Intelligence Black Budget Reveals Major Focus By NSA On Cracking Encryption
from the how-safe-is-your-encryption dept
There are lots of people digging through the latest Ed Snowden leaks concerning the black budget for intelligence activities in the US trying to pick out various nuggets. Over at Wired, Kevin Poulsen has found one of the most interesting tidbits, highlighting how James Clapper cheers on the "groundbreaking cryptanalytic capabilities to defeat adversarial cryptofgraphy and exploit internet traffic." In short, the NSA has gotten pretty good at breaking encrypted communications. Encryption is a strong protector, but can be broken -- and that's always been a part of the NSA's mission: code-breaking. But, there have long been questions about to what level the NSA can break today's popular encryption standards. What today's leaks show is that they're apparently pretty successful and are spending more and more money on it:Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: black budget, encryption, nsa, nsa surveillance, spying, surveillance
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in thread ]
Wow, the farther we fall down the rabbit hole...
The genie is so far out of the bottle, the govt should just give up and come clean already. They're never getting this genie back in there.
[ link to this | view in thread ]
Read more: http://blog.credit.com/2013/08/the-7000-masters-degree-scaring-colleges/#ixzz2dPABS1Fn
[ link to this | view in thread ]
[ link to this | view in thread ]
[ link to this | view in thread ]
[SPOILERS]
The NSA is spying on everyone, saving everything ever sent, and trying to break cryptography everywhere it is. This is news? No, this is history. We've been bullying countries for decades, getting into wars on false premises, obliterating our own middle class, hunting down a benign plant (which happens to be winning), blah blah prison industrial complex, and on and on and on. I mean, seriously, if someone blows up your neighbor for profit and then says 'trust us we will be good,' then explodes the next town over, and then the next country, do you really think they will show some restraint when you come under the microscope? Are these revelations really the kinds of things we should be surprised about?
What I'm trying to say is this: I don't believe for a second that Edward Snowden is genuine. Look up the term 'limited hangout,' and then ask yourself what Snowden has revealed that we didn't already know. The only difference between pre-snowden and post-snowden worlds is that the establishment isn't even bothering with chicanery anymore. They are just out in the open with several contradictions at once, and the masses don't care.
[ link to this | view in thread ]
We're going to need a bigger codec.
Well, I'm embarrassed.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Intel
NSA is getting a Vesuvius or D-Wave Two quantum computing system built into the Utah facility according to this. Quantum computers can rapidly break down public key cryptography since it can quickly factor down large numbers to their respective primes.
I think this means they don't have this capability yet. I wouldn't depend on that as a certainty, though.
So the future is here. And we still need to work out cryptography that, while not necessarily impenetrable, is still a bother enough to make it impossible for the NSA (or for anyone) to engage in deep-packet-analysis of every incident they encounter. Even poor encryption that they have to triage is going to serve to slow their intelligence-gathering efforts.
== == ==
Encrypted with Morbius-Cochrane Perfect Steganographic Codec 1.2.001
accident fungus golf elastic laser fire apple pie chime
[ link to this | view in thread ]
Wait a minute
[ link to this | view in thread ]
Re: Wait a minute
[ link to this | view in thread ]
Re: Intel
[ link to this | view in thread ]
In bed with the enemy
Why is the Washington Post seeking help from the Obama administration on what not to publish? Don't publish anything that would put people's lives in jeopardy, but don't go asking the person whose dirty laundry you're exposing about which bits of laundry to expose.
I think this explains why the Washington Post hasn't been harassed as much as the folks at The Guardian.
[ link to this | view in thread ]
Re: In bed with the enemy
Oh, oh, I know. If we (the government) don't admit it, it does not exist.
[ link to this | view in thread ]
Re: [SPOILERS]
[ link to this | view in thread ]
Wrong kind of quantum computer for that
[ link to this | view in thread ]
That would be delightfully stupid of the NSA, then...
But I would wager that breaking public-key encryption is for what they want a quantum computer, rather than a superfast number cruncher.
[ link to this | view in thread ]
Re: Intel
[ link to this | view in thread ]
Re: Intel
They mistake the order of complexity of the traveling salesman problem as O(2^n), when it is O(n!) or, at best, O(n˛2^n) using the Held-Karp algorithm.
The claims of the capability of the D-Wave 2 system are ridiculous and not at all what D_wave claims. I, personally find the claim:
Enables the computer to completely reconstruct the human brain’s cognitive processes and teach itself how to make better decisions and better predict the future based.
to be especially absurd (I have a degree in psychobiology and am very much interested in brain function and artificial intelligence).
I am sorry to be so dismissive without fully reading the whole website, but it doesn't look like a useful resource.
Given that, it does seem that the NSA is very much interested in quantum computing but this was probably not related to the "enormous breakthrough" in cryptanalysis that Bamford mentioned.
[ link to this | view in thread ]
Oh yes, please, tell me I'm wrong.
I'd really rather cryptanalysis of contemporary cyphers not exceed the rate at which we adopt and standardize new ones, and they seem very eager to decrypt everything with no concern as to who they target.
This isn't going to go away, even if we completely defund the NSA: we end-users need strong encryption, and we need everyone to be in the habit of using it.
It bring back the question of what is the enormous breakthrough.
[ link to this | view in thread ]
Re: Oh yes, please, tell me I'm wrong.
Probably not that significant - but you need to demonstrate some success in order to maintain funding.
[ link to this | view in thread ]
Re: Intel
[ link to this | view in thread ]
Re: Re: Intel
Quantum computing has been ridiculously overhyped. This is especially worrying for those of us who find it interesting because of the inevitable backlash that will follow.
One point of relevance here is that the D wave computer is NOT capable of running Shor's algorithm and hence is not capable of cracking RSA encryption.
[ link to this | view in thread ]
Re: Re: Intel
They will use Quantum Cryptography. Quantum cryptography, done properly, is theoretically unbreakable.
[ link to this | view in thread ]
Old School
When it was no longer considered munitions is when (in my opinion) that the NSA had cracked the RSA encryption standard.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re: Re: Intel
[ link to this | view in thread ]
Slowly Delivered Key, Rapidly Delivered Message. (to: Richard, #27)
For example, Laura Poitras, in Germany, can find, say, twenty different people who travel back and forth between Germany and Brazil, by various routes, and who are willing to hand-carry a letter to Glen Greenwald. Ideally, many of these couriers should be persons of such repute and standing that interfering with them has major ramifications (eg. people with diplomatic status). Others should be totally obscure people, recruited by circuitous methods, typically students (eg. a young man whose girlfriend's brother is one of Laura Poitras's disciples, and who is doing it for his girlfriend, not for any political conviction). Each letter contains one or more unique symmetric (private) cipher keys, of abundant strength. On receipt of these twenty letters, or such of them as have not been intercepted and seized or destroyed, Glen Greenwald can XOR the keys together to form a key which is at least as secure as the key which was most securely transmitted. He can disclose publicly which keys he is using, to be sure that the message gets back to Laura Poitras. The requisite key strength can be obtained by multiple passes of multiple different ciphers, with a different key for each pass. It ought to be possible to get 500 bits effective strength without too much difficulty. Alternately a "letter" could always include a DVD or a memory stick, in which case a once-only-cipher might be feasible. It's all a question of how paranoid you feel.
http://security.stackexchange.com/questions/2900/doubling-up-or-cycling-encryption-algorith ms
http://en.wikipedia.org/wiki/Triple_DES
http://en.wikipedia.org/wiki/Meet-in-the-middle_attack
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]