How NSA successfully Broke Trillions of Encrypted Connections

How National Security Agency (NSA) successfully Broke Trillions of Encrypted Connections

Sourced through from:

Computer Scientists Alex Halderman and Nadia Heninger have presented a paper at the ACM Conference on Computer and Communications Security that advances the most plausible theory as to how the NSA broke some of the most widespread encryption used on the Internet. According to the paper, the NSA has exploited common implementations of the Diffie-Hellman key exchange algorithm – a common means of exchanging cryptographic keys over untrusted channels – to decrypt a large number of HTTPS, SSH, and VPN connections.  Diffie-Hellman – the encryption used for HTTPS, SSH, and VPNs – helps users communicate by swapping cryptographic keys and running them through an algorithm that nobody else knows except the sender and receiver.  It is described as secure against surveillance from the NSA and other state-sponsored spies, as it would take hundreds or thousands of years and by them and a nearly unimaginable amount of money to decrypt directly.

However, a serious vulnerability in the way the Diffie-Hellman key exchange is implemented is allowing the intelligence agencies and spies to break and eavesdrop on trillions of encrypted connections.
To crack just one of the extremely large prime numbers of a Diffie-Hellman in the most commonly used 1024-bit Diffie-Hellman keys would take about a year and cost a few hundred Million dollars.
 However, according to researchers, only a few prime numbers are commonly used that might have fit well within the agency’s $11 Billion-per-year budget dedicated to “groundbreaking cryptanalytic capabilities.” Since a handful of primes are so widely reused, the payoff, in terms of connections they could decrypt, would be enormous,” said Alex Halderman and Nadia Heninger in a blog post published Wednesday.

See on Scoop.itInternet of Things – Technology focus


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s