Secret Pakistan Document Undermines Espionage Case Against Imran Khan
A crucial document from Pakistan's Inter-Services Intelligence agency, or ISI, undermines a major plank in the high-profile prosecution of the country's former prime minister, Imran Khan.
Khan remains behind bars while he faces trial for allegedly mishandling a secret document, known as a cypher, which the prosecution claims compromised the integrity of the encrypted communication system used by the state's security apparatus. But according to an ISI analysis leaked to The Intercept, that claim is entirely false. Internally, the agency concluded that the leak of the text of a cypher could in no way compromise the integrity of the system, an assessment contrary to public claims made repeatedly by prosecutors.
The main charge against Khan relates to his handling of a diplomatic cable describing a key meeting in March 2022 between U.S. and Pakistani officials in Washington. Khan, while prime minister, had repeatedly alluded to the existence of a cypher that outlined U.S. pressure on Pakistan to remove him from power in a vote of no confidence. Though he never disclosed its full contents, at times, in public speeches, he quoted statements recorded in it from U.S. officials promising to reward Pakistan for his ouster. At one rally, Khan even waved what he said was the printed text of the document, without revealing its exact contents.
Prosecutors assert that Khan damaged Pakistani national security by exposing the text of this encrypted document, contents they say could potentially be used by rival intelligence agencies to crack the code of a wide range of other secret Pakistani communications. A criminal complaint against Khan alleges that he compromised the entire cypher security system of the state and secret communication method of Pakistani missions abroad," through his alleged mishandling of the cypher. The former prime minister faces up to 10 years in prison if found guilty under Pakistan's Official Secrets Act and could face the death penalty if charged with treason in the case.
On August 9, 2023, The Intercept published the text of the cypher outlining U.S. pressure against Pakistan to remove Khan. Shortly afterward, Pakistan's own intelligence agency issued an assessment addressing the very question of how damaging publishing such a text would be.
The internal conclusion of the ISI was crystal clear: No threat to Pakistan's encryption existed.
Pakistan did not respond to a request for comment.
On August 11, two days after The Intercept story was published, an internal request for information was sent to the ISI by the Ministry of Foreign Affairs. The question at hand: Does the revelation of the plain text of such a cypher compromise the integrity of the system's encryption? The response, filed by the Inter-Services Intelligence Secretariat under the heading ISI-Policy Matters, and titled Breach of Crypto Security," determined that contrary to the present charges against Khan, revealing the text of a cypher poses no risk to the government's encrypted communications network. If plain text of an encrypted message (cryptogram) ... is leaked it has no effect on security of encryptor," the analysis, which was filed on August 23, concludes. Leakage of a plain text message does not compromise the algorithm."
Concern about the security of an encryption system is not entirely unfounded. Some encryption systems can theoretically be compromised by what is known as a plaintext attack," in which an attacker has access to a copy of both the plain and encrypted versions of a document's text and can use the two versions to determine the encryption system.
But the spy agency's conclusion in the days following The Intercept's publication of the secret cypher was that the disclosure of the short piece of text alone - without the encryption key - did not pose a risk.
If plain text of an encrypted message (cryptogram) using DTE is leaked, it has no effect on security of the encryptor due to following," the analysis reads, referring to an offline encryption device."
The encryption algorithm," it goes on to explain, is designed with an assumption that the plain/cipher text pairs and algorithms are known to the adversary, the security lies in the secrecy of the key. Therefore leakage of a plain text message does not compromise the algorithm."
According to the agency's own analysis, to launch a plaintext attack an adversary would need a minimum of 2256 bits of plain/cipher text data encrypted with the same key" to figure it out. That would be an amount of text that exceeds not just the length of Khan's diplomatic cable, but also the total amount of digital storage space available worldwide. In other words, there was never any risk whatsoever that publishing the contents of the cypher could allow an adversary to crack the state's encryption system.
Not Compromised"The cypher published by The Intercept deals with a March 7, 2022, meeting between a senior State Department official, Donald Lu, and Pakistan's then-ambassador to the U.S. The document describes a tense meeting in which State Department officials expressed their concerns about Khan's stance on the Russian invasion of Ukraine and threatened that Pakistan could face isolation from the U.S. and European allies. According to the cable, Lu tells the Pakistani ambassador that all will be forgiven" if Khan were removed from power by a vote of no confidence.
