The Way the NSA Could Have Cracked EncryptionAdded: Saturday, October 17th, 2015
Category: Recent Headlines Involving File Sharing > Current Events
Tags:ET, p2p, Torrent, Piracy, Peer To Peer, Network, Hackers, Internet, BitTorrent, Google, utorrent, bitcomet, extratorrent, www.extratorrent.cc, 2015
Two American academics suggest that the National Security Agency could have gained access to the world’s encrypted communications by reusing passwords.
The computer scientists explained that a common mistake made with a popular encryption protocol leaves encrypted traffic open to eavesdropping from such spies as the NSA.
The revelations about the NSA made by Edward Snowden two years ago showed that the US National Security Agency broke one sort of encrypted communication – VPNs – by intercepting connections and transferring some data to the agency’s machines, which would then return the valid key. However, nobody knew what the NSA computers were doing or how they returned a valid key so quickly. The matter is that regular attack against VPN should take centuries, even with the fastest computers. But now the scientists found a flaw in the way encryption software applies a key exchange algorithm, which allows two parties communicate via encrypted channels.
According to researchers, an attacker may not need to target the encrypted communication directly, but rather the exchange at the start of the process, which is the following: each party generates a public key to communicate it to their interlocutor, and a private key, which is kept secret. However, they also generate a common public key – a large prime number which is agreed upon at the very beginning. These prime numbers are reused by many encryption systems in order to save effort. Actually, it turned out that one single prime is used to encrypt 2/3 of all VPNs and 1/4 of SSH servers all over the world.
Since a given proportion of conversations are using this prime as the basis of their encryption, it becomes an appealing target, which can then become a weak point via which encrypted communications can be attacked and cracked in a matter of minutes. The researchers also say that there are ways around the problem – for example, using a unique common prime for each connection or application. This approach would make the process of generating the key uneconomical for the NSA. Another way is to switch to a newer cryptography standard, which uses algebraic curve instead of prime numbers and thus also renders the attack ineffective.
Unfortunately, it is not that easy to go away from prime numbers, because in some cases, the encryption tools literally hard-code the prime in, making it difficult to change overnight.
Saturday, October 17th, 2015
|posted by (2015-10-18 19:11:37)|
|That's wishful thinking. I bet they have an operational Quantum Computer.|
|"That's wishful thinking. I bet they have an operational Quantum Computer."|
Yes...And dont forget the Electronic mind reading..Search everything inside your mind.All your passwords..
Most Popular Stories