Friendly forums for passionate Dems!
More than 91 million posts since 2001
Home Latest Greatest Videos Forums Hide ads Join up!
Home Latest Greatest
Videos Forums Help
Hide ads Join up!
Latest Discussions»Issue Forums»Editorials & Other Articles»Revealed: the encryption ...
Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

Editorials & Other Articles

Related: About this forum

bemildred

(90,061 posts) Mon Dec 29, 2014, 11:12 AM Dec 2014

Revealed: the encryption tools spies can (and can't) crack

Australia's electronic espionage agency is a partner in a massive United States-led assault on internet security and privacy, according to top secret documents disclosed by former US intelligence contractor Edward Snowden.

The German Der Spiegel magazine has published new disclosures of signals intelligence cooperation between the United States and its "5-eyes" partners – the United Kingdom, Canada, Australia and New Zealand – revealing that the secret agencies have broken most widely-used forms of internet encryption.

Many of the leaked documents are classified top secret, "COMINT" (communications intelligence) and releasable only to "5-eyes" agencies – the US National Security Agency (NSA), the Australian Signals Directorate (ASD), the United Kingdom's Government Communications Headquarters, Canada's Communications Security Establishment and New Zealand's Government Communications Security Bureau.

Intensive efforts to overcome what is described as the "major threat" of "ubiquitous encryption" on the internet have been regularly discussed at top secret "SIGDEV" – signals intelligence development conferences between the "5-eyes" agencies.

http://www.smh.com.au/it-pro/security-it/revealed-the-encryption-tools-spies-can-and-cant-crack-20141229-12f0sh.html

InfoView thread info, including edit history TrashPut this thread in your Trash Can (My DU » Trash Can) BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks) 2 replies, 1117 views
ShareGet links to this post and/or share on social media AlertAlert this post for a rule violation PowersThere are no powers you can use on this post EditCannot edit other people's posts ReplyReply to this post EditCannot edit other people's posts Rec (4) ReplyReply to this post
2 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
Revealed: the encryption tools spies can (and can't) crack (Original Post) bemildred Dec 2014 OP
Tor de farce: NSA fails to decrypt anonymised network bemildred Dec 2014 #1
There is only one type of encryption that is secure PeoViejo Dec 2014 #2

bemildred

(90,061 posts)
1. Tor de farce: NSA fails to decrypt anonymised network
Reply to bemildred (Original post)
Mon Dec 29, 2014, 11:13 AM
Dec 2014

A new round of NSA documents snatched by master blabbermouth Edward Snowden appeared online late on Sunday, revealing spooks' internet security pet hates.

The latest dump of PDFs published by Der Spiegel appeared to show what the Five Eyes surveillance buddies – the USA, the UK, Australia, Canada and New Zealand – see as obstacles posed by internet security protocols.

While it's clear that the docs may well be out of date given that they cover the 2010 to 2012 period, they offer some interesting nuggets about how spies have attempted to break strong encryption online.

An 18-page, redacted file (PDF) dated 13 June 2011, for example, goes into tantalising detail about "A potential technique to deanonymise users of the TOR network".

http://www.theregister.co.uk/2014/12/29/nsa_gchq_internet_security_pet_hates/

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post
 

PeoViejo

(2,178 posts)
2. There is only one type of encryption that is secure
Reply to bemildred (Original post)
Mon Dec 29, 2014, 12:51 PM
Dec 2014

It's called a 'one-time-pad'. Everyone uses it because it works. Anything else is suspect.

https://en.wikipedia.org/wiki/One-time_pad

NSA backdoor in the Dual_EC_DRBG PRNG
Main article: Dual_EC_DRBG

The Guardian and The New York Times have reported that the National Security Agency (NSA) inserted a CSPRNG into NIST SP 800-90A that had a backdoor which allows the NSA to readily decrypt material that was encrypted with the aid of Dual_EC_DRBG. Both papers report[9][10] that, as independent security experts long suspected,[11] the NSA has been introducing weaknesses into CSPRNG standard 800-90; this being confirmed for the first time by one of the top secret documents leaked to the Guardian by Edward Snowden. The NSA worked covertly to get its own version of the NIST draft security standard approved for worldwide use in 2006. The leaked document states that "eventually, NSA became the sole editor." In spite of the known potential for a backdoor and other known significant deficiencies with Dual_EC_DRBG, several companies such as RSA Security continued using Dual_EC_DRBG until the backdoor was confirmed in 2013.[12] RSA Security received a $10 million payment from the NSA to do so.[13]

https://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post
Reply to this discussion
Latest Discussions»Issue Forums»Editorials & Other Articles»Revealed: the encryption ...
Home | Latest Discussions | Greatest Discussions | Latest Videos | All Forums

About | Copyright | Privacy | Terms of service | Contact

In Memoriam

© 2001 - 2024 Democratic Underground, LLC. Thank you for visiting.