Skip to main content

View Diary: New NSA Revelation: Encryption Unlocked (365 comments)

Comment Preferences

  •  Kind of light on details (13+ / 0-)

    I would like to know exactly what encryption methods they can actually break within a reasonable amount of time.  Anything short of a one time pad can fall to a brute force attack given the nsa's unlimited computing power and time.

    •  Did you read the linked article? (48+ / 0-)

      The Guardian in its NSA coverage has made a practice of vetting their articles with the security agencies in terms of information that they claim would pose a risk of an immediate threat.

      What concerns me the most is the indication that they are working in collaboration with major tech companies, despite their claims to the contrary.

    •  it sounds like backdoors, primarily (38+ / 0-)

      I've read a bunch of the articles looking for that kind of detail.

      The articles are not reporting that the NSA has broken AES, for example.

      Mostly it's backdoors like getting access to messages before encryption, e.g. in Microsoft, Facebooks, etc., and backdoors in implementations, and a few standards (though not apparently big ones like TLS.) And also stealing encryption keys.

      But they're not reporting that the NSA has broken the major cryptographic algorithms.

      (What makes it tricky is that the reporters almost certainly have no idea what they're writing about.)

      •  That's my sense of it as well.. (23+ / 0-)

        It sounds like they have tried to get copies of the HTTPS certificates - possibly from the certificate authorities themselves, which would allow them to decrypt "endpoint" encryption.

        There is the suggestion that they might have inserted backdoors into several commercial encryption products - if word ever leaks out as to which ones, those products are dead.

        But it isn't clear the extent to which they can crack a key by itself.

        •  A list would be nice. (1+ / 0-)
          Recommended by:
          atana

          I hope that the quality of debate will improve,
          but I fear we will remain Democrats.

          Who is twigg?

          by twigg on Thu Sep 05, 2013 at 07:21:09 PM PDT

          [ Parent ]

        •  They've not tried (0+ / 0-)

          They actually have done just that: get SSL keys and certs directly from issuers.

          Bogus article

          •  cert issuers do not have the keys (1+ / 0-)
            Recommended by:
            ferg

            The only key a certificate issuer ever sees from a holder is the same public key that the holder hands out to anyone who asks.

            What they've done is get keys from the holders that run popular services, and possibly gotten the ability from issuers to forge certificates for other holders to perform MITM attacks.  The latter is more detectable and less likely.

            Ignorance is Curable.

            by skids on Thu Sep 05, 2013 at 09:01:18 PM PDT

            [ Parent ]

            •  I'm aware of that. (1+ / 0-)
              Recommended by:
              peggy

              When I said "issuers," I meant the entities that issue both keys and certs. They don't need to do MITM attack because they have the keys already. They'd ask for the cert from a certificate issuer anyway in case they needed MITM for some reason.

              The main point is that by discrediting HTTPS, our government has dropped a bomb on internet business. Still most people don't seem to realize the immense damage being done to the American economy.

              The article is bogus because they didn't "break" or "unlock" any encryption. They just have the keys before the data is encrypted by subverting the system directly.

              •  terminology is important in this area. (0+ / 0-)

                There is no entity that "issue both keys and certs."  Someone who has the private key for a cert does not "issue" the cert they only "present" it.  These words are used rather precisely in IT.

                Ignorance is Curable.

                by skids on Fri Sep 06, 2013 at 08:16:49 AM PDT

                [ Parent ]

                •  You made the word "entity" (0+ / 0-)

                  singular. Maybe I was not clear enough. Entities that issue keys and entities that create certificates. I've been a systems admin for the past 13 years, so I'm well aware of how basic https works. I believe we are saying the same thing.

        •  No, any client can ask for (5+ / 0-)
          Recommended by:
          sawgrass727, Hey338Too, lotlizard, kharma, ferg

          any HTTPS server's certificate, which does not contain its secret key.

          Are you thinking of the secret SSL keyfile on the server, which has to be under the greatest possible protection? Part of the story is that the NSA has been hacking into servers and grabbing such keyfiles.

          Ceterem censeo, gerrymandra delenda est

          by Mokurai on Thu Sep 05, 2013 at 07:58:56 PM PDT

          [ Parent ]

          •  Which is different from saying public key (1+ / 0-)
            Recommended by:
            Johnny Nucleo

            encryption is compromised.

            Something like Enigmail should work just fine.  It's not the security of the protocols; it's the security of private keys that would be at issue here.

            Quote of the week: "They call themselves bipartisan because they're able to buy members of both parties," (R. Eskow, Campaign for America's Future.)

            by mbayrob on Thu Sep 05, 2013 at 08:24:14 PM PDT

            [ Parent ]

        •  NSA declares war on Silicon Valley (0+ / 0-)

          "There is the suggestion that they might have inserted backdoors into several commercial encryption products - if word ever leaks out as to which ones, those products are dead."

          For example, making HTTPS an insecure method of transmitting financial information will severely damage the companies selling and supporting it. 'Open Source' said my husband as he walked out the door. 'Open Source' won't help the US firms repair the damage because Microsoft/Apple/Google depend on proprietary information for their products.

          Knowing that any US product has been compromised before it was released will provide a bonanza to offshore companies but will not help the American economy.

          Conservation is green energy

          by peggy on Fri Sep 06, 2013 at 10:04:31 AM PDT

          [ Parent ]

      •  Which raises an interesting question (2+ / 0-)
        Recommended by:
        twigg, kharma

        Did they put a backdoor in, for example, OpenSSL? Or GnuPG? Or the open source versions of PGP?

        That's entirely aside from the possibility that they've found a way to crack modern encryption algorithms.....

        ‎"Masculinity is not something given to you, but something you gain. And you gain it by winning small battles with honor." - Norman Mailer
        My Blog
        My wife's woodblock prints

        by maxomai on Thu Sep 05, 2013 at 06:20:07 PM PDT

        [ Parent ]

        •  My understanding of this (2+ / 0-)
          Recommended by:
          ferg, sawgrass727

          is scant.

          However, there appears to be no such thing as an uncrackable code ... what encryption buys is time. Quite a lot of time in some cases.

          Critical to the time is the strength of the pass-phrase, combined with the complexity of the algorithm.

          So I would doubt that they have unraveled AES or any other complex codes, but they might have "backdoors" into commercial products that use them.

          Those algorithms are so complex that they would tie up even their supercomputers for years ... so they have either weakened them or they are still working to weaken them.

          Maybe someone with better knowledge can tell me where I went wrong here.

          I hope that the quality of debate will improve,
          but I fear we will remain Democrats.

          Who is twigg?

          by twigg on Thu Sep 05, 2013 at 07:26:20 PM PDT

          [ Parent ]

        •  No, they cannot put backdoors of that type (7+ / 0-)

          into relatively simple Free/Open Source Software protocols, where the source code is combed through by experts in the security community on every release. There have been backdoors in much more complex server software, both put in by the original developers, and inserted by malware.

          The NSA is on record as being extremely fearful of SSL and GPG encryption. Snowden says that properly implemented encryption is still secure. It is the old and weak encryption methods that are routinely cracked. The Electronic Frontier Foundation, for example, built a DES cracking machine years ago for about a quarter million dollars in order to prove that the NSA must be cracking DES routinely.

          There are effective methods for protecting private encryption keys that should be used by every company offering any form of security, but are not widely-enough deployed. For example, encryption and decryption using a private key should be done on a system with no direct connection to the Internet, and private keys for servers should never be stored on any system directly connected to the Internet.

          Ceterem censeo, gerrymandra delenda est

          by Mokurai on Thu Sep 05, 2013 at 08:22:23 PM PDT

          [ Parent ]

        •  No, more likely is that they put a backdoor in the (0+ / 0-)

          hardware random number generators that most Intel/AMD/ARM CPUs have.  Since most OSes and encryption software will take advantage of the hardware RNG that is how they would compromise OpenSSL and GnuPG.  Of course, you could get around it by disabling hardware RNG support in the kernel so that /dev/random is not based on that.

          You have watched Faux News, now lose 2d10 SAN.

          by Throw The Bums Out on Fri Sep 06, 2013 at 09:40:47 AM PDT

          [ Parent ]

      •  They haven't broken AES (6+ / 0-)

        If they had, the Federal government wouldn't use that algorithm to encrypt their own secure data. Secret data is AES 192, Top Secret is AES 256. Put simply, when the government can crack those with reasonable resources (time, computing power, etc) then they'll stop using them for their own data.

        The article this diary quotes has insufficient details, and I bet the "broken encryption" is really the government's ability to request SSL keys. The takeaway from this article, like all recent revelations, is to stop doing business with American companies.

