-3 |title=What the heck is going on with NIST's cryptographic standard, SHA-3? &#124; Center for Democracy & Technology |publisher=Cdt.org |date=September 24, 2013 |access-date=October 9, 2013 |archive-date=January 25, 2014 |archive-url=https://web.archive.org/web/20140125143053/https://www.cdt.org/blogs/joseph-lorenzo-hall/2409-nist-sha-3 |url-status=live }}</ref><ref>{{cite web |url=https://twitter.com/marshray/status/380800393367674880 |title=Twitter / marshray: Believe it or not, NIST is |publisher=Twitter.com |access-date=October 9, 2013 |archive-date=February 28, 2019 |archive-url=https://web.archive.org/web/20190228084249/https://twitter.com/marshray/status/380800393367674880 |url-status=live }}</ref> since fundamental modifications have been made to Keccak to turn it into a standard.<ref>{{cite web|url=https://docs.google.com/file/d/0BzRYQSHuuMYOQXdHWkRiZXlURVE/ |title=kelsey-invited-ches-0820.pdf – Google Drive |access-date=October 9, 2013}}</ref> These changes potentially undermine the cryptanalysis performed during the competition and reduce the security levels of the algorithm.<ref name="cdt.org" />

=== Clipper chip ===
{{Main|Clipper chip}}
Because of concerns that widespread use of strong cryptography would hamper government use of [[Telephone tapping|wiretaps]], the NSA proposed the concept of [[key escrow]] in 1993 and introduced the Clipper chip that would offer stronger protection than DES but would allow access to encrypted data by authorized law enforcement officials.<ref>{{cite magazine|author=Baker, Stewart A.|title=Don't Worry Be Happy|url=https://www.wired.com/wired/archive/2.06/nsa.clipper_pr.html|magazine=Wired|volume=2|issue=6|access-date=June 28, 2013|archive-date=October 11, 2008|archive-url=https://web.archive.org/web/20081011095737/http://www.wired.com/wired/archive/2.06/nsa.clipper_pr.html|url-status=live}}</ref> The proposal was strongly opposed and key escrow requirements ultimately went nowhere.<ref>{{cite web|title=Key Escrow, Key Recovery, Trusted Third Parties & Govt. Access to Keys |url=http://w2.eff.org/Privacy/Key_escrow/|publisher=Electronic Frontier Foundation|access-date=June 28, 2013 |url-status=dead |archive-url=https://web.archive.org/web/20120429112956/http://w2.eff.org/Privacy/Key_escrow/|archive-date=April 29, 2012}}</ref> However, NSA's [[Fortezza]] hardware-based encryption cards, created for the Clipper project, are still used within government, and NSA ultimately declassified and published the design of the [[Skipjack (cipher)|Skipjack cipher]] used on the cards.<ref>{{cite web|author=Schneier, Bruce|title=Declassifying Skipjack|url=http://www.schneier.com/crypto-gram-9807.html#skip|publisher=Crypto-Gram (schneier.com)|date=July 15, 1998|access-date=June 28, 2013|archive-date=June 23, 2013|archive-url=https://web.archive.org/web/20130623200937/http://www.schneier.com/crypto-gram-9807.html#skip|url-status=live}}</ref><ref>{{cite web|title=SKIPJACK and KEA Algorithm Specifications|date=May 29, 1998|url=http://csrc.nist.gov/groups/ST/toolkit/documents/skipjack/skipjack.pdf|publisher=National Institute of Standards and Technology|access-date=June 28, 2013|archive-url=https://web.archive.org/web/20111021070535/http://csrc.nist.gov/groups/ST/toolkit/documents/skipjack/skipjack.pdf|archive-date=2011-10-21|url-status=dead}}</ref>

=== Dual EC DRBG random number generator crypto trojan===
{{Main|Dual EC DRBG}}
NSA promoted the inclusion of a random number generator called [[Dual EC DRBG]] in the U.S. [[National Institute of Standards and Technology]]'s 2007 guidelines. This led to speculation of a [[backdoor (computing)|backdoor]] which would allow NSA access to data encrypted by systems using that [[pseudorandom number generator]] (PRNG).<ref>{{cite magazine |url=https://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115|archive-url=https://web.archive.org/web/20121024090318/http://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115 |archive-date=October 24, 2012 |url-status=live|title=Did NSA Put a Secret Backdoor in New Encryption Standard? |first=Bruce |last=Schneier |author-link=Bruce Schneier|magazine=Wired News|date=November 15, 2007|access-date=July 4, 2008}}</ref>