The day after the meeting described in the cypher, on March 8, 2022, Khan's opponents in Parliament moved forward with a key procedural step toward a no-confidence vote against him - a vote largely seen as having been orchestrated by Pakistan's powerful military establishment. A month later, Khan was ousted from power, time during which he tried to blow the whistle on U.S. involvement in his removal.
Khan had said that the meeting detailed in the cypher showed proof of a U.S.-led conspiracy against his government. The text of the document published in August 2023 by The Intercept broadly validated his account of that meeting, with portions of it matching word for word what little Khan had quoted from it. (The cypher was leaked to The Intercept by a source within Pakistan's military, not by Khan.)
Khan, according to prosecutors, did not declassify the cypher document while in office, even as it had become a major part of his battle for political survival. At several points while he was in power, representatives of other branches of the government expressed opposition to declassifying the document, including at a critical March 30 cabinet meeting, arguing that revealing the text of the document would compromise Pakistan's national security.
Khan's former foreign secretary echoed these claims, saying that Khan's government discussed revealing the full text to quiet critics who said he was fabricating the U.S. pressure, but had been informed that doing so might endanger Pakistan's encrypted communication systems. A probe by Pakistan's Federal Investigation Agency this November into Khan's handling of the document also cited a former aide to the prime minister, Azam Khan, who reportedly told investigators that he warned that the cipher was a decoded secret document and its contents could neither be disclosed nor be discussed in public."
The allegation that Khan undermined the cryptographic security now forms a major part of state security charges against the former prime minister, who remains Pakistan's most popular politician. A conviction on the charges would likely prevent Khan from being able to contest future elections, including those expected early next year.
Smoke from a fire billows during a protest by angry supporters of Pakistan's former Prime Minister Imran Khan as police fire tear gas to disperse them after the arrest of Khan, in Peshawar, Pakistan, on May 9, 2023.Photo: Muhammad Sajjad/APRegime Change" Cypher
The scandal over the cypher and Khan's claim that it described a regime change" conspiracy has gripped Pakistan since his removal from power in 2022. In public statements, Khan had claimed that attempts had been made by foreign powers to influence our foreign policy from abroad." After his removal the U.S. subsequently assisted Pakistan in obtaining a generous IMF loan, while Pakistan began producing ammunition for the war in Ukraine. Khan had sought to keep Pakistan neutral in the conflict, a stance the State Department had angrily objected to in the meeting described in the cypher.
Following Khan's removal, Pakistan has been gripped by a series of political, economic, and security crises. The country has experienced record-breaking inflation, social unrest, and a wave of terrorist attacks by the Pakistani Taliban. Pakistan's current army chief, Gen. Asim Munir, visited the U.S. last week to build ties with U.S. policymakers, even as the country continues to be nominally led by a civilian caretaker government.
Khan was arrested on August 5, 2023, after being sentenced to three years in prison over a politically dubious corruption case. That conviction was suspended by the High Court later that month, yet he has remained behind bars ever since thanks to subsequent charges made against him over his handling of the cypher.
Khan's lawyers have criticized his jailing as illegal and unconstitutional. Legal proceedings against him have been mired in secrecy, legal irregularities, and accusations of abuse, including violations of his privacy while imprisoned. Khan's trial has been under strict controls that have impeded media coverage. During his imprisonment, supporters of his party, the Pakistan Tehreek-e-Insaf, continue to hold large rallies in the country despite attempts at government suppression.
After a long delay, Pakistan is expected to hold elections early next year, though Khan, who polls show would likely win a free vote, is unlikely to participate thanks to his compounding legal challenges. Prominent among these is the charge that Khan's alleged mishandling of the cypher document risked compromising Pakistan's encryption systems - notwithstanding the ISI's own internal conclusion that no such risk existed.
While his state secrets trial continues, there is no public indication that the ISI has turned this exculpatory evidence over to Khan's defense team.
The post Secret Pakistan Document Undermines Espionage Case Against Imran Khan appeared first on The Intercept.