        •  There are lots of details... (2+ / 0-)
          Recommended by:
          kharma, ferg

          As someone once commented, breaking a communication by breaking the encryption is often very much the hard way.

          There are many others -- if you can compromise a random number genrator that generates session keys (e.g., by limiting its output in substantial ways), you can greatly reduce the number of keys that need to be searched. If the protocol 'leaks' useful data (e.g., key bits) through side-channels (e.g., power usage, processing time, use of related keys, ...), or other methods (probes of various sorts are popular if the encryptor can be encouraged to attempt encryption or decryption of other items using identical or related keys), then that can compromise an actual product that uses ideal encryption.

          Further, protocols can be broken, and accidentally (or otherwise...) permit rapid searches of the keyspace. This has happened recently with some popular products.

          Finally, corruption of the development process is often cheap and easy. Engineers can be bought or bribed, open-source products "fixed".

          There are thousands of dodges, any or all of which may make it much easier to break a crypto-system than to mathematically break the underlying crypto algorithms.

          •  I think the main (1+ / 0-)
            Recommended by:
            peggy

            "side channel" that the NSA uses is purposeful insecurity built into security system by closed sourced software. It's been known for a long time that Microsoft puts weak points in their software, then tells government where they are.

            Similarly, with cryptography algorithms that have  been "broken," in reality the government has just asked the producer to send them the key for data prior to its encryption. Encryption still works, and can still be relied on. What cannot be relied on is software made by closed-source companies in general, and especially if that company is American, Canadian, British, Australian or Kiwi.

            Germany & Switzerland especially, but also Scandinavia, have rather strong data protection laws. In fact all of the EU is better than the rest of the West. For examples, Facebook cannot do facial recognition there, Google & Bing maps have been massively fined and may be banned entirely in places.

            •  Too optimistic? (0+ / 0-)
              Similarly, with cryptography algorithms that have  been "broken," in reality the government has just asked the producer to send them the key for data prior to its encryption.
              What key? Most systems set up keys for each host, customer, and transaction.  Unless there's a backdoor master key of some sort (odd...) this wouldn't make sense.

              Many protocols, however, allow a choice of algorithm to be negotiated. If an older or broken algorithm can be used, it can leak information about keys and allow 'better'/unbroken encryption to be broken.

              Encryption still works, and can still be relied on. What cannot be relied on is software made by closed-source companies in general, and especially if that company is American, Canadian, British, Australian or Kiwi.
              That's certainly true, but French and German agencies have been known or strongly suspected in such activities as well. The GSM standard, in particular, was widely believed to be compromised at the direction of French intelligence agencies. German (and US) authorities were believed to be behind the subversion of a Swiss encryption product some years before that.

              And I'd be careful even about open-source products. Compromises can be very subtle, and there are certainly entities motivated enough to try.

              •  Unless there's a backdoor master key of some sort (0+ / 0-)

                The fact of the matter is, most of the systems that are comprised are sending the keys to government that are subsequently used by some end-user to encrypt data. They get the key before the data is encrypted. This fact means that software companies in the US are in collusion with government.

                •  I don't think you're right. (0+ / 0-)

                  Government doesn't want keys, and I think they largely don't get them.

                  Nor do they want completely broken security. What they want is the illusion of security -- enough crypto-'stuff' there that it is not readily breakable, but with enough holes in it that they can look at things they really want to see.

                  One of the best ways, as I've mentioned, is breaking the random number generator. Real random number generators are quite hard to build (even for experts), and so many products have used 'roll your own' pseudo-random number generators for many years. With a bad PRNG, if you can see or derive or guess information about the numbers it generates, you can subvert products that use it quite easily.

                  This comes because session keys, IVs, some protocol negotiations, &c all use PRNGs for security-sensitive purposes. If a protocol (real or theoretical) leaks some state information about its PRNG such that its internal state can be guessed, even inaccurately, it can cut down the amount of computation required to break encryption enormously.

                  That can be near ideal for a clandestine agency: the protocol looks secure, and may even be provably secure (with a true random number generator), but its behavior in practice can be guessed or established with relatively modest efforts, leading to real, practical decipherment for knowledgeable entities willing to work at it, and more-or-less effective encryption for everyone else.

      •  They could break alot of encryption simply by (0+ / 0-)

        compromising the hardware random number generators in Intel/AMD/ARM/MIPS CPUs.  Remember, a flaw in "random" number generation is how the PS3 was cracked wide open.

