It’s been nearly three months since Edward Snowden started telling the world about the National Security Agency’s mass surveillance of global communications. But the latest disclosures, by the Guardian, New York Times, and ProPublica are perhaps the most profound yet: the N.S.A. and its partner agency in the United Kingdom, the Government Communications Headquarters, possess significant capabilities to circumvent widely used encryption software in order to access private data.
Encryption poses a problem for intelligence agencies by scrambling data with a secret code so that even if they, or any other third-party, manages to capture it, they cannot read it—unless they possess the key to decrypt it or have the ability to crack the encryption scheme. Encryption has become only more pervasive in the decade since the N.S.A.’s “aggressive, multipronged effort to break widely used Internet encryption technologies” began in 2000. When you log into Gmail or Facebook, chat over iMessage, or check your bank account, the data is typically encrypted. This is because encryption is vital for everyday Web transactions; if for instance, you were to log in to your Gmail account using a park’s open wireless network and your username and password were transmitted in plain form, without being encrypted, your credentials could potentially be captured by anyone using that same network.
Both the Times and the Guardian write that the N.S.A. and the G.C.H.Q. have “cracked much of the encryption” on the Web. But we don’t know precisely how much: the Times writes that the “full extent of the N.S.A.’s decoding capabilities is known only to a limited group of top analysts from the so-called Five Eyes: the N.S.A. and its counterparts in Britain, Canada, Australia and New Zealand.” But it deploys “custom-built, superfast computers to break codes,” and it works with “technology companies in the United States and abroad to build entry points into their products.”
While the Times and the Guardian do not make clear precisely which encryption schemes the N.S.A. and its partners have rendered effectively useless—and which companies the agency has partnered with—there are some hints about what the N.S.A. has accomplished with Bullrun, its project to defeat network encryption.
The N.S.A. has apparently possessed “groundbreaking capabilities” against encrypted voice and text communication since 2010, which the Guardian says made “‘vast amounts’ of data collected through internet cable taps newly ‘exploitable.’” The N.S.A. appears to have found a way around some Internet-level encryption protocols that use outdated standards, but are nonetheless ubiquitous: the Guardian writes, “The agency has capabilities against widely used online protocols, such as HTTPS, voice-over-IP and Secure Sockets Layer.” And the Times notes that the “most intensive efforts have focused on the encryption in universal use in the United States, including Secure Sockets Layer, or SSL; virtual private networks, or V.P.N.s; and the protection used on fourth-generation, or 4G, smartphones.” The hypertext transfer protocol (H.T.T.P.) is the basis for Web communication—it’s the “http” in your browser’s address bar. S.S.L. is one of the most common cryptographic protocols on the Web and is supported by nearly all Web sites. (It’s also used by instant-messaging and other programs to secure transmissions over the Internet.) H.T.T.P.S. is essentially the application of the S.S.L. protocol to H.T.T.P., making online services like e-mail and banking secure. A virtual private network enables a user to have a private connection on a public network in which their transmissions are protected. Under normal circumstances, the use of these protocols would shield data from the N.S.A.’s dragnet surveillance of communications.
Cryptographic and security experts have been able to piece together some ideas about the extent of the agency’s capabilities. Mike Janke, the C.E.O. of the encrypted-communications company Silent Circle—which shut down its encrypted e-mail service a few weeks ago—said over the phone that, based on information and literature he has seen, he believes the N.S.A. developed “a massive push-button scale” ability to defeat or circumvent S.S.L. encryption in virtually real time. He added, “the reality of it is that most of the security world has known that lower level encryption—S.S.L., H.T.T.P.S., V.P.N.s—are highly susceptible to being defeated because of their architecture.” Bruce Schneier, who has seen the Snowden documents, wrote that the N.S.A. has circumvented common Web encryption “primarily by cheating, not by mathematics.” Instead of busting the algorithms that power encryption schemes, Schneier is suggesting that the N.S.A. has found a way around it. Matthew Green, a prominent crypto researcher, suggests that the N.S.A. may have compromised the encryption software that implements the algorithms that determine how data is scrambled—in particular, software made by Microsoft and used by many Web servers for encryption. The Times writes that the “the agency maintains an internal database of encryption keys for specific commercial products, called a Key Provisioning Service, which can automatically decode many messages.” Intriguingly, it adds, “independent cryptographers say many are probably collected by hacking into companies’ computer servers, where they are stored.” If the agency possesses the keys, there is no need to crack the encryption algorithm.
