But, even without that piece of the puzzle, reverse engineering a protocol that doesn't use encryption wouldn't be "extremely difficult". This is not an indication of an inside man.
You're talking about the NSA here, an outfit which has cracked the cryptosystems of foreign governments in a variety of foreign languages, and even cracked a Russian one-time-pad that they had accidental;y used more than once.
I don't think it's very hard at all for them to reverse engineer RPC serialization that is not even encrypted if they can crack cryptosystems.
I'm curious what 1622 represents here. 1622 different protocols, each with their different messages? Seems like a crazy amount. 1622 different message types for authorization? Even that seems like a stretch.
I know how hard it would be, I implement low level protocols (not Google's or of men in black).
I did that for fun and I was (and am) a mediocre programmer at best, the NSA/GCHQ has some of the best talent around I doubt they would find it much of a challenge to this on a bigger more complex protocol.
Unencrypted traffic is (relatively) easy to reverse engineer even without a protocol description (examples, the Samba guys, the Asterix folks) as most protocols are designed to be structured (that is kind of the point of having the protocol).