Printed from http://www.electronista.com

Snowden: Intelligence services have broken common Internet encryption

updated 07:44 pm EDT, Thu September 5, 2013

NSA has obtained encryption keys both legally, and through extra-legal means

More information provided by intelligence agency document leaker Edward Snowden points to the insecurity of commonly used Internet encryption protocols. Reports circulating today suggest that the NSA can completely decrypt the HTTPS and SSL encryption protocols used in most email clients and other secured Internet services, such as online banking, and e-commerce.

Articles published by The Guardian and The New York Times detail the NSA's efforts to break the encryption throughout the 21st century, initially relying on massive server farms, and inserting people within the development industry to shape the code so that the encryption was easier to break. As early as 2007, the NSA involved itself in the National Institute of Standards and Technology efforts to quantify encryption standards for commercial and governmental use.

A memo from the UK surveillance agency, GCHQ, noted in 2010 that "for the past decade, NSA has led an aggressive, multipronged effort to break widely used Internet encryption technologies. Cryptanalytic capabilities are now coming online. Vast amounts of encrypted Internet data which have up till now been discarded are now exploitable" following successes in decryption and advances in processing power, making translation of secured data essentially routine.

The newly-leaked documents do give the technology companies who vociferously denied involvement some validation -- with encryption keys obtained either through brute force, or by more nefarious (and possibly illegal) means. The New York Times claims that intelligence officials asked it to not publish information about the NSA capabilities, for fear that it may prompt switches to protocols that the agency may not have access to.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

  1. Makosuke

    Forum Regular

    Joined: 08-06-01

    Not shocking, but quite disappointing.

    Time to upgrade to Blowfish, I suppose.

  1. mr100percent

    Forum Regular

    Joined: 12-06-99

    According to Snowden's interview, the government still hasn't broken PGP (which is what he uses). Instead, people more often use easy-to-guess passwords or faulty encryption software that lets them crack it easily. Also, TechCrunch reported that if the NSA can't read your data, they deem it suspicious by default and will hold onto it for a few years in hopes they can one day crack it.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Razer Taipan mouse

The list of gaming devices is growing larger with each passing day. A large number of companies have entered the gaming input arena al ...

Cambridge Audio DacMagic XS

Every computer with a microphone or headphone port has one -- a digital to analog converter (DAC). There are nearly as many chipsets a ...

D-Link Wi-Fi Smart Plug

Home automation fans have been getting their fair share of gadgets and accessories in the last few years. Starting with light bulbs, a ...

Sponsor

toggle

Most Commented

 
toggle

Popular News