Printed from http://www.electronista.com

Snowden: Intelligence services have broken common Internet encryption

updated 07:44 pm EDT, Thu September 5, 2013

NSA has obtained encryption keys both legally, and through extra-legal means

More information provided by intelligence agency document leaker Edward Snowden points to the insecurity of commonly used Internet encryption protocols. Reports circulating today suggest that the NSA can completely decrypt the HTTPS and SSL encryption protocols used in most email clients and other secured Internet services, such as online banking, and e-commerce.

Articles published by The Guardian and The New York Times detail the NSA's efforts to break the encryption throughout the 21st century, initially relying on massive server farms, and inserting people within the development industry to shape the code so that the encryption was easier to break. As early as 2007, the NSA involved itself in the National Institute of Standards and Technology efforts to quantify encryption standards for commercial and governmental use.

A memo from the UK surveillance agency, GCHQ, noted in 2010 that "for the past decade, NSA has led an aggressive, multipronged effort to break widely used Internet encryption technologies. Cryptanalytic capabilities are now coming online. Vast amounts of encrypted Internet data which have up till now been discarded are now exploitable" following successes in decryption and advances in processing power, making translation of secured data essentially routine.

The newly-leaked documents do give the technology companies who vociferously denied involvement some validation -- with encryption keys obtained either through brute force, or by more nefarious (and possibly illegal) means. The New York Times claims that intelligence officials asked it to not publish information about the NSA capabilities, for fear that it may prompt switches to protocols that the agency may not have access to.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

  1. Makosuke

    Forum Regular

    Joined: 08-06-01

    Not shocking, but quite disappointing.

    Time to upgrade to Blowfish, I suppose.

  1. mr100percent

    Forum Regular

    Joined: 12-06-99

    According to Snowden's interview, the government still hasn't broken PGP (which is what he uses). Instead, people more often use easy-to-guess passwords or faulty encryption software that lets them crack it easily. Also, TechCrunch reported that if the NSA can't read your data, they deem it suspicious by default and will hold onto it for a few years in hopes they can one day crack it.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Life n Soul 8 Driver Bluetooth headphones

When it comes to music on the go, consumers generally have some options to consider when looking for the best experience. While Blueto ...

Tesoro Tizona G2N Elite gaming keyboard

The market for gaming keyboards is getting crowded, starting off with some fairly simple keyboards and diverging into the land of modu ...

GX Gaming DeathTaker mouse

Gaming is a serious endeavor for many people, driving them to look for the best performance in their system and interface devices. Fro ...

Sponsor

toggle

Most Commented

 
toggle

Popular News