Featured Articles

IHS teardown reveals Galaxy S5 BOM

IHS teardown reveals Galaxy S5 BOM

Research firm IHS got hold of Samsung’s new flagship smartphone and took it apart to the last bolt to figure out…

More...
Galaxy S5, HTC One M8 available selling well

Galaxy S5, HTC One M8 available selling well

Samsung’s Galaxy S5 has finally gone on sale and it can be yours for €699, which is quite a lot of…

More...
Intel lists Haswell refresh parts

Intel lists Haswell refresh parts

Intel has added a load of Haswell refresh parts to its official price list and there really aren’t any surprises to…

More...
Respawn confirms Titanfall DLC for May

Respawn confirms Titanfall DLC for May

During his appearance at PAX East panel and confirmed on Twitter, Titanfall developer Respawn confirmed that the first DLC pack for…

More...
KFA2 GTX 780 Ti Hall Of Fame reviewed

KFA2 GTX 780 Ti Hall Of Fame reviewed

KFA2 gained a lot of overclocking experience with the GTX 780 Hall of Fame (HOF), which we had a chance to…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Friday, 06 September 2013 10:41

NSA has broken commercial encryption techniques

Written by Nick Farrell



Snowden papers revealed

Despite a belief that encrypted documents were safe from the preying eyes of spooks, the NSA has defeated most commercially available encryption techniques. According to documents released by Edward Snowden, the NSA is winning its long-running secret war on encryption, using supercomputers, technical trickery, court orders and behind-the-scenes persuasion to break the system.

The agency has cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems, protects sensitive data like trade secrets and medical records, and automatically secures the e-mails, Web searches, Internet chats and phone calls of Americans.

Since 2000 when encryption systems started to make an appearance the NSA invested billions of dollars in a clandestine campaign to preserve its ability to eavesdrop. It lost a battle in the 1990s to insert its own “back door” in all encryption, but it realised that if it could do the same thing itself. It then had the advantage that everyone was encrypting their messages unaware that the NSA could read them. Sometimes it did not bother. It just hacked into target computers to snare messages before they were encrypted. Companies were often told that they had to handing over their master encryption keys or building in a back door. The NSA also covertly introduced weaknesses into the encryption standards.

There has been a lot off effort in cracking into the Secure Sockets Layer, or SSL; virtual private networks, or VPNs and the protection used on fourth-generation, or 4G, smartphones. But Dave Anderson, senior director at Voltage Security, said that it was unlikely to be the actual encryption that was hit.

Properly implemented strong crypto systems are one of the few things that you can rely on, he said. But he added that it seems likely that any possible way that the NSA might have bypassed encryption was almost certainly due to a flaw in the key management processes that support the use of encryption, rather than through the cryptography itself. He thinks it was only possible if the cryptography that was used to protect the sensitive transactions was improperly implemented through faulty, incomplete or invalid key management processes or simple human error.

“When properly implemented, encryption provides essentially unbreakable security. It’s the sort of security that would take implausibly-powerful supercomputers millions of years to crack. But if it’s carelessly implemented, and the key management processes are not sound, this security can be reduced to the level where a hacker with a mid-market PC can crack in a few hours at most,” he said.

Nick Farrell

E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
blog comments powered by Disqus

To be able to post comments please log-in with Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments