|
|
How is NSA breaking so much crypto? - TechAmok
How is NSA breaking so much crypto? - [security]
09:02 AM EDT - Oct,18 2015 - post a comment There have been rumors for years that the NSA can decrypt a significant fraction of encrypted Internet traffic. In 2012, James Bamford published an article quoting anonymous former NSA officials stating that the agency had achieved a 'computing breakthrough' that gave them 'the ability to crack current public encryption.' The Snowden documents also hint at some extraordinary capabilities: they show that NSA has built extensive infrastructure to intercept and decrypt VPN traffic and suggest that the agency can decrypt at least some HTTPS and SSH connections on demand. However, the documents do not explain how these breakthroughs work.
The key is, somewhat ironically, Diffie-Hellman key exchange, an algorithm that we and many others have advocated as a defense against mass surveillance. Diffie-Hellman is a cornerstone of modern cryptography used for VPNs, HTTPS websites, email, and many other protocols. Our paper shows that, through a confluence of number theory and bad implementation choices, many real-world users of Diffie-Hellman are likely vulnerable to state-level attackers.
For the nerds in the audience, here's what's wrong: If a client and server are speaking Diffie-Hellman, they first need to agree on a large prime number with a particular form. There seemed to be no reason why everyone couldn't just use the same prime, and, in fact, many applications tend to use standardized or hard-coded primes. But there was a very important detail that got lost in translation between the mathematicians and the practitioners: an adversary can perform a single enormous computation to “crack” a particular prime, then easily break any individual connection that uses that prime.
How enormous a computation, you ask? Possibly a technical feat on a scale (relative to the state of computing at the time) not seen since the Enigma cryptanalysis during World War II. Even estimating the difficulty is tricky, due to the complexity of the algorithm involved, but our paper gives some conservative estimates. For the most common strength of Diffie-Hellman (1024 bits), it would cost a few hundred million dollars to build a machine, based on special purpose hardware, that would be able to crack one Diffie-Hellman prime every year.
Would this be worth it for an intelligence agency? Since a handful of primes are so widely reused, the payoff, in terms of connections they could decrypt, would be enormous. Breaking a single, common 1024-bit prime would allow NSA to passively decrypt connections to two-thirds of VPNs and a quarter of all SSH servers globally. Breaking a second 1024-bit prime would allow passive eavesdropping on connections to nearly 20% of the top million HTTPS websites. In other words, a one-time investment in massive computation would make it possible to eavesdrop on trillions of encrypted connections.
|
|
Add your comment (free registrationrequired)
Short overview of recent news articles |
|
Jul,28 2025 HW News - Gigabyte's Motherboard Mess, Linux Gains Market Share, Jul,27 2025 Samsung Z Fold 7 Durability Test - The End is Near Jul,27 2025 Silent Night, Deadly Night - Exclusive Trailer Jul,27 2025 I Bought a Giant Video Wall on Craigslist! Jul,26 2025 My Turn: Lamborghini Revuelto // Nurburgring Jul,26 2025 F1: Qualifying Highlights | 2025 Belgian Grand Prix Jul,26 2025 F1: Sprint Qualifying Highlights | 2025 Belgian Grand Prix Jul,26 2025 I am biased against this laptop - Razer Blade 18 Jul,26 2025 PRISONER OF WAR - Official Trailer | Starring Scott Adkins | In Jul,24 2025 Battlefield 6 reveal trailer Jul,22 2025 Samsung Galaxy Z Fold 7 - Two Week Review Jul,21 2025 Killer 4K 240Hz QD-OLED for just £750: MSI MPG 272URX Jul,20 2025 LAMBORGHINI URUS *STAGE 1* // REVIEW on AUTOBAHN Jul,20 2025 THE BEST VW GOLF GTI I've Driven! Proper ClubSport Jul,19 2025 Intel Core Ultra 9 275HX vs AMD Ryzen 9 9955HX - Which CPU is Best? Jul,18 2025 LAMBORGHINI REVUELTO V12 // 370KMH REVIEW on UNLIMITED AUTOBAHN! Jul,18 2025 Mortal Kombat II - Official Trailer Jul,17 2025 Stranger Things 5 - Official Teaser Jul,14 2025 Google Is Selling Fake Products - WAN Show July 11, 2025 Jul,12 2025 Hacked by playing Call of Duty WW2 on Gamepass? Jul,12 2025 2025 VW Golf GTE // TOP SPEED REVIEW on AUTOBAHN Jul,11 2025 NEW Audi RS3 v cheapest used RS3: DRAG RACE Jul,10 2025 A critical security vulnerability in Microsoft Remote Desktop Client Jul,10 2025 Samsung Z Fold/Flip 7 Impressions: Major Upgrades! Jul,08 2025 Gmail's latest feature helps you get rid of those pesky emails from Jul,06 2025 I'm an idiot and still made top 5... here's how Jul,05 2025 The Fantastic Four: First Steps - Official 'Lift Off' Teaser Jul,04 2025 Samsung Galaxy Z Fold 7 - Hands on Look Jul,04 2025 RTX 5070 Ti vs RTX 5080 - Is 5080 Gaming Laptop Worth More $$$? Jul,04 2025 FIRST DRIVE: Praga Bohema - Crazy Hypercar Driven! Jul,03 2025 Ballerina - Exclusive John Wick Deleted Scene (2025) Keanu Reeves, Jul,03 2025 Call of Duty: WWII - Remote Code Execution Warning (PC Game Pass) Jul,02 2025 1014HP Lamborghini REVUELTO 369KMH TOP SPEED POV on AUTOBAHN Jul,01 2025 Nvidia Drivers (V 576.80 vs V 576.88) - Test In 12 Games - RTX 4060 Jun,30 2025 AMD Adrenalin 25.6.3 Driver Is Available Jun,30 2025 NVIDIA GeForce RTX 5080 SUPER Could Feature 24 GB Memory, Increased Jun,29 2025 Guess What Nvidia Did THIS Time Jun,28 2025 The 10 Best Dinosaur Movies of All Time Jun,28 2025 Microsoft officially confirms that Windows 11 version 25H2 is coming Jun,26 2025 Eddington - Official Trailer 2 (2025) Joaquin Phoenix, Pedro Pascal
>> News Archive <<
| |
|
