Featured Articles

Hands on: Nvidia Shield Tablet with Android 5.0

Hands on: Nvidia Shield Tablet with Android 5.0

We broke the news of Nvidia's ambitious gaming tablet plans back in May and now the Shield tablet got a bit…

More...
Nokia N1 Android tablet ships in Q1 2015

Nokia N1 Android tablet ships in Q1 2015

Nokia has announced its first Android tablet and when we say Nokia, we don’t mean Microsoft. The Nokia N1 was designed…

More...
Marvell launches octa-core 64-bit PXA1936

Marvell launches octa-core 64-bit PXA1936

Marvell is better known for its storage controllers, but the company doesn’t want to give up on the smartphone and…

More...
TSMC 16nm FinFET Plus in risk production

TSMC 16nm FinFET Plus in risk production

TSMC’s next generation 16nm process has reached an important milestone – 16nm FinFET Plus (16FF+) is now in risk production.

More...
Nvidia GTX 970 SLI tested

Nvidia GTX 970 SLI tested

Nvidia recently released two new graphics cards based on its latest Maxwell GPU architecture, with exceptional performance-per-watt. The Geforce GTX 970…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Friday, 06 September 2013 10:41

NSA has broken commercial encryption techniques

Written by Nick Farrell



Snowden papers revealed

Despite a belief that encrypted documents were safe from the preying eyes of spooks, the NSA has defeated most commercially available encryption techniques. According to documents released by Edward Snowden, the NSA is winning its long-running secret war on encryption, using supercomputers, technical trickery, court orders and behind-the-scenes persuasion to break the system.

The agency has cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems, protects sensitive data like trade secrets and medical records, and automatically secures the e-mails, Web searches, Internet chats and phone calls of Americans.

Since 2000 when encryption systems started to make an appearance the NSA invested billions of dollars in a clandestine campaign to preserve its ability to eavesdrop. It lost a battle in the 1990s to insert its own “back door” in all encryption, but it realised that if it could do the same thing itself. It then had the advantage that everyone was encrypting their messages unaware that the NSA could read them. Sometimes it did not bother. It just hacked into target computers to snare messages before they were encrypted. Companies were often told that they had to handing over their master encryption keys or building in a back door. The NSA also covertly introduced weaknesses into the encryption standards.

There has been a lot off effort in cracking into the Secure Sockets Layer, or SSL; virtual private networks, or VPNs and the protection used on fourth-generation, or 4G, smartphones. But Dave Anderson, senior director at Voltage Security, said that it was unlikely to be the actual encryption that was hit.

Properly implemented strong crypto systems are one of the few things that you can rely on, he said. But he added that it seems likely that any possible way that the NSA might have bypassed encryption was almost certainly due to a flaw in the key management processes that support the use of encryption, rather than through the cryptography itself. He thinks it was only possible if the cryptography that was used to protect the sensitive transactions was improperly implemented through faulty, incomplete or invalid key management processes or simple human error.

“When properly implemented, encryption provides essentially unbreakable security. It’s the sort of security that would take implausibly-powerful supercomputers millions of years to crack. But if it’s carelessly implemented, and the key management processes are not sound, this security can be reduced to the level where a hacker with a mid-market PC can crack in a few hours at most,” he said.

Nick Farrell

E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
blog comments powered by Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments