Slashdot Mirror
NSA Foils Much Internet Encryption
An anonymous reader writes "The New York Times is reporting that the NSA has 'has circumvented or cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems, protects sensitive data like trade secrets and medical records, and automatically secures the e-mails, Web searches, Internet chats and phone calls of Americans and others around the world, the documents show. ... The agency, according to the documents and interviews with industry officials, deployed custom-built, superfast computers to break codes, and began collaborating with technology companies in the United States and abroad to build entry points into their products. The documents do not identify which companies have participated.'" You may prefer Pro Publica's non-paywalled version, instead, or The Guardian's.
Cracking doesn't mean brute force. If you compromise the key, the encryption is just as surely cracked. Chances are what they really mean here is that they've compromised the certificate authorities that are trusted by default by most web browsers. Turns out self signed certificates really are more secure.
GPG and SSH are probably safe as you generate your own keys on the local machine.
Give me Classic Slashdot or give me death!
From ProPublica:
In one case, after the government learned that a foreign intelligence target had ordered new computer hardware, the American manufacturer agreed to insert a back door into the product before it was shipped, someone familiar with the request told The Times.
Who else remembers the debacle about the government no longer purchasing Lenovo computers? I remember some people saying that if the U.S. government is making all this fuss about it, they're probably the ones doing it.
This seems to indicate those people are correct.
"If a nation expects to be ignorant and free in a state of civilization, it expects what never was and never will be."
No need to compromise anything. They just need a single CA to be complicit with a court order to produce a certificate that signs an NSA-provided key for a specific site.
That's what's meant by "compromise".
Self-signed keys are not more secure. If a site goes from a self-signed cert to a signed cert with a different key, most browsers do not display any warning.
If you remove the CAs from your list of trusted certificates, it would display a warning.
Although you can install anti-MITM tools that produce a warning when the key changes, those tools would detect such a government MITM whether you're using a CA-signed cert or a self-signed cert
Unless the NSA is forcing the CAs to compromise every single certificate they offer. They may not be, but it would be foolish to assume that they aren't.
Give me Classic Slashdot or give me death!
The NSA can crack 4096-bit PGP keys? I doubt it. Seems like FUD to dissuade people from even attempting to use encryption
There is no mathematical proof that 4096-bit PGP keys are secure. You can only say that known algorithms cannot find a key in a practical amount of time on known computational hardware.
You don't know if an algorithm exists that would allow the keys to be factored in a short period of time. You also don't know if somebody has developed a practical quantum computer - it is already known that one would allow certain encryption systems to be trivially broken.
For every mathematician publishing articles about cryptography in the public space, there are probably 100 much-better-paid ones publishing articles in internal NSA publications. The NSA is by far the largest employer of mathematicians on earth - and they hire the best and the brightest they can find.
The silver lining in this sad story is that the algorithm used by SSL itself is still unbreakable to the NSA. They wouldn't have needed the keys otherwise. So asymmetric crypto is still sound — if used properly — and privacy-minded people can still use it to communicate...
In Soviet Washington the swamp drains you.
I think at this point it is safe to assume that all US or US ally based commercial software of any kind that is of some value to the NSA/GCHQ has been compromised. I would imagine that this will present a huge advantage to open source software in relevant fields. IMO any software company that allowed such backdoors deserves to go out of business. It also means that commercial anti-virus, firewall, and other security software has to be assumed to be backdoored for the NSA/GCHQ. This also gives Linux a huge advantage because it is not so dependent on high quality security software.
Quite an experience to live in fear, isn't it? That's what it is to be a slave.
Your can configure your HTTPS server to use forward secrecy. Forward secrecy uses one-time keys, generated by between the website and the browser for the single session. Most modern browsers support it. But it generally requires compiling the latest version of OpenSSL and the compiling Apache 2.4.x against that, not using the Apache 2.2.x versions that are standard in most of the Linux distros. More detail also here.
If you set up your webserver this way, and your visitors use the right browsers, they NSA's having good copies of the site's certificates won't gain them much. At least that's what Ivan Risti's saying. On TLS/SSL stuff, there may be no one better.
"with their freedom lost all virtue lose" - Milton