Thomas Drake, an N.S.A. whistleblower who was profiled by Jane Mayer in the magazine, said over the phone that he believes the 2010 breakthrough was possibly more dramatic and may refer to the defeat of “some of the main-line encryption” algorithms in wide use, like the R.S.A. algorithm or the Advanced Encryption Standard at 256-bit level. (The length of the key used to encrypt and decrypt information, measured in bits, is one of many aspects of what determines how hard an encryption scheme is to crack: 128-bit encryption is now relatively easy; 2048-bit is much harder.) This kind of capability was hinted at in James Bamford’s piece a year ago about the N.S.A.’s massive new data center in Utah.
The most damning aspect of the new disclosures is that the N.S.A. has worked to make widely used technology less secure. The Times reports that in 2006, the N.S.A. intentionally introduced a vulnerability into an encryption standard adopted by both the National Institute of Standards and Technology and the International Organization for Standardization. This is deeply problematic, Green writes, because the cryptographic industry is “highly dependent on NIST standards.” The N.S.A. also uses its Commercial Solutions Center, which invites companies, including start-ups, to show their technology to the agency under the guise of improving security, in order to “leverage sensitive, cooperative relationships with specific industry partners” and covertly make those products more susceptible to N.S.A.’s surveillance. Schneier, who has reviewed the documents, describes the process thusly: “Basically, the NSA asks companies to subtly change their products in undetectable ways: making the random number generator less random, leaking the key somehow, adding a common exponent to a public-key exchange protocol, and so on.” This is why the N.S.A. specifically asked the Times and Guardian to not publish their articles and the documents detailing the program warn explicitly and repeatedly of the need for secrecy: “Do not ask about or speculate on sources or methods.”
The Times notes that the N.S.A. expects to “gain full unencrypted access to an unnamed major Internet phone call and text service” sometime this year. The Guardian further specifies that it is a “major internet peer-to-peer voice and text communications,” which sounds like it might be Skype—owned by Microsoft and previously named as an N.S.A. partner. Drake said that he was certain that Skype has been “compromised.” And, in one instance, the Times notes that “after the government learned that a foreign intelligence target had ordered new computer hardware, the American manufacturer agreed to insert a back door into the product before it was shipped.” This is worse than the legal mandate the N.S.A. and the F.B.I. pushed for in the nineties to force technology companies to build backdoors into their products, because, as Chris Soghoian, the principal technologist for the American Civil Liberties Union said, “with a secret backdoor you’ll think it’s secure,” rather than simply avoiding the technology. Schneier writes, “My guess is that most encryption products from large U.S. companies have NSA-friendly back doors, and many foreign ones probably do as well.” The pervasive effort to engineer backdoors into commercial technology strikes upon a broader question, raised by Soghoian: “Can we rely on technology provided by corporations with extensive relations with the U.S. government?”
Despite the scope of the N.S.A.’s program, and its apparent success against Internet-level encryption, strong encryption schemes do remain uncracked by the N.S.A, and they are “your best bet” for privacy, said Janke. Pretty Good Privacy, a common encryption program, if used with the latest algorithms, remains safe, he added, as does the encryption used in Z.R.T.P., which is used by Silent Circle’s voice and text products to encrypt communications. Janke believes in their security in large part because “it’s good enough for the government to approve it for their use.” Soghoian says that the “the kind of stuff we need is already available, it’s just not in our browsers and not with Google and Facebook.” (However, in response to the N.S.A. revelations, Google has fast-tracked its plan to encrypt data as it zips between its own data centers to prevent it from being subject to intelligence-agency prying.) Janke notes that on a local level, TrueCrypt, a hard-drive encryption program, along with Apple’s native hard-disk encryption tool both remain unbroken. Though Drake said he would only trust 2048-bit level encryption schemes and that he relies largely on open-source software, he would not reveal how he protects his own communications. “I just don’t want others to know how I protect myself,” he said. “I literally do not trust anything commercial.”
In response to the latest revelations, Representative Rush Holt of New Jersey has introduced a bill, the Surveillance State Repeal Act, which would, among other things, bar the N.S.A. from installing such backdoors into encryption software. While a statement from the Director of National Intelligence, James Clapper—published after the reports by the Times and the Guardian—said that the fact that the N.S.A. works to crack encrypted data was “not news,” Holt said, correctly, that “if in the process they degrade the security of the encryption we all use, it’s a net national disservice.”
The upshot is that it is now known that “the N.S.A. cannot be trusted on the issue of cyber security,” said Soghoian. He continued, “My sincere hope is that the N.S.A. loses its shine. They’re the bad guy; they’re breaking into systems; they’re exploiting vulnerabilities.” It’s conceivable that they have good intentions. And yet, Soghoian continued, “they act like any other hacker. They steal data. They read private communications.” With that methodology, how easy can it be, though, to give the agency the benefit of the doubt? As many have, Thomas Drake compared the worldview of what he calls the “rogue agency” to the total surveillance of George Orwell’s “1984,” in which the only way to escape was “to cower in a corner. I don’t want to live like that. I’ve already lived that and it’s not pleasant.”
