Featured Articles

Snapdragon 400 is Qualcomm’s SoC for watches, wearables

Snapdragon 400 is Qualcomm’s SoC for watches, wearables

We wanted to learn a bit more about Qualcomm's plans for wearables and it turns out that the company believes its…

More...
Qualcomm sampling 20nm Snapdragon 810

Qualcomm sampling 20nm Snapdragon 810

We had a chance to talk to Michelle Leyden-Li, Senior Director of Marketing, QCT at Qualcomm and get an update on…

More...
EVGA GTX 970 SC ACX 2.0 reviewed

EVGA GTX 970 SC ACX 2.0 reviewed

Nvidia has released two new graphics cards based on its latest Maxwell GPU architecture. The Geforce GTX 970 and Geforce GTX…

More...
Nvidia GTX 980 reviewed

Nvidia GTX 980 reviewed

Nvidia has released two new graphics cards based on its latest Maxwell GPU architecture. The Geforce GTX 970 and Geforce GTX…

More...
PowerColor TurboDuo R9 285 reviewed

PowerColor TurboDuo R9 285 reviewed

Today we will take a look at the PowerColor TurboDuo Radeon R9 285. The card is based on AMD’s new…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Friday, 06 September 2013 10:41

NSA has broken commercial encryption techniques

Written by Nick Farrell



Snowden papers revealed

Despite a belief that encrypted documents were safe from the preying eyes of spooks, the NSA has defeated most commercially available encryption techniques. According to documents released by Edward Snowden, the NSA is winning its long-running secret war on encryption, using supercomputers, technical trickery, court orders and behind-the-scenes persuasion to break the system.

The agency has cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems, protects sensitive data like trade secrets and medical records, and automatically secures the e-mails, Web searches, Internet chats and phone calls of Americans.

Since 2000 when encryption systems started to make an appearance the NSA invested billions of dollars in a clandestine campaign to preserve its ability to eavesdrop. It lost a battle in the 1990s to insert its own “back door” in all encryption, but it realised that if it could do the same thing itself. It then had the advantage that everyone was encrypting their messages unaware that the NSA could read them. Sometimes it did not bother. It just hacked into target computers to snare messages before they were encrypted. Companies were often told that they had to handing over their master encryption keys or building in a back door. The NSA also covertly introduced weaknesses into the encryption standards.

There has been a lot off effort in cracking into the Secure Sockets Layer, or SSL; virtual private networks, or VPNs and the protection used on fourth-generation, or 4G, smartphones. But Dave Anderson, senior director at Voltage Security, said that it was unlikely to be the actual encryption that was hit.

Properly implemented strong crypto systems are one of the few things that you can rely on, he said. But he added that it seems likely that any possible way that the NSA might have bypassed encryption was almost certainly due to a flaw in the key management processes that support the use of encryption, rather than through the cryptography itself. He thinks it was only possible if the cryptography that was used to protect the sensitive transactions was improperly implemented through faulty, incomplete or invalid key management processes or simple human error.

“When properly implemented, encryption provides essentially unbreakable security. It’s the sort of security that would take implausibly-powerful supercomputers millions of years to crack. But if it’s carelessly implemented, and the key management processes are not sound, this security can be reduced to the level where a hacker with a mid-market PC can crack in a few hours at most,” he said.

Nick Farrell

E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
blog comments powered by Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments