Intelligence Black Budget Reveals Major Focus By NSA On Cracking Encryption

from the how-safe-is-your-encryption dept

There are lots of people digging through the latest Ed Snowden leaks concerning the black budget for intelligence activities in the US trying to pick out various nuggets. Over at Wired, Kevin Poulsen has found one of the most interesting tidbits, highlighting how James Clapper cheers on the "groundbreaking cryptanalytic capabilities to defeat adversarial cryptofgraphy and exploit internet traffic." In short, the NSA has gotten pretty good at breaking encrypted communications. Encryption is a strong protector, but can be broken -- and that's always been a part of the NSA's mission: code-breaking. But, there have long been questions about to what level the NSA can break today's popular encryption standards. What today's leaks show is that they're apparently pretty successful and are spending more and more money on it:
The pie chart above? That's $11 billion and it employes 35,000 people. Breaking your encryption. As Poulsen notes, James Bamford (who has followed the NSA closely for years) revealed last year that the NSA had recently made an "enormous breakthrough" in cryptanalysis, and this should raise some questions about just how secure various forms of encryption really are today.

Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Andrew D. Todd, 30 Aug 2013 @ 11:51am

    Slowly Delivered Key, Rapidly Delivered Message. (to: Richard, #27)

    Here is an observation: if you know someone well enough to have secrets with them, you can generally arrange to transmit symmetric (private) cipher keys by other means than electronic communications.

    For example, Laura Poitras, in Germany, can find, say, twenty different people who travel back and forth between Germany and Brazil, by various routes, and who are willing to hand-carry a letter to Glen Greenwald. Ideally, many of these couriers should be persons of such repute and standing that interfering with them has major ramifications (eg. people with diplomatic status). Others should be totally obscure people, recruited by circuitous methods, typically students (eg. a young man whose girlfriend's brother is one of Laura Poitras's disciples, and who is doing it for his girlfriend, not for any political conviction). Each letter contains one or more unique symmetric (private) cipher keys, of abundant strength. On receipt of these twenty letters, or such of them as have not been intercepted and seized or destroyed, Glen Greenwald can XOR the keys together to form a key which is at least as secure as the key which was most securely transmitted. He can disclose publicly which keys he is using, to be sure that the message gets back to Laura Poitras. The requisite key strength can be obtained by multiple passes of multiple different ciphers, with a different key for each pass. It ought to be possible to get 500 bits effective strength without too much difficulty. Alternately a "letter" could always include a DVD or a memory stick, in which case a once-only-cipher might be feasible. It's all a question of how paranoid you feel.

    http://security.stackexchange.com/questions/2900/doubling-up-or-cycling-encryption-algorith ms
    http://en.wikipedia.org/wiki/Triple_DES
    http://en.wikipedia.org/wiki/Meet-in-the-middle_attack

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Insider Shop - Show Your Support!

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.