Original Article
Source: newyorker.com
Author: Matt Buchanan
Encryption poses a problem for intelligence agencies by scrambling data with a secret code so that even if they, or any other third-party, manages to capture it, they cannot read it—unless they possess the key to decrypt it or have the ability to crack the encryption scheme. Encryption has become only more pervasive in the decade since the N.S.A.’s “aggressive, multipronged effort to break widely used Internet encryption technologies” began in 2000. When you log into Gmail or Facebook, chat over iMessage, or check your bank account, the data is typically encrypted. This is because encryption is vital for everyday Web transactions; if for instance, you were to log in to your Gmail account using a park’s open wireless network and your username and password were transmitted in plain form, without being encrypted, your credentials could potentially be captured by anyone using that same network.
Both the Times and the Guardian write that the N.S.A. and the G.C.H.Q. have “cracked much of the encryption” on the Web. But we don’t know precisely how much: the Times writes that the “full extent of the N.S.A.’s decoding capabilities is known only to a limited group of top analysts from the so-called Five Eyes: the N.S.A. and its counterparts in Britain, Canada, Australia and New Zealand.” But it deploys “custom-built, superfast computers to break codes,” and it works with “technology companies in the United States and abroad to build entry points into their products.”
While the Times and the Guardian do not make clear precisely which encryption schemes the N.S.A. and its partners have rendered effectively useless—and which companies the agency has partnered with—there are some hints about what the N.S.A. has accomplished with Bullrun, its project to defeat network encryption.
The N.S.A. has apparently possessed “groundbreaking capabilities” against encrypted voice and text communication since 2010, which the Guardian says made “‘vast amounts’ of data collected through internet cable taps newly ‘exploitable.’” The N.S.A. appears to have found a way around some Internet-level encryption protocols that use outdated standards, but are nonetheless ubiquitous: the Guardian writes, “The agency has capabilities against widely used online protocols, such as HTTPS, voice-over-IP and Secure Sockets Layer.” And the Times notes that the “most intensive efforts have focused on the encryption in universal use in the United States, including Secure Sockets Layer, or SSL; virtual private networks, or V.P.N.s; and the protection used on fourth-generation, or 4G, smartphones.” The hypertext transfer protocol (H.T.T.P.) is the basis for Web communication—it’s the “http” in your browser’s address bar. S.S.L. is one of the most common cryptographic protocols on the Web and is supported by nearly all Web sites. (It’s also used by instant-messaging and other programs to secure transmissions over the Internet.) H.T.T.P.S. is essentially the application of the S.S.L. protocol to H.T.T.P., making online services like e-mail and banking secure. A virtual private network enables a user to have a private connection on a public network in which their transmissions are protected. Under normal circumstances, the use of these protocols would shield data from the N.S.A.’s dragnet surveillance of communications.
Cryptographic and security experts have been able to piece together some ideas about the extent of the agency’s capabilities. Mike Janke, the C.E.O. of the encrypted-communications company Silent Circle—which shut down its encrypted e-mail service a few weeks ago—said over the phone that, based on information and literature he has seen, he believes the N.S.A. developed “a massive push-button scale” ability to defeat or circumvent S.S.L. encryption in virtually real time. He added, “the reality of it is that most of the security world has known that lower level encryption—S.S.L., H.T.T.P.S., V.P.N.s—are highly susceptible to being defeated because of their architecture.” Bruce Schneier, who has seen the Snowden documents, wrote that the N.S.A. has circumvented common Web encryption “primarily by cheating, not by mathematics.” Instead of busting the algorithms that power encryption schemes, Schneier is suggesting that the N.S.A. has found a way around it. Matthew Green, a prominent crypto researcher, suggests that the N.S.A. may have compromised the encryption software that implements the algorithms that determine how data is scrambled—in particular, software made by Microsoft and used by many Web servers for encryption. The Times writes that the “the agency maintains an internal database of encryption keys for specific commercial products, called a Key Provisioning Service, which can automatically decode many messages.” Intriguingly, it adds, “independent cryptographers say many are probably collected by hacking into companies’ computer servers, where they are stored.” If the agency possesses the keys, there is no need to crack the encryption algorithm.
Thomas Drake, an N.S.A. whistleblower who was profiled by Jane Mayer in the magazine, said over the phone that he believes the 2010 breakthrough was possibly more dramatic and may refer to the defeat of “some of the main-line encryption” algorithms in wide use, like the R.S.A. algorithm or the Advanced Encryption Standard at 256-bit level. (The length of the key used to encrypt and decrypt information, measured in bits, is one of many aspects of what determines how hard an encryption scheme is to crack: 128-bit encryption is now relatively easy; 2048-bit is much harder.) This kind of capability was hinted at in James Bamford’s piece a year ago about the N.S.A.’s massive new data center in Utah.
