back to article Now we know why UK spooks simply shrugged at SSL encryption

In July 2012, Britain's top spook Charles Farr made a rare public appearance: sat across a table from MPs in Parliament, he was quizzed by backbenchers scrutinising Home Secretary Theresa May's widely criticised plan to snoop on Brits' internet connections. At the time, the government was trying to get politicos to agree that …

COMMENTS

This topic is closed for new posts.

Page:

Silver badge

This would be the same Bruce Schneier that refused to denounce Phorm when they were trialling their systems with BT?

It's just a pity that when he could have made a real difference to proceedings he failed to do so. His opinion isn't worth much IMO, especially when he's so selective about what he says.

8
14
Facepalm

Schneier on Phorm

This would be the same Bruce Schneier that refused to denounce Phorm when they were trialling their systems with BT?

What Schneier said was that as a BT executive he was tied as to what he could say about Phorm, and that he'd leave it to others to do the denouncing. I think that's a pretty ethical standpoint, given the circumstances.

https://www.schneier.com/blog/archives/2008/09/bt_phorm_and_me.html

4
1
Anonymous Coward

BT, Phorm, and Me

"Over the past year I have gotten many requests, both public and private, to comment on the BT and Phorm incident".

https://www.schneier.com/blog/archives/2008/09/bt_phorm_and_me.html

0
0
Silver badge

The code-ring on the golf course

> Basically, the NSA is able to decrypt most of the internet

Having the ability to pick a single piece of (encrypted) internet traffic, at will, and decrypt it is a long way from being able to decrypt *every* piece of internet traffic, scan it for content and act on it. In real time.

Havng a piece of encrypted data handed to you and being asked to apply your decoding "magic" to it is one element of the NSA's work. However they still have to be able to isolate that significant piece of encrypted traffic from the billions of others: comparable to finding the one blade of grass on a golf course that has a coded message written on it.

That job of knowing which message to apply their brute force (or "cheating" - how ungentlemanly of them) processes is a monumentally different and much, much bigger problem. Sure: they can find stuff if they know where to look. However that knowing is still dependent on and limited to other more traditional methods of surveillance. There's just too much ordinary stuff, flying around as encryrpted data, or steganographic plain messages concealing sensitive information, for the NSA or any other body to check it all.

In this case, security through obscurity does work.

5
12
Gold badge
Unhappy

Re: The code-ring on the golf course

"Sure: they can find stuff if they know where to look. However that knowing is still dependent on and limited to other more traditional methods of surveillance. T"

Wrong.

The stuff is being archived indefinitely regardless of who you are.

How's your plan now?

18
2
Anonymous Coward

Re: The code-ring on the golf course

"In this case, security through obscurity does work."

The problem is that it does not.

The other portion of the equation is employing bayes statistics and other googly knowledge to which piece of data to select based on metadata analsys. That gives them who talks to whom, which traffic is interesting and which not. So they know what to pick and decrypt.

Everyone keeps mentioning "Giants" in the context of this scandal. How about minnows. Certificate authority minnows registered in the USA (and . Ones that provide certificates for SSL for most of the world commerce. Not that the regional are any better (judging by the recent dutch and turkish bloopers).

2
1
Silver badge

Re: The code-ring on the golf course @John Smith 19

http://www.theregister.co.uk/2013/09/04/att_dea_hemisphere_program/

A pity that it doesn't go back as far as 1984. It would have been more symbolic that way...

3
1
Silver badge

Re: The code-ring on the golf course

> The stuff is being archived indefinitely regardless of who you are.

Makes little or no difference. Most intelligence data is time-critical. It has a very short shelf-live. Consequently the spooks will be focussing their attention on intelligence gathering that they can decrypt, analyse (almost certainly by connecting it to other sources) and act on within a short timescale: a few weeks, tops. Anything older than that will be of no interest to them- even if they do keep it forever.

But so what if they *do* keep everything, indefinitely. They'll never get around to looking at it. The very worst case is that in 50 or 100 years some historian will decrypt a packet that contained the pass-code to your bank account. It's the sheer volume of data that is, and has always been, the problem for intelligence agencies - the good news is that almost nobody is important enough for them to take an interest in .

