Printed from http://www.electronista.com

Snowden: Intelligence services have broken common Internet encryption

updated 07:44 pm EDT, Thu September 5, 2013

NSA has obtained encryption keys both legally, and through extra-legal means

More information provided by intelligence agency document leaker Edward Snowden points to the insecurity of commonly used Internet encryption protocols. Reports circulating today suggest that the NSA can completely decrypt the HTTPS and SSL encryption protocols used in most email clients and other secured Internet services, such as online banking, and e-commerce.

Articles published by The Guardian and The New York Times detail the NSA's efforts to break the encryption throughout the 21st century, initially relying on massive server farms, and inserting people within the development industry to shape the code so that the encryption was easier to break. As early as 2007, the NSA involved itself in the National Institute of Standards and Technology efforts to quantify encryption standards for commercial and governmental use.

A memo from the UK surveillance agency, GCHQ, noted in 2010 that "for the past decade, NSA has led an aggressive, multipronged effort to break widely used Internet encryption technologies. Cryptanalytic capabilities are now coming online. Vast amounts of encrypted Internet data which have up till now been discarded are now exploitable" following successes in decryption and advances in processing power, making translation of secured data essentially routine.

The newly-leaked documents do give the technology companies who vociferously denied involvement some validation -- with encryption keys obtained either through brute force, or by more nefarious (and possibly illegal) means. The New York Times claims that intelligence officials asked it to not publish information about the NSA capabilities, for fear that it may prompt switches to protocols that the agency may not have access to.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

  1. Makosuke

    Forum Regular

    Joined: 08-06-01

    Not shocking, but quite disappointing.

    Time to upgrade to Blowfish, I suppose.

  1. mr100percent

    Forum Regular

    Joined: 12-06-99

    According to Snowden's interview, the government still hasn't broken PGP (which is what he uses). Instead, people more often use easy-to-guess passwords or faulty encryption software that lets them crack it easily. Also, TechCrunch reported that if the NSA can't read your data, they deem it suspicious by default and will hold onto it for a few years in hopes they can one day crack it.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

SMS Audio Sync Sport on-ear headphones

When hitting the gym or going out for a trail run, headphones can cause a number of problems. From the ear buds getting slimy with swe ...

Adesso Xtream S3B Bluetooth speaker

Finding a speaker purpose-built for a specific need is challenging. Even when a Bluetooth speaker can be paired with a mobile device, ...

JBL Synchros E40BT headphones

For all the different configurations of headphones on the market, it's always a tough choice for buyers to get something that is just ...

Sponsor

toggle

Most Commented

 
toggle

Popular News