Anonymous Source Claims Feds Demand Private SSL Keys From Web Services

Lauren Weinstein writes "With further confirmation of the longstanding rumor that the U.S. government (and, we can safely assume, other governments around the world) have been pressuring major Internet firms to provide their 'master' SSL keys for government surveillance purposes, we are rapidly approaching a critical technological crossroad. It is now abundantly clear — as many of us have suspected all along — that governments and surveillance agencies of all stripes — Western, Eastern, democratic, and authoritarian, will pour essentially unlimited funds into efforts to monitor Internet communications." If this is true it means that SSL/TLS to any Internet service could be useless — the authorities could simply man-in-the-middle anyone. Without knowing who has given keys over, or if anyone has given keys over... The NSA does claim encryption poses a problem for them, but honesty isn't their best attribute. The source claims that major providers at least have resisted (assuming it is happening), but that smaller companies may have folded to the pressure.

Re:"Main-in-the-middle"?

[TWiTfan]

It's not a "man in the middle" attack. It's the "government on top" attack.

Re:Self signed?

[Sarten-X]

No. When a CA signs a certificate, they don't get the private key used for decryption. They just assert that a particular public key really does belong to who it says.

If the NSA has Verisign's key, for example, they'd be able to do two things:

1. decrypt traffic sent to Versign, which isn't very useful in itself
2. Create and sign their own certificates as though they were Verisign.

The latter is where the man-in-the-middle attack comes in. The NSA can claim to be whoever you're trying to reach, and the certificate will look valid and be trusted by default on any system that trusts Verisign. On the other hand, a self-signed certificate isn't signed by anybody else. The NSA doesn't need anyone else's private keys to make their own and claim to be anyone. The client will see the certificate, ask you if you trust it, and unless you're in the habit of memorizing certificate fingerprints, you won't notice a difference. Once any certificate is trusted (either by default or by your acceptance), your traffic will be sent to (and decrypted by) the certificate holder.

This is actually already a problem. CAs have been compromised, and their stolen credentials have been used to sign certificates claiming to be governments, Microsoft, and other generally-trusted sites. The apparently-trusted certificates are then used to make scams look more legitimate.

Re:How is this "confirmation"?

[Alok]

Do you really expect people to say this publicly, when the most likely consequence is imprisonment and a media circus that paints them as evil villains?

Re:"Main-in-the-middle"?

[lgw]

I chose "the activities of a citizen" as a way to say "what we do, not who we are". Keeping "who we are" records: birth certificates, permits licensing of various kinds, etc, is different in kind from monitoring daily activities. But I'm no lawyer and don't know how to say this better.

Also, why does the government need "census data" beyond a simple headcount? Heck, I'd like to move to an income tax system that's purely a payroll tax (so the government doesn't learn how much any given individual makes, but can still tax our income).

The government collects every bit of information it possibly can, but it's time to start saying "NO! Find a way to do that without spying on us!" It's time for the pendulum to swing the other way.