7
11
Anonymous Coward

Re: The code-ring on the golf course

Pete 2 makes sense on the time-critical element. With Enigma, there would be no point in spending time decrypting the instructions to the wolf-pack once the U-boats had already returned to base.

1
2
Anonymous Coward

Re: The code-ring on the golf course

"Most intelligence data is time-critical. It has a very short shelf-live."

RIght. And if there was any viable evidence that the intelligence data was actually performing any useful function, that evidence would have emerged by now, especially in recent weeks. That evidence does not exist in any meaningful quantity.

So let's consider the possibility that this isn't (just) about (alleged) intellligence gathering. There's plenty of evidence to support that hypothesis.

One set of evidence supports the theory is that this is partly about industrial espionage. Still time dependent, but far from time critical. Airbus vs Boeing is getting a lot of mentions at the moment.

Another theory is that this is partly about about gathering information about individuals and organisations which might be useful later, perhaps much later. I'll leave you to work out where that leads.

Of course, those theories are only plausible in the tinfoil hat camp.

Unfortunately the evidence in recent weeks says many of the tinfoil hat camp have pretty much been right for decades and most of us unbelievers were wrong.

32
0
Silver badge

Re: The code-ring on the golf course

>Most intelligence data is time-critical. It has a very short shelf-live.

That said, being able to read in 2223 messages sent between foreign powers and their embassies in 2013 (store data now, wait for Moore's Law to help out, decrypt) would still be of great benefit. It would give some valuable insights into your rival / trading partner, such as the difference between what they say and what they think.

Some games are short term, other are much longer.

7
0
Silver badge

Re: The code-ring on the golf course

Not all has a short shelf life.

President: Mr A.Noying has risen to the leadership of this protest group. He could inconvenience me. Got any dirt?

NSA: Decrypting... here we go. The usual kinky porn and such minor embarassments, and... ah, in an email to a friend ten years ago he admitted he once hacked some 'Church of Scientology' as part of an internet protest.

President: I'll leak all the usernames and such for the porn to the popular press, and urge the church to file criminal charges. Thanks! That should get him out of my hair for a while.

17
0
Silver badge

Re: The code-ring on the golf course

> messages sent between foreign powers and their embassies

Don't *all* governments use one-time-pads for this sort of crypto. Definitely not the commercial quality stuff that you or I ever get to see.

It would be nice to think that the more sensitive commercial stuff was sent that way, too. However I'd be amazed if more than a few multinationals had the ability or security to operate at that level.

s/2223/2023/ ?

0
4
Anonymous Coward

Re: The code-ring on the golf course

There aren't enough hard drives in the world for the NSA to be archiving all of the internet traffic from across the world... not even just the encrypted stuff.

I also don't understand the original article - the author talks about evidence from some official to MPs proving that they're not worried about SSL, but nowhere in the two long quotes does anything even vaguely related to that come up.

1
6
Silver badge
Facepalm

Re: The code-ring on the golf course

>There aren't enough hard drives in the world for the NSA to be archiving all of the internet traffic from across the world... not even just the encrypted stuff.

You do know the majority of the information (protocol stuff aside) is sitting on one hard drive to begin with and often on two or more right? Gaming and VOIP traffic (which still do often get recorded, see black ops 2 theater feature) make up a very small portion of traffic compared to porn videos, netflix and warez which are all on media storage.

4
0
Anonymous Coward

Re: The code-ring on the golf course

It doesn't take much thought to see how the likes of McCarthy or the STASI would drool over the prospect of having access to everyone's data.

3
0
Anonymous Coward

Re: The code-ring on the golf course

"Most intelligence data is time-critical. It has a very short shelf-live."

You are talking about real intelligence, being used to combat real threats. But that is hardly what the NSA is up to, is it? It's making sure the government has enough on everyone that no one dare speak up or oppose it... just in case.

"If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged". - Cardinal Richelieu

9
0
Silver badge

Re: The code-ring on the golf course

Lets translate what they are doing into plain English.

