How National Security Agency (NSA) successfully Broke Trillions of Encrypted Connections
Sourced through Scoop.it from: thehackernews.com
Computer Scientists Alex Halderman and Nadia Heninger have presented a paper at the ACM Conference on Computer and Communications Security that advances the most plausible theory as to how the NSA broke some of the most widespread encryption used on the Internet. According to the paper, the NSA has exploited common implementations of the Diffie-Hellman key exchange algorithm – a common means of exchanging cryptographic keys over untrusted channels – to decrypt a large number of HTTPS, SSH, and VPN connections. Diffie-Hellman – the encryption used for HTTPS, SSH, and VPNs – helps users communicate by swapping cryptographic keys and running them through an algorithm that nobody else knows except the sender and receiver. It is described as secure against surveillance from the NSA and other state-sponsored spies, as it would take hundreds or thousands of years and by them and a nearly unimaginable amount of money to decrypt directly.
However, a serious vulnerability in the way the Diffie-Hellman key exchange is implemented is allowing the intelligence agencies and spies to break and eavesdrop on trillions of encrypted connections.
To crack just one of the extremely large prime numbers of a Diffie-Hellman in the most commonly used 1024-bit Diffie-Hellman keys would take about a year and cost a few hundred Million dollars.
However, according to researchers, only a few prime numbers are commonly used that might have fit well within the agency’s $11 Billion-per-year budget dedicated to “groundbreaking cryptanalytic capabilities.” Since a handful of primes are so widely reused, the payoff, in terms of connections they could decrypt, would be enormous,” said Alex Halderman and Nadia Heninger in a blog post published Wednesday.