This is now deemed to be plausible based on the fact that output of next iterations of PRNG can provably be determined if relation between two internal [[Elliptic-curve cryptography|Elliptic Curve]] points is known.<ref name=":0">{{cite web |author=Matthew Green |url=http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html |title=A Few Thoughts on Cryptographic Engineering: The Many Flaws of Dual_EC_DRBG |publisher=Blog.cryptographyengineering.com |date=September 18, 2013 |access-date=October 9, 2013 |archive-date=August 20, 2016 |archive-url=https://web.archive.org/web/20160820174502/http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html |url-status=live }}</ref><ref>{{cite web|url=http://blog.0xbadc0de.be/archives/155|title=Dual_Ec_Drbg backdoor: a proof of concept at Aris' Blog – Computers, ssh and rock'n roll|work=0xbadc0de.be|date=31 December 2013|access-date=7 June 2024|archive-date=17 December 2014|archive-url=https://web.archive.org/web/20141217102434/http://blog.0xbadc0de.be/archives/155|url-status=live}}</ref> Both NIST and [[RSA Security|RSA]] are now officially recommending against the use of this PRNG.<ref>{{cite web |url=https://www.propublica.org/documents/item/785571-itlbul2013-09-supplemental#document/p2 |title=itlbul2013 09 Supplemental |publisher=ProPublica |access-date=October 9, 2013 |archive-url=https://web.archive.org/web/20131008170739/http://www.propublica.org/documents/item/785571-itlbul2013-09-supplemental#document/p2 |archive-date=October 8, 2013 |url-status=dead }}</ref><ref>{{cite web |author=Matthew Green |url=http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html |title=A Few Thoughts on Cryptographic Engineering: RSA warns developers not to use RSA products |publisher=Blog.cryptographyengineering.com |date=September 20, 2013 |access-date=October 9, 2013 |archive-date=October 10, 2013 |archive-url=https://web.archive.org/web/20131010085457/http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html |url-status=live }}</ref>

=== Perfect Citizen ===
{{Main|Perfect Citizen}}
Perfect Citizen is a program to perform [[Vulnerability assessment (computing)|vulnerability assessment]] by the NSA in the American [[critical infrastructure]].<ref>[https://www.wired.com/threatlevel/2010/07/nsa-perfect-citizen-denial/ NSA Denies It Will Spy on Utilities] {{Webarchive|url=https://web.archive.org/web/20140209204445/http://www.wired.com/threatlevel/2010/07/nsa-perfect-citizen-denial/ |date=2014-02-09 }}, Threat Level, Wired.com</ref><ref name="dt1">{{cite news|url=http://www.dailytech.com/NSAs+Perfect+Citizen+Program++Big+Brother+or+Cybersecurity+Savior/article18969.htm|title=DailyTech – NSA's "Perfect Citizen" Program: Big Brother or Cybersecurity Savior?|last=Mick|first=Jason|date=July 8, 2010|work=DailyTech|access-date=July 8, 2010|url-status=dead|archive-url=https://web.archive.org/web/20100711071346/http://www.dailytech.com/NSAs+Perfect+Citizen+Program++Big+Brother+or+Cybersecurity+Savior/article18969.htm|archive-date=July 11, 2010}}</ref> It was originally reported to be a program to develop a system of sensors to detect cyber attacks on critical infrastructure computer networks in both the private and public sector through a [[network monitoring]] system named ''Einstein''.<ref name="cn1">{{cite news|url=http://news.cnet.com/8301-1009_3-20009952-83.html|title=Report: NSA initiating program to detect cyberattacks|last=Whitney|first=Lance|date=July 8, 2010|work=[[CNET.com]]|access-date=July 8, 2010|archive-date=June 17, 2011|archive-url=https://web.archive.org/web/20110617035918/http://news.cnet.com/8301-1009_3-20009952-83.html|url-status=dead}}</ref><ref>{{cite news |title=U.S. Program to Detect Cyber Attacks on Infrastructure |url=https://www.wsj.com/articles/SB10001424052748704545004575352983850463108?mod=WSJ_hpp_MIDDLETopStories |newspaper=[[The Wall Street Journal]] |date=July 7, 2010 |access-date=July 7, 2010 |first=Siobhan |last=Gorman |archive-date=May 7, 2018 |archive-url=https://web.archive.org/web/20180507085839/https://www.wsj.com/articles/SB10001424052748704545004575352983850463108?mod=WSJ_hpp_MIDDLETopStories |url-status=live }}</ref> It is funded by the [[Comprehensive National Cybersecurity Initiative]] and thus far [[Raytheon Technologies|Raytheon]] has received a contract for up to $100&nbsp;million for the initial stage.