        You have watched Faux News, now lose 2d10 SAN.

        by Throw The Bums Out on Fri Sep 06, 2013 at 09:38:48 AM PDT

        [ Parent ]

    •  This document (35+ / 0-)

      here offers some details, although it's not entirely clear how good the capabilities are, but anyway they list TLS/SSL, HTTPS, SSH among others.

      Also some intriguing hints, like "NSA/CSS develops implants to eable a capability against the encryption used in network communications."

      Bruce Scneier, who knows his shit when it comes to encryption, has apparently bee working with Glenn Greenwald on this part of the story.  I'd watch this space for updates.

      "That capability at any time could be turned around on the American people and no American would have any privacy left, such is the capability to monitor everything ... There would be no place to hide." - Senator Frank Church

      by jrooth on Thu Sep 05, 2013 at 02:06:57 PM PDT

      [ Parent ]

      •  from Schneier (50+ / 0-)
        The new Snowden revelations are explosive. Basically, the NSA is able to decrypt most of the Internet. They're doing it primarily by cheating, not by mathematics....

        Remember this: The math is good, but math has no agency. Code has agency, and the code has been subverted.

        •  Cheating to me... (17+ / 0-)

          implies that by one means or another they are stealing copies of private keys/certificates.

          For example, if the NSA has already coerced cooperation from the likes of Google, Microsoft, etc, what is the likelihood that they have also coerced cooperation from some of the large certificate issuing authorities?

          The implication in the article is also that they might be able to steal the certificate by installing targeted malware on the server..

          •  I'm pretty certain that if the NSA (7+ / 0-)

            can coerce companies like Google and Microsoft they can do exactly the same thing with the entities that issue certificates.

            I'll bet they have backdoor access to all the certificate authorities and maintain a database of keys so in most cases decryption is fast and simple. There's no need to use brute force cracking techniques if you have the certificates.

            The only trouble with retirement is...I never get a day off!

            by Mr Robert on Thu Sep 05, 2013 at 03:33:28 PM PDT

            [ Parent ]

            •  That's a live possibility (12+ / 0-)

              There's basically four possible points of compromise: 1. the algorithm, 2. the code that implements the algorithmic code, 3. code piggybacked onto the algorithm code that messages the NSA about key production, and finally, 4. the certificates, .

              1. There are plenty of mathematicians just as smart as the ones at the NSA. And some of them (the black hats) have enormous incentive to crack it. So while it's possible it's the actual algorithms have been broken, it's unlikely that's the NSA's solution.

              2. All the major cryptographic algorithms have public code implementations and public test suites. Code that broke the algorithm would produce anomalies in the public test suites. So it's virtually impossible for that to be the issue.

              3. is basically a massive man-in-the-middle-attack. If the NSA is able to intercept the key exchange that occurs during secure connection initialization, they could message the keys back to their storage facilities, giving them long-term capability to unwind communications on those connections. The trouble is, how do they get those keys back to their facilities without it being obvious to companies/institutions which monitor their web traffic? There are plenty of such that regard the NSA as inimical. So I find it hard to believe this is situation.

              4.  That leaves certificate compromise, which requires nothing more than arm-twisting at a select few institutions.

              Occam's razor strongly suggests it's the certificates.

              "What could BPossibly go wrong??" -RLMiller "God is just pretend." - eru

              by nosleep4u on Thu Sep 05, 2013 at 04:06:55 PM PDT

              [ Parent ]

              •  I think you're on the right track (1+ / 0-)
                Recommended by:
                Demeter Rising

                with option number 3.

                3. is basically a massive man-in-the-middle-attack. If the NSA is able to intercept the key exchange that occurs during secure connection initialization, they could message the keys back to their storage facilities, giving them long-term capability to unwind communications on those connections. The trouble is, how do they get those keys back to their facilities without it being obvious to companies/institutions which monitor their web traffic? There are plenty of such that regard the NSA as inimical. So I find it hard to believe this is situation.
                Given that they have trunk level access to everything, why not just intercept the initial key exchange. Given the Snowden revelations this makes perfect sense.

                The NSA more or less owns the Internet and can easily defeat protocols like HTTP, SSL, etc.

                The only trouble with retirement is...I never get a day off!

                by Mr Robert on Thu Sep 05, 2013 at 07:05:18 PM PDT

                [ Parent ]

                •  security protocols are designed around MITM (1+ / 0-)
                  Recommended by:
                  kharma

                  #3 doesn't happen, because the key exchange itself is encrypted to defend against those attacks.