The most damning aspect of the new disclosures is that the N.S.A. has worked to make widely used technology less secure. The Times reports that in 2006, the N.S.A. intentionally introduced a vulnerability into an encryption standard adopted by both the National Institute of Standards and Technology and the International Organization for Standardization. This is deeply problematic, Green writes, because the cryptographic industry is “highly dependent on NIST standards.” The N.S.A. also uses its Commercial Solutions Center, which invites companies, including start-ups, to show their technology to the agency under the guise of improving security, in order to “leverage sensitive, cooperative relationships with specific industry partners” and covertly make those products more susceptible to N.S.A.’s surveillance. Schneier, who has reviewed the documents, describes the process thusly: “Basically, the NSA asks companies to subtly change their products in undetectable ways: making the random number generator less random, leaking the key somehow, adding a common exponent to a public-key exchange protocol, and so on.” This is why the N.S.A. specifically asked the Times and Guardian to not publish their articles and the documents detailing the program warn explicitly and repeatedly of the need for secrecy: “Do not ask about or speculate on sources or methods.”
The Times notes that the N.S.A. expects to “gain full unencrypted access to an unnamed major Internet phone call and text service” sometime this year. The Guardian further specifies that it is a “major internet peer-to-peer voice and text communications,” which sounds like it might be Skype—owned by Microsoft and previously named as an N.S.A. partner. Drake said that he was certain that Skype has been “compromised.” And, in one instance, the Times notes that “after the government learned that a foreign intelligence target had ordered new computer hardware, the American manufacturer agreed to insert a back door into the product before it was shipped.” This is worse than the legal mandate the N.S.A. and the F.B.I. pushed for in the nineties to force technology companies to build backdoors into their products, because, as Chris Soghoian, the principal technologist for the American Civil Liberties Union said, “with a secret backdoor you’ll think it’s secure,” rather than simply avoiding the technology. Schneier writes, “My guess is that most encryption products from large U.S. companies have NSA-friendly back doors, and many foreign ones probably do as well.” The pervasive effort to engineer backdoors into commercial technology strikes upon a broader question, raised by Soghoian: “Can we rely on technology provided by corporations with extensive relations with the U.S. government?”
Despite the scope of the N.S.A.’s program, and its apparent success against Internet-level encryption, strong encryption schemes do remain uncracked by the N.S.A, and they are “your best bet” for privacy, said Janke. Pretty Good Privacy, a common encryption program, if used with the latest algorithms, remains safe, he added, as does the encryption used in Z.R.T.P., which is used by Silent Circle’s voice and text products to encrypt communications. Janke believes in their security in large part because “it’s good enough for the government to approve it for their use.” Soghoian says that the “the kind of stuff we need is already available, it’s just not in our browsers and not with Google and Facebook.” (However, in response to the N.S.A. revelations, Google has fast-tracked its plan to encrypt data as it zips between its own data centers to prevent it from being subject to intelligence-agency prying.) Janke notes that on a local level, TrueCrypt, a hard-drive encryption program, along with Apple’s native hard-disk encryption tool both remain unbroken. Though Drake said he would only trust 2048-bit level encryption schemes and that he relies largely on open-source software, he would not reveal how he protects his own communications. “I just don’t want others to know how I protect myself,” he said. “I literally do not trust anything commercial.”
In response to the latest revelations, Representative Rush Holt of New Jersey has introduced a bill, the Surveillance State Repeal Act, which would, among other things, bar the N.S.A. from installing such backdoors into encryption software. While a statement from the Director of National Intelligence, James Clapper—published after the reports by the Times and the Guardian—said that the fact that the N.S.A. works to crack encrypted data was “not news,” Holt said, correctly, that “if in the process they degrade the security of the encryption we all use, it’s a net national disservice.”
The upshot is that it is now known that “the N.S.A. cannot be trusted on the issue of cyber security,” said Soghoian. He continued, “My sincere hope is that the N.S.A. loses its shine. They’re the bad guy; they’re breaking into systems; they’re exploiting vulnerabilities.” It’s conceivable that they have good intentions. And yet, Soghoian continued, “they act like any other hacker. They steal data. They read private communications.” With that methodology, how easy can it be, though, to give the agency the benefit of the doubt? As many have, Thomas Drake compared the worldview of what he calls the “rogue agency” to the total surveillance of George Orwell’s “1984,” in which the only way to escape was “to cower in a corner. I don’t want to live like that. I’ve already lived that and it’s not pleasant.”
Original Article
Source: newyorker.com
Author: Matt Buchanan
No comments:
Post a Comment