NSA Curious Look: What is the War for Internet Security (Part 1)

The intelligence agencies of Great Britain and the United States are taking all possible steps to decipher any kind of Internet communications. There is a feeling that there are a lot of “holes” in the “cloud”. Good news: Snowden's new documents confirm that some forms of encryption cannot cope even with the NSA.

On the eve of Christmas [ article published December 28, 2014 - approx. trans. ] Five-Eye Spies [Eng. Five Eyes ] are waiting for a short respite from their hard work. In addition to their normal duties - that is, to deciphering messages around the world - they are playing a game called “Kryptos Kristmas Kwiz”, whose participants need to solve complex numerical and letter puzzles. Winners of the competition become the proud owners of "cryptocaps".
')
Encryption - the use of mathematical techniques to protect communications from espionage - is used in electronic transactions of all types and is used by the state, companies and individuals. But, according to the former NSA agent Edward Snowden, not all encryption technologies actually perform their tasks.

One of the illustrative examples is encryption in Skype, a program whose 300 million users use the service of the vaunted "secure" Internet video chat. In fact, there is no talk about data protection. “Regular Skype data collection began in February 2011,” says the NSA training document released by Snowden. Less than half a year later, in the fall [of 2011], the decoder announced that their work was done. From that moment on, Skype data became available to NSA spies. Software giant Microsoft, who bought Skype in 2011, states: "We do not provide direct or indirect state access to user data or encryption keys." NSA began monitoring Skype before Microsoft bought the company, but since February 2011 the US Foreign Intelligence Surveillance Court , a secret Court of Foreign Intelligence ( US Foreign Intelligence Surveillance Court ), extended a warrant to the company, according to which it should not only provide information to the NSA, but also serve the available data source for the agency.

“Regular Skype data collection” is the next step that the state has taken in an arms race for intelligence agencies looking for insights into the privacy of users and especially those who consider themselves to be protected from spying. Although encryption, in turn, also won several victories: there are several systems that have proven their stability and have been real quality standards for more than 20 years.

For the NSA, encrypting communications — or what all other Internet users call safe communications — is a “threat.” In one of the NSA training documents accessed by the Spiegel edition, an NSA officer asks a question: “Do you know that the encryption mechanisms commonly used on the Internet are the main threat to the ability of the NSA to conduct intelligence on digital networks and hit enemy adware?”



An excerpt from the NSA document: encryption is called a “threat”

- Did you know that the encryption mechanisms commonly used on the Internet are the main threat to the ability of the NSA to conduct reconnaissance on digital networks and infect adversary malicious programs?

“Twenty years ago, the mere fact of encrypting messages meant that they probably contained foreign intelligence data, since only the government and other important goals had the opportunity to acquire or develop and implement encryption of communications. Today, anyone who uses the Internet can access web pages using strong encryption mechanisms provided by the HTTPS protocol, and companies at any level can implement virtual private networks (VPNs) so that their employees can access sensitive or private corporate information via the Internet. from anywhere in the world. SID calls such widely used encryption formats that are more difficult for SIGINT to be “widely used encryption”.

Snowden's documents showed which encryption mechanisms in the NSA could be decrypted and (more importantly) which ones could not be decrypted. Although the documents that have been made public for almost two years, experts doubt that, during this time, NSA digital spies have been able to decipher such tamper-resistant technologies. “With proper use, strong cryptosystems are one of the few things you can rely on,” Snowden said in June 2013, after his trip to Hong Kong.

The “digitalization” of society over the past few decades has been accompanied by the widespread use of cryptography, which has ceased to be the domain of secret agents. Today, almost every Internet connection is encrypted in one way or another - whether you are conducting an online banking operation, buying goods on the Web or making a phone call. The very essence of cloud computing — which allows you to outsource a number of tasks to remote data centers, sometimes located on another continent — is based on cryptographic security systems. Internet activists hold “crypto-calls”, where they explain to those interested in maintaining the security of honest communications how to encrypt their data.

German government proposes to use "permanent data encryption"

In Germany, the need to use strong encryption mechanisms is already thought of at the highest level. Chancellor Angela Merkel and her office are now communicating using phones that incorporate strong encryption systems. The government also invited residents to take steps to protect their own communications. Michael Hange, president of the Federal Agency for Information Security, said: "We recommend that you use cryptography - that is, constant data encryption."

This assumption is unlikely to please some intelligence agencies. After all, the Five Eyes Alliance — the secret services of Great Britain, Canada, Australia, New Zealand, and the United States — has a clear goal: if possible, stop encrypting Internet information coming from other countries. In 2013, the NSA had a budget in excess of $ 10 billion. According to the US budget allocated for exploration in 2013, the amount of funding for the NSA department dealing with cryptanalysis (CES) alone was $ 34.3 million.

Last year, the Guardian , New York Times and ProPublica reported on the details of the 2010 presentation, which described the NSA's decryption program called BULLRUN, but many specific vulnerabilities remained outside of these messages.



Slide presentation of the project BULLRUN

The presentation says that “over the past ten years, the NSA has pursued an aggressive, multifaceted policy for hacking the widely used encryption technologies on the Internet” and that “a huge amount of encrypted Internet data that could not be used until today has now become available for use”. Decryption, as it turned out, can also be used "in hindsight" - as soon as the system is hacked, the agency can view its databases for past periods and read information previously inaccessible.

The number of Internet users concerned about online security has increased significantly since the publication of Snowden's first revelations. But those who prudently use strong end-to-end encryption mechanisms to protect their data still make up a minority of all Internet users. There are a number of reasons for this: some believe that encryption is too difficult to use. Or they believe that intelligence agencies are ahead of existing user technologies by many steps and can crack any encryption program.

[These user assumptions are not entirely correct. We will describe the encryption mechanisms that are resistant to the attacks of the NSA, and which ones are not, in the second (final) part of the transfer].

To be continued…