                  #4 is partially wrong, because the CA doesn't have the private key (which is used in #3.) So they need to steal the individual certificates, not just compromise the CA.

                  He's also missing a more important:

                  #5. backdoors to the plaintext.

                  All the encryption in the world doesn't matter if you have access to the unencrypted data.

                  •  You just don't get it (0+ / 0-)

                    The NSA is sucking up all of these exchanges so #3 still counts.

                    The only trouble with retirement is...I never get a day off!

                    by Mr Robert on Thu Sep 05, 2013 at 07:18:11 PM PDT

                    [ Parent ]

                    •  no, the key exchange is encrypted (0+ / 0-)

                      It doesn't matter if the NSA has the encrypted key exchange. It can't extract the plaintext session key from that exchange.

                      •  So what makes you think the NSA (0+ / 0-)

                        doesn't have what they need to decrypt the key exchange?

                        Remember that the NSA is recording absolutely everything at the wire level.

                        Don't they get every thing they need to know from an earlier exchange?

                        The only trouble with retirement is...I never get a day off!

                        by Mr Robert on Thu Sep 05, 2013 at 08:10:22 PM PDT

                        [ Parent ]

                        •  public/private key cryptography (0+ / 0-)

                          The server's private key (used for key exchange decryption) never leaves the server. So, no, even if the NSA saw all traffic, it would still not know the server's private key, which is why the articles mention the NSA needing to hack and steal keys from servers.

                          •  Bingo (2+ / 0-)
                            Recommended by:
                            kharma, ferg

                            NSA breaks into servers and steals the private keys and that in turn allows them to decrypt absolutely everything.

                            Stay tuned, I'm pretty sure that Snowden and Greenwald will be publishing exactly how they do that or at least how often it's been done and how the keys are used in the overall scheme of things.

                            The only trouble with retirement is...I never get a day off!

                            by Mr Robert on Thu Sep 05, 2013 at 08:27:19 PM PDT

                            [ Parent ]

                        •  No. (2+ / 0-)
                          Recommended by:
                          kharma, ferg

                          The whole point of public-key encryption is that such exchanges are not private -- eavesdroppers are assumed to be a party to all steps of the key exchange/creation.

                          There are still many ways to subvert the process.

                          (1) Key generation depends heavily on the true randomness of a random number generator. If those can be subverted, then searching a keyspace can be enormously simplified. (This has certainly happened and yielded working attacks.)

                          (2) Errors or bugs in the protocol or protocol specification can 'leak' information. Error recovery protocols (often needed for things like cell phones) can permit an attacker to rapidly search a keyspace by sending bad, e.g., reply packets (e.g., modified packets carefully chosen to reveal data) to the source and examining the responses.

                          (3) The standards themselves can be compromised. This was well-known to have occurred with the original GSM cell-phone designs. Worse, there were probably several different government actors (e.g., the French and German gov'ts) acting to compromise the standard.

                        •  No they don't (2+ / 0-)
                          Recommended by:
                          kharma, ferg

                          In answer to your last question, no you do not get everything you need to know by eavesdropping on a connection.  There are a number of algorithms like Diffie–Hellman key exchange that would either require a quantum computer of a size that is not yet buildable, or to actually interfere with the conversation by forging a certificate, the latter option being something that can give you away so it would be used sparingly, not opportunistically.

                          The capabilities against technologies like TLS/HTTPS other than stealing keys are probably referring to oracle-based (not the company) methods like BREACH where the wrappers around the algorithm are doing something unsafe, like compressing the data before encryption when there is known plaintext and the ability of a third party to cause retransmission of manipulated content inside the encryption channel.

                          Ignorance is Curable.

                          by skids on Thu Sep 05, 2013 at 09:25:24 PM PDT

                          [ Parent ]

            •  I don't believe CA's have the private keys... (4+ / 0-)
              Recommended by:
              ferg, Mr Robert, GeoffT, eyesoars

              The just sign the public ones.

              •  Man in the Middle Attack (2+ / 0-)
                Recommended by:
                Flying Goat, mythatsme

                That's what I'm thinking now.

                Given that the NSA has this wire-level access to nearly everything, why not intercept the key exchange and bank them so that you can decrypt packets on the fly.

                The only trouble with retirement is...I never get a day off!

                by Mr Robert on Thu Sep 05, 2013 at 07:08:01 PM PDT

                [ Parent ]

                •  You'd have to compromise the CA's certs, (3+ / 0-)
                  Recommended by:
                  Mr Robert, ferg, mbayrob

                  by one means or another, but once you do that, should work.  Of course, you'd also have to be in the middle.

                  Cert pinning is a potential partial solution for that kind of thing.  If the MITM attack is widespread, instead of against a particular user, it's also possible for the site admins to notice it, if they're sufficiently on the ball.  Google caught Iran doing it, but only when they pinned Google certs to Chrome, so detection can be unlikely, even if you have all the resources of Google.

              •  You sign your CSR with your private key (1+ / 0-)
                Recommended by:
                Flying Goat

                So the CSR (Certificate Signing Request) contains you identifying data including your public key,  but not your private key.  The CA appends their data and their public key, and signs the resulting block with their private key.

                Neither private key is revealed to anybody.

                Quote of the week: "They call themselves bipartisan because they're able to buy members of both parties," (R. Eskow, Campaign for America's Future.)

                by mbayrob on Thu Sep 05, 2013 at 08:39:38 PM PDT

                [ Parent ]

            •  Problem with that (0+ / 0-)

              The issuer of the certificate DOES NOT HAVE ACCESS TO THE PRIVATE KEY UNLESS YOU LET THEM GENERATE THE KEY PAIR FOR YOU.  If they don't have the private key, you don't have a problem.

              A lot of the folks panicking here do not understand how key pair encryption works.  You can compromise a server or a piece of software.  You can use an obsolete method for encryption.  But I'd be very, very skeptical of anybody who says the best practice protocols and algorithms -- which are open to everybody and are well analyzed -- have anything to do with this report.  If this report is valid at all, that is.

              Quote of the week: "They call themselves bipartisan because they're able to buy members of both parties," (R. Eskow, Campaign for America's Future.)

              by mbayrob on Thu Sep 05, 2013 at 08:34:42 PM PDT

              [ Parent ]

          •  Speaking of "implications" (3+ / 0-)
            Recommended by:
            ScienceMom, Demeter Rising, kharma

            The end result of these revelations rather throws some new light on why Lavabit bailed, doesn't it?

            This all started with "what the Republicans did to language".

            by lunachickie on Thu Sep 05, 2013 at 03:34:37 PM PDT

            [ Parent ]

        •  It's notable that Schneier has done a small 180 (4+ / 0-)
          Recommended by:
          kharma, ybruti, mythatsme, Richard Lyon

          In just the space of 2 days.

          I guess he got an eyeful doing technical consultation for the Guardian story.

          Back then he was basically saying "don't worry, be happy, the math is on our side".

          That's still true, but he seems less inclined to trust in it for the time being, because a good hack changes everything, right?

          As a long time reader of his blog, I'd say I haven't ever seen the guy as agitated as he is now, and rightly so.

          The basic foundations cryptos of the internet have been hacked, so forget privacy if you thought that existed at all and now we even have to wonder if PFS has been hacked and should be trashed.

          So much for Google and Facebook fighting back.

          •  Um, ah, no (3+ / 0-)
            Recommended by:
            kharma, peggy, ferg
            The basic foundations cryptos of the internet have been hacked
            I don't think you're understanding the discussion.

            Even Snowden is saying that the foundations are just fine.  The math works.

            Short version:  crypto works fine.  But security on servers that set up for doing crypto often (but do not always) suck.

            Quote of the week: "They call themselves bipartisan because they're able to buy members of both parties," (R. Eskow, Campaign for America's Future.)

            by mbayrob on Fri Sep 06, 2013 at 12:10:24 AM PDT

            [ Parent ]

            •  I understand it well. (3+ / 0-)
              Recommended by:
              kharma, ybruti, Richard Lyon

              Including the fact NSA has obtained keys, and also access to pre-encrypted streams, in addition to the Tier 1 servers they filter by splitting optical feeds.

              Maybe you need to research more and be a little less certain about what you don't know.

              SSL and related VPN cryptos were clearly broken and can be interrogated at will.

              If you think that is trivial, you are entitled to that opinion but experience suggests that provides the gateway to other information just as gaining admin access to a given system does.

              Then you find the keys and other goodies. Then you get the goods.

              That the NSA has compromised thousands of servers internationally is a fact you seem to ignore.

              But if you are so confident, then I guess you have nothing to worry about and can ignore these news items. Don't worry, be happy.

              But it seems Schneier is not so blasé:

              But security experts accused them of attacking the internet itself and the privacy of all users. "Cryptography forms the basis for trust online," said Bruce Schneier, an encryption specialist and fellow at Harvard's Berkman Center for Internet and Society. "By deliberately undermining online security in a short-sighted effort to eavesdrop, the NSA is undermining the very fabric of the internet." Classified briefings between the agencies celebrate their success at "defeating network security and privacy".

              "For the past decade, NSA has lead [sic] an aggressive, multi-pronged effort to break widely used internet encryption technologies," stated a 2010 GCHQ document. "Vast amounts of encrypted internet data which have up till now been discarded are now exploitable."

              An internal agency memo noted that among British analysts shown a presentation on the NSA's progress: "Those not already briefed were gobsmacked!"

              The breakthrough, which was not described in detail in the documents, meant the intelligence agencies were able to monitor "large amounts" of data flowing through the world's fibre-optic cables and break its encryption, despite assurances from internet company executives that this data was beyond the reach of government.

              The fire hose has been tapped for almost 10 years, and now NSA is making great progress to decrypt a larger part of the stream to make it useful, and they have a new data center to store and analyze it.

              Disbelieve it if you wish.

              •  I lack your deep understanding (0+ / 0-)

                All I know is how crypto works, and the programs that are used in actual servers to implement it.  For I am only a programmer and an experienced system administrator.

                Very sorry.  I do not BELIEVE and am cut off from all relevant knowlege.  Or something.

                Quote of the week: "They call themselves bipartisan because they're able to buy members of both parties," (R. Eskow, Campaign for America's Future.)

                by mbayrob on Fri Sep 06, 2013 at 11:26:12 AM PDT

                [ Parent ]

    •  Snowden did not reveal specifically (9+ / 0-)

      which encryption methods have been cracked, but did mention that Microsoft inserted backdoors into its e-mail software.

      I have not used Microsoft e-mail except on employers' systems for decades. Mac first, then Linux as soon as I could.

      Ceterem censeo, gerrymandra delenda est

      by Mokurai on Thu Sep 05, 2013 at 02:39:02 PM PDT

      [ Parent ]

    •  Does this mean you don't believe the article? (1+ / 0-)
      Recommended by:
      kharma

      Or does it mean you simply seek additional information?

      This all started with "what the Republicans did to language".

      by lunachickie on Thu Sep 05, 2013 at 03:33:13 PM PDT

      [ Parent ]

    •  It's clear that the majority of this NSA access (16+ / 0-)

      ...has nothing to do with decryption, and everything to do with wide-open back doors provided by commercial software and services vendors.

      NSA is NOT breaking AES-256.

      I'm betting they're not breaking anything interesting at all (open-source cryptographically speaking). I'm betting they're breaking old, insecure schemes (MS-CHAP, anyone?) and exploiting known security weaknesses in the routers and switches that handle this traffic.

      Bruce Schneier has a terrific couple of articles at The Guardian here and here. You could do a lot worse than to just follow Bruce's commentary on this issue, he's a true internet treasure and security wizard.

      On the moral and ethical responsibilities of us tech geeks:

      One, we should expose. If you do not have a security clearance, and if you have not received a National Security Letter, you are not bound by a federal confidentially requirements or a gag order. If you have been contacted by the NSA to subvert a product or protocol, you need to come forward with your story. Your employer obligations don't cover illegal or unethical activity. If you work with classified data and are truly brave, expose what you know. We need whistleblowers.
      On practical personal strategies:
      5) Try to use public-domain encryption that has to be compatible with other implementations. For example, it's harder for the NSA to backdoor TLS than BitLocker, because any vendor's TLS has to be compatible with every other vendor's TLS, while BitLocker only has to be compatible with itself, giving the NSA a lot more freedom to make changes.
      On a sober, but hopeful note:
      The NSA has turned the fabric of the internet into a vast surveillance platform, but they are not magical. They're limited by the same economic realities as the rest of us, and our best defense is to make surveillance of us as expensive as possible.
      -Jay-
      
      •  I'm sure that this has more nuance (11+ / 0-)

        for cryptography professionals. However, for those of us who have naively been relying on things as they are, it should be a wake up call.  

      •  Great takeaway (3+ / 0-)
        Recommended by:
        kharma, ybruti, JayBat
        our best defense is to make surveillance of us as expensive as possible.
        Have been reading Schneier for years now. I highly recommend him too.
        •  The US makes dollars out of thin air: fiat (0+ / 0-)

          currency.