Suppose you are sending emails at https://www.gmail.com

The NSA knows there is traffic between your computer and GMail. Because it is encrypted, they don't know what the contents of that traffic are.

Assuming that SSL is unbreakable for all practical purposes, there are two ways they can find out what you were doing on GMail.

1. They can ask you

2. They can ask Google

Sometimes they will get the rubber hose out and ask you what you were doing, but they would rather not do that because if they do, then you know that they asked you.

However, they can ask Google, and Google will tell them, and Google won't tell you that they told them, and it is almost as easy to get the information off them as it is to get it from an unencrypted browsing session at http://www.gmail.com/

3
0
Hoe

Re: The code-ring on the golf course

They weren't referring to Brute Force as cheating, but back doors.

2
0
Bronze badge
Big Brother

Re: The code-ring on the golf course

"Most intelligence data is time-critical."

Until the political opposition comes in to power. Then your history comes back to bite you in the [redacted].

0
0

@ Pete 2... Re: The code-ring on the golf course

"But so what if they *do* keep everything, indefinitely.2

Most intel is time critical. However, one of the best ways to get time critical information is by an informant. One of the best ways to "turn" a potential informant has traditionally been blackmail. To blackmail a mark, you sift through their history, looking for some potential snifter of scandal -- in days gone by, sexual indiscretion was enough, and if it was man-on-man, so much the better... threaten to out a fine upstanding citizen for what was then considered a crime and socially unacceptable behaviour and he'd spill any and all beans you asked for. In those days, getting the evidence for the blackmail was an operation in itself, and often required active "honeypot" agents in the infidelity. But if you've got the mark's life history on disk, you'll find something if you dig hard enough.

So what, I hear you cry, it's for the bad guys.

Well, no. You don't have to be a "bad guy" to be the informant... you may simply work alongside the bad guy, or you may just be his window cleaner. And that "bad guy" might actually be the goodie, and you might be forced to betray him in order to stop that picture being posted on the website of your local primary school....

1
0

Re: The code-ring on the golf course

But your root certificate doesn't need to be from Thwarte or Verisign or one of the other providers. The only reason for doing so is to have a green bar shown in the user's browser when they access your site using https. You are able to create your own certificate for free and ask users to explicitly trust your certificate and wear the initial "this site is not trusted" warning message as a badge of honor.

On the other hand, if you think this will drive potential customers away then it's your call. If you choose to go with a certificate from a root recognized by Chrome, Firefox, IE, etc. because potential customers will be more comfortable, you have to understand that it's you who is actively choosing to make the decision to put profit ahead of privacy.

We all do, but we don't have to.

1
0
Black Helicopters

Reverse psychology

While I wouldn't put it past the NSA, GCHQ, et al to circumvent or decrypt SSL, it almost seems as if this is an attempt to get people to not care about SSL. If people believe SSL is useless, they'll won't go through the bother of using it, making the NSA's job that much easier.

Black helicopter due to the lack of a tinfoil hat icon.

4
2

Re: Reverse psychology

Mmm...

http://static.guim.co.uk/sys-images/Guardian/Pix/audio/video/2013/9/5/1378396354932/NSA-Bullrun-2-001.jpg

"It's groundbreaking and really good but don't ask or even think about how it works".

Sounds a bit like TV detector vans and dowsing rods that detect explosives, no?

5
1

Re: Reverse psychology

"Indoctrination required"

Had someone been playing Mass Effect when they wrote that?

0
0
Bronze badge

Re: Reverse psychology

People won't think anything.

It is just us nerds that know HTTPS has something to do with SSL and TLS.

They'll keep using HTTPS to do their banking, FB, gmail, etc. They don't have any consumer friendly options.

0
0

Re: Reverse psychology

"If people believe SSL is useless, they'll won't go through the bother of using it..."

Useless for what? Keeping your shopping out of the prying eyes of ye old cyber crook? Or keeping it out of the eyes of the NSA, et al?

If you are just trying to keep some basic data temporarily safe, like your CC info and such, then it's fine. Use it for your jaunt to a WiFi cafe, etc.