=== Academic research ===
The NSA has invested many millions of dollars in academic research under grant code prefix ''MDA904'', resulting in over 3,000 papers {{as of|2007|10|11|lc=y|df=US|post=.}} The NSA publishes its documents through various publications.

* ''Cryptolog'' is published monthly by PI, Techniques, and Standards, for the Personnel of Operations. Declassified issues are available online.<ref>{{cite web |url=http://www.nsa.gov/public_info/declass/cryptologs.shtml |title=NSA Communicators - NSA/CSS |website=www.nsa.gov |url-status=dead |archive-url=https://web.archive.org/web/20120514003049/http://www.nsa.gov/public_info/declass/cryptologs.shtml |archive-date=2012-05-14}}</ref>
* The ''Cryptologic Almanac'' is a cryptology [[academic journal]] published internally by the NSA.<ref name="wired_2008"/> It publishes short vignettes about NSA or NSA-related topics. A selection of articles published are available to the public online.<ref name="Cryptologic Spectrum Articles"/>
* ''Cryptologic Quarterly'' was the combined result of the merger of ''NSA Technical Journal'' and ''Cryptologic Spectrum'' in 1981. It expanded its coverage to cover a larger segment of NSA readership.
* ''Cryptologic Spectrum'' was a [[cryptology]] journal published internally by the NSA.<ref name="wired_2008">{{cite magazine|title=Declassified NSA Document Reveals the Secret History of TEMPEST|last=Singel|first=Ryan|magazine=Wired|publisher=[[CondéNet, Inc.]]|url=http://blog.wired.com/27bstroke6/2008/04/nsa-releases-se.html|date=2008-04-29|accessdate=2008-05-01|archiveurl=https://archive.today/20120707123850/http://blog.wired.com/27bstroke6/2008/04/nsa-releases-se.html|archivedate=2012-07-07}}</ref> It was established in 1969, until consolidation with the ''NSA Technical Journal'' in 1981. A selection of articles published between 1969 and 1981 are available to the public online.<ref name="Cryptologic Spectrum Articles">{{cite web|url=http://www.nsa.gov/public_info/declass/cryptologic_spectrum.shtml|title=Cryptologic Spectrum Articles|work=Declassification Initiatives|publisher=National Security Agency|accessdate=2010-03-27|url-status=dead|archiveurl=https://web.archive.org/web/20160318090231/http://www.nsa.gov/public_info/declass/cryptologic_spectrum.shtml|archivedate=2016-03-18}}</ref> The journal had been [[classified information in the United States|classified]] until its tables of contents were published online in September 2006 following a [[Freedom of Information Act (United States)|Freedom of Information Act]] request in 2003.<ref name="wired_2006">{{cite magazine|url=https://www.wired.com/politics/security/news/2006/09/71849|title=Peek at NSA's Secret Reading List|last=Singel|first=Ryan|magazine=Wired|publisher=[[CondéNet, Inc.]]|date=2006-09-27|accessdate=2008-05-01|archiveurl=https://web.archive.org/web/20070220232300/http://www.wired.com/news/technology/security/0,71849-0.html|archivedate=2007-02-20}}</ref>
* The ''NSA Technical Journal'' was established in 1954 by [[Ralph J. Canine]] to "foster the exchange of ideas and create an 'intellectual community' within the Agency".<ref>{{Cite web|url=https://www.nsa.gov/portals/75/documents/news-features/declassified-documents/crypto-almanac-50th/A_Peek_Behind_the_Scenes_Part_2.pdf|title=A Peek Behind the Scenes Part 2|website=National Security Agency|access-date=November 24, 2024}}</ref> In 1981, the publication was consolidated with ''Cryptologic Spectrum'' into a single publication, called ''Cryptologic Quarterly''.