          The fed gov is not monetarily constrained.

          So, the expense really doesn't matter much.  

          The amount we spend on X and the lack of spending on Y has much more to do with politics than it does with issues of "affordability", as we can afford anything at any time.

          Money is just a social relation, not a limited commodity.

          •  But it's capability is limited: (0+ / 0-)

            1. By the way the fed generates money, they just don't say: Hey gov, have here some billions more ...
            2. By the economy: Too much new money would create considerable inflation.

            "This isn't America" - Zenkai Girl

            by mythatsme on Fri Sep 06, 2013 at 05:23:41 AM PDT

            [ Parent ]

            •  1) Well, pretty much how it does happen. If (0+ / 0-)

              Congress wants to spend money, then there's not much to prevent it.  So it's more:  "I want to spend, so I will spend".

              The mechanics of how a new dollar is born is just mechanics.

              2)  Sure, you can cause inflation.  But that's a separate issue from the ability to create dollars.

              If the economy gets too hot, just remove those excess dollars.

            •  The treasury and the fed reserve work in (0+ / 0-)

              concert to generate new dollars.

               

          •  Why would (1+ / 0-)
            Recommended by:
            JayBat

            the NSA be opposed to funding reductions then? They need money too.

            Actually cracking cryptography is very expensive. What they're doing now is getting plain unencrypted information from most people. Some of the encrypted info is being decrypted because the company that did the encryption (like Microsoft, for example) sends our government the keys before data is encrypted.

      •  You can also got to a Schneier piece from Wired (2+ / 0-)
        Recommended by:
        kharma, J M F

        Here, but in the 2 days since that was written he seems to have lost a little short-term faith in math given the knowledge of NSA hacks he got to analyze as a consultant to The Guardian.

        Basically, as I understand it, fundamental cryptos used for internet transactions have been hacked and if you wanted to be reasonably confident of sending a secure document you would have to rely on a more powerful 128 or 256 bit crypto requiring either (a) a key or (b) a brute force hack, but given the elliptical decryption capabilities NSA seems to have now, that might be a lot less brute force that one assumes.

        It's fair to say NSA isn't decrypting everything, but is is reasonable to suppose:

        1. They can filter a lot more from traffic than people supposed

        2. They have weakened the cryptos used for common internet transactions including your online banking, etc.

        3. If they do decide to decrypt your badass 256 bit code, they might have a reasonable chance of success given their nice tools and software.

        I would not be in a hurry to tell anyone privacy exists. Extraordinary claims need extraordinary proof and I haven't got any that makes the case for internet privacy.

        Oh, greetings from China.

    •  One time pad is an old, old (1+ / 0-)
      Recommended by:
      kharma

      technology (as in hundreds of years old), and I am sure that anyone serious about encrypting their messages is using it.

      Trouble is, it can't be used on a broad scale.  

      •  Thats just a Vernam cipher with a true random key (0+ / 0-)

        Yeah it is impossible to crack provided the secrecy of the keys are never compromised.

        That little caveat would make a lot of ciphers impossible.

        Красота спасет мир --F. Dostoevsky

        by Wisper on Fri Sep 06, 2013 at 10:45:35 AM PDT

        [ Parent ]

    •  Did you read the articles and source data? (1+ / 0-)
      Recommended by:
      kharma

      Go to the Pro Publica article which links some source.

      Details will come out soon enough but if you are really doubting the scope and impact of this I suggest you do a little work yourself first.

      Let me put it this way in simple terms:

      - NSA has crypto keys
      - NSA has hack for common foundation internet cryptos
      - NSA has elliptical hacks to reduce key cracking time

      They do not rely only on brute force, if you think that is the case you are a bit out-dated.

      Some additional articles are linked in my comment in another diary here.

Subscribe or Donate to support Daily Kos.

  • Recommended (125)
  • Community (60)
  • Elections (31)
  • Media (31)
  • Trans-Pacific Partnership (30)
  • 2016 (29)
  • Law (27)
  • Environment (27)
  • Barack Obama (24)
  • Civil Rights (24)
  • Hillary Clinton (23)
  • Culture (23)
  • Republicans (22)
  • Science (21)
  • Climate Change (21)
  • Labor (19)
  • Economy (19)
  • Jeb Bush (18)
  • Josh Duggar (18)
  • Bernie Sanders (17)
  • Click here for the mobile view of the site