If you are relying on it to keep secret the plain text files about state secrets, then that's absurd. Rest assured that somebody with billions in the budget and their own chip foundry can build a beast to crack that stream in a heartbeat. Look at what's been done with Bitcoin mining. You think that the NSA has been slack in the cracking department? Guess again.

2
0

Re: Reverse psychology

Only they won't simply not bother using SSL, they will try to find a more secure alternative instead...

0
0
Anonymous Coward

Bullrun Sensitivity and Coverage.

Bullrun Sensitivity and Coverage

`It is imperative to protect the fact that GCHQ, NSA abd their Sigint partners have capabilities against specific network security technologies as well as the number and scope of successes. These capabilities are among the Sigint community's most fragile, and inadvertent disclosure of the simple "fact of" could alert the adversary and result in immediate loss of the capability. Consequently, any admission of "fact of" a capability to defeat encryption used in a specific network communication technologies or disclosure of details relating to that capability must be protected by the BULLRUN COI and restricted to those specifically indoctrinated for BULLRUN'.

http://cryptome.org/2013/09/nsa-bullrun-brief-propublica-13-0905.pdf

0
0

Maybe I've missed or am missing something here but wasn't the "Communications Data bill" all about logging the fact that Alice was talking to Bob rather than what they were talking about? And since normal TLS/SSL only hides the what and not the who (not counting dark nets and stuff) how is it relevant to the latest revelations?

2
0

Because if Alice is talking to Bob through Facebook messages (for instance), or other messages that are carried over HTTP via an intermediary, if the payload of the HTTPS traffic is encrypted, all someone with access to the wire knows is that Alice and Bob are both talking to Facebook servers. As are millions of other people.

So to know that Alice is talking to Bob requires getting some access to whatever is in the encrypted payload. Which is easier to do by attacking the endpoints rather than trying to decrypt data captured from the wire.

4
0
Bronze badge

"Which is easier to do by attacking the endpoints rather than trying to decrypt data captured from the wire."

Which we used to think easier to do by attacking the endpoints rather than trying to decrypt data captured from the wire, but which we now know is easier to do by simply decrypting the wire traffic using the certificates that the NSA and GCHQ have copies of.

6
0

It just looks like a black helicopter

It's actually an encrypted tinfoil hat.

6
0

They're doing their job.

What is surprising is the surprise that people are expressing that these organizations which have been setup to spy and decode encrypted material are actually doing what they are paid to do. If I was in gummint I would be annoyed if they weren't. How afraid I, as a private individual, should be of this sort of thing, I really don't know.

2
7
Silver badge

Re: They're doing their job.

>How afraid I, as a private individual, should be of this sort of thing, I really don't know.

There is probably little reason to be afraid of the NSA or GCHQ themselves. There would more risk of one of their employees taking out a grudge on you for some imagined slight, and abusing these systems for that end (BOFH style). If Snowden could access more than he was supposed to, then so could someone with less idealistic (okay, the jury is out) motives. Still very unlikely though.

Of course the real fear is that we don't know what governments will look like in ten or twenty years time... were a totalitarian regime come into being, it would have some handy tools for bashing any dissenting voices.

4
1
Bronze badge

No guarantee NSA any more more moral than the FBI, and we know what the FBI did

Why in the world would any one assume that everyone of the 20,000 people at the NSA have higher moral standards than J. Edgar Hoover?

Or you do not know about former FBI director J. Edgar Hoover and his secret files on politicians, business leaders, academics, journalists and celebrities.

The files he used to keep himself in office, to suppress free speech, to promote racism, to keep the feds of the Italian mafia, etc.

13
0
Silver badge
Stop

Re: They're doing their job.

They are not doing their jobs. Not in a way that anyone could possibly consider successful.

The entire point of discreet, discriminating, covert government surveillance is that they are able to focus vast and cunning resources on extracting hidden data from dangerous/threatening people. Not to place everyone under surveillance in case they might need that information one day. That is a poor use of resources. Setting the house on fire to keep warm, not to keep from freezing to death, just to be maybe a little warmer, for a very brief period.