Despite this, the NSA/CSS has, at times, attempted to restrict the publication of academic research into cryptography; for example, the [[Khufu and Khafre]] block ciphers were voluntarily withheld in response to an NSA request to do so. In response to a [[Freedom of information in the United States|FOIA]] lawsuit, in 2013 the NSA released the 643-page research paper titled, "Untangling the Web: A Guide to Internet Research",<ref>{{cite web |url=https://www.nsa.gov/public_info/_files/Untangling_the_Web.pdf |title=Untangling the Web: A Guide to Internet Research |author1=Robyn Winder |author2=Charlie Speight |name-list-style=amp |work=National Security Agency Public Information |date=April 19, 2013 |access-date=May 9, 2013 |url-status=dead |archive-url=https://web.archive.org/web/20130509043240/http://www.nsa.gov/public_info/_files/Untangling_the_Web.pdf |archive-date=May 9, 2013 }}</ref> written and compiled by NSA employees to assist other NSA workers in searching for information of interest to the agency on the public Internet.<ref>{{cite news |url=https://www.wired.com/threatlevel/2013/05/nsa-manual-on-hacking-internet/ |title=Use These Secret NSA Google Search Tips to Become Your Spy Agency |last=Zetter |first=Kim |work=Wired Magazine |date=May 9, 2013 |access-date=June 7, 2024 |archive-date=March 22, 2014 |archive-url=https://web.archive.org/web/20140322033915/http://www.wired.com/threatlevel/2013/05/nsa-manual-on-hacking-internet |url-status=live }}</ref>

=== Patents ===
NSA can file for a patent from the [[U.S. Patent and Trademark Office]] under [[gag order]]. Unlike normal patents, these are not revealed to the public and do not expire. However, if the Patent Office receives an application for an identical patent from a third party, they will reveal the NSA's patent and officially grant it to the NSA for the full term on that date.<ref>{{cite book |last=Schneier|first=Bruce|author-link=Bruce Schneier|title=Applied Cryptography, Second Edition|publisher=[[John Wiley & Sons]] |year=1996|pages=609–610|isbn=978-0-471-11709-4}}</ref>

One of NSA's published patents describes a method of [[geolocation|geographically locating]] an individual computer site in an Internet-like network, based on the [[Latency (engineering)|latency]] of multiple network connections.<ref>{{cite web|publisher=United States Patent and Trademark Office|title=United States Patent 6,947,978 – Method for geolocating logical network addresses|url=http://patft.uspto.gov/netacgi/nph-Parser?Sect2=PTO1&Sect2=HITOFF&p=1&u=%2Fnetahtml%2FPTO%2Fsearch-bool.html&r=1&f=G&l=50&d=PALL&RefSrch=yes&Query=PN%2F6947978|date=September 20, 2005|access-date=July 4, 2008|archive-date=September 4, 2015|archive-url=https://web.archive.org/web/20150904005823/http://patft.uspto.gov/netacgi/nph-Parser?Sect2=PTO1&Sect2=HITOFF&p=1&u=%2Fnetahtml%2FPTO%2Fsearch-bool.html&r=1&f=G&l=50&d=PALL&RefSrch=yes&Query=PN%2F6947978|url-status=dead}}</ref> Although no public patent exists, NSA is reported to have used a similar locating technology called trilateralization that allows real-time tracking of an individual's location, including altitude from ground level, using data obtained from cellphone towers.<ref>{{cite news |url=https://www.nytimes.com/2013/06/09/us/revelations-give-look-at-spy-agencys-wider-reach.html?pagewanted=all |title=How the U.S. Uses Technology to Mine More Data More Quickly |author=[[James Risen]] and [[Eric Lichtblau]] |newspaper=The New York Times |date=June 10, 2013 |access-date=June 13, 2013 |archive-date=June 13, 2013 |archive-url=https://web.archive.org/web/20130613004529/http://www.nytimes.com/2013/06/09/us/revelations-give-look-at-spy-agencys-wider-reach.html?pagewanted=all |url-status=live }}</ref>