CALM DOWN: The NSA Hasn't 'Cracked' Basic Internet Encryption
"Cracking" conveys that they have found a way to break down encryption codes, prime among them being RSA, the cracking of which would lead to the catastrophic collapse of trust in internet communications and transactions.What the
New Snowden documents say NSA can break common Internet encryption http://t.co/DfoS0AynyD- Reuters Top News (@Reuters) September 5, 2013
Revealed: The NSA's secret campaign to crack, undermine Internet encryption http://t.co/HnEsfdCPTM- ProPublica (@ProPublica) September 5, 2013
The New York Times states: "The agency has circumvented or cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems, protects sensitive data like trade secrets and medical records, and automatically secures the e-mails, Web searches, Internet chats and phone calls of Americans and others around the world, the documents show."This latest leak is plenty scary, but it doesn't mean that web encryption is broken. This from Bruce Schneier, cyber security expert, just days ago in Wired:
Whatever the NSA has up its top-secret sleeves, the mathematics of cryptography will still be the most secure part of any encryption system.
It's very probable that the NSA has newer techniques that remain undiscovered in academia. Even so, such techniques are unlikely to result in a practical attack that can break actual encrypted plaintext.Now everyone talks about supercomputers running trillions of passwords a second - called "Brute Force" attacks - but "right now the upper practical limit on brute force is somewhere under 80 bits," reports Schneier.
The least of encryption stands at 128, but most of the internet is phasing out 1024-bit keys in preference for 2048-bit keys. Put simply, brute force might yield a decrypted message once every million years.
There is a dangerous side, however, to what the NSA is doing.Backdoors are something called "exploits," in particular, "zero-day" exploits. Zero-days are exploits that only one party knows about, and the rest of the world doesn't. Backdoors do not allow for streaming information gathering, but rather, targeted exploitation of networks or software, often on a particular user's computer.
The other problem - as has been pointed out several times to Business Insider by tech experts - is that coercing tech companies to install backdoors is essentially baking security weaknesses into software that advertises itself as secure.Another weakening of public trust.
- Best pulse oximeters to keep a check on your SpO2 readings
- Poaching doubled during the lockdown in India due to the 'three F's', and these are the animals most under threat
- Android 12 Developer Preview 3: All the upcoming user-facing features revealed
- These are the hottest fintech and crypto jobs in India right now
- There is a virtual lockdown in the world’s fourth largest automobile market