[FoRK] [cryptography] regarding the NSA crypto "breakthrough"

Eugen Leitl eugen at leitl.org
Fri Sep 6 01:54:23 PDT 2013


----- Forwarded message from coderman <coderman at gmail.com> -----

Date: Thu, 5 Sep 2013 10:47:10 -0700
From: coderman <coderman at gmail.com>
To: Cypherpunks list <cypherpunks at al-qaeda.net>, cpunks <cypherpunks at cpunks.org>, Discussion of cryptography and related <cryptography at randombit.net>
Subject: [cryptography] regarding the NSA crypto "breakthrough"

of all the no such agency disclosures, this one fuels the most wild speculation.

"""
James Bamford, a veteran chronicler of the NSA, describes the agency
as having made "an enormous breakthrough several years ago in its
ability to cryptanalyze, or break, unfathomably complex encryption
systems employed by not only governments around the world but also
many average computer users". That sounds a lot like saying that the
the spooks have managed to break at least some of the cryptographic
codes that protect everything from secure e-mail to e-commerce.
"""

however, the crypto breakthrough discussed is more mundane:
 deployment of deep packet inspection with SSL/TLS capabilities.[0]

this represents three significant efforts:
1. upgrading physical infrastructure (DPI systems at this scale use
ASICs for processing, not software which can be upgraded on demand.)
2. secret partnerships with service providers to obtain server SSL/TLS
secret keys.
3. key distribution to provision the DPI classifiers/sniffers with
requisite secret keys when updated by service providers.

hence, a "crypto breakthrough" providing unprecedented actionable
visibility into previously opaque streams, with such inspection
occurring at the edges rather than the mothership (where all encrypted
data is sent, decryptable or not...)

these efforts are compartmented, with few aware of how these different
pieces fit together, thus fueling speculation about the nature of this
break.  from a technician point of view, you would notice the new
ability to see inside SSL traffic, but may not understand how it was
done. (e.g. with keys handed over in secret agreement for "reasonable
compensation" and national security, rather than a basement full of
quantum computers breaking web server keys...)



class break in discrete log?  quantum code crackers?
 you've been watching too much Sneakers![1]
;)



0. "SSL: Intercepted today, decrypted tomorrow" , should read "SSL:
Intercepted and decrypted in real-time, almost everywhere"
  http://news.netcraft.com/archives/2013/06/25/ssl-intercepted-today-decrypted-tomorrow.html
 less than a third of a percent of SSL/TLS web traffic uses forward secrecy!


1. "Sneakers" still the best hacker film to date...
  http://www.imdb.com/title/tt0105435/
_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5


More information about the FoRK mailing list