A reasonable analogue would be a city Dog Catcher, tasked with catching loose or stray dogs, decides to catch all the dogs, regardless if they are stray, loose or dangerous. Not only has his task become impossible, it is expensive, resource intensive, ensnares innocent dogs, inconveniences the Humans close to those dogs, generates great ill will and a sense of need for active defiance, leaving people no choice but to hide their dogs, deeper and deeper, making the Dog Catchers job that much more impossible.

That Dog Catcher and his employer would be removed from service as their activities ultimately resulted in a scenario that actively undermined the mission of the service. So to should the agents and agencies responsible for mass surveillance of a largely innocent public.

9
0

Re: They're doing their job.

The "surprise" is that they are coercing/threatening commercial entities into helping them do the spying. And they have muzzled those commercial entities so that they are not allowed to reveal that they have been co-opted by the NSA. Thus there can be no meaningful oversight.

0
0

Cost of Decryption

What part of encryption don't you get. There is NO computer based encryption that can not be decrypted by another computer. The reason for crypto is cost. If I encrypt my dental appointment, what value will that be, to apply an hour of compute time to read that? Worth it, not really, multiply that by the hundreds of emails between mothers and son's about the weather that are wasted in the NSA computers? If everyone encrypted their chocolate chip cookie recipes, there would be a huge mushroom cloud rising over the NAS from computers melting down.

The motivation of encryption is to make it TOO expensive for the casual hacker to take the time to perform decryption on. There are encryption methods that a computer can not decrypt, but they are slow human/manual in nature.

And in the end, if you know that the cost barrier has been lowered, you increase the key strength, or algorithm used.

7
1
Silver badge

Re: Cost of Decryption

There is a reasonable definition of "can't be decrypted" if brute forcing it takes > million years.

There is some evidence that the NSA exploits weakness in RSA which is used by some SSL implementations - but mostly they don't need to because they can simply ask Google/Facebook/etc for the certificates which allow them to decode the keys anyway

1
0
Bronze badge

That is the new information here -- there is generally no cost to decryption.

If world + dog has the encryption key then there is no cost to decryption.

So apparently if you are using a certificate registry, paid or free, there is no cost.

And if you use secret keys that only you and the receiver know (no registry) they can still get at your stuff by backdoors.

If there is a back door to your encryption software or your operating system that can capture the data before encryption or after decryption, then again there is no cost to decryption.

That is the new information here -- there is no cost to decryption. Not for the Five Eyes. Not for any other agency what has been given or has stolen the Five Eyes secrets.

3
0

And this is news?

It has been no secret that with the resources that only a major intelligence organisation could muster the encryption we are using today is crackable.

Does anyone else think that the timing of this 'revelation' is suspicious?

NSA & GCHQ happy in the knowledge that they can snoop most internet traffic and selectively crack the encryption on the rest in a timely manner.

Snowdens leaks tell world+dog that they are being snooped, encrypted traffic increases substantially, NSA & GCHQ realise they now don't have the capacity to crack all the traffic identified as suspicious by proper intelligence so they try to discredit SSL in the hope that world+dog switch back to HTTP for their email,social networking and general browsing.

3
5
Silver badge

Re: And this is news?

You might very well be correct, but you come across as a right proper cock.

0
0

I bluff my encryption

I use ROT10, and no matter how many times they apply their SSL decryption on my messages, it never works.

3
1
Silver badge

Re: I bluff my encryption

ROT10, how asymmetrical of you!

I use ROT26 for faster (instant) decoding.

6
0
Bronze badge

Re: I bluff my encryption

And your bank and social networking sites can accept that?

Or just that is what you encrypt stuff with that only you use, stuff that stays on your computers?

If you are worried about them getting it off of your computer -- if you are that kind of target that they would access your computer -- they can get it off before it is encrypted or after it is decrypted.

0
4
Silver badge
Paris Hilton

WOOSH

It's a joke, hun. Any of the ROT-cyphers are trivial to break, with ROT-26 being a null op.

3
0
Anonymous Coward

Re: I bluff my encryption

I use ROT(e^i*pi)

0
0
Silver badge

Re: I bluff my encryption

I stopped using the Internet years ago.

0
0

This post has been deleted by its author

Page:

This topic is closed for new posts.

Forums