The National Security Agency’s most wanted man and newly minted Russian resident, Edward Snowden, has revealed new details about the ability of intelligence agencies to crack supposedly secret communications.
“The National Security Agency is winning its long-running secret war on encryption, using supercomputers, technical trickery, court orders and behind-the-scenes persuasion to undermine the major tools protecting the privacy of everyday communications in the Internet age, according to newly disclosed documents,” reports the New York Times. According to the documents, the NSA “has circumvented or cracked much of the encryption” algorithms and technologies used to keep banking, email, commerce, and data transfers secret.
Here are the essentials of the story:
- For at least three years, British and American spy agencies worked to gain back-door access to major Internet companies, including Google, Yahoo, Facebook, And Microsoft. “By 2012, GCHQ [Government Communications Headquarters] had developed ‘new access opportunities’ into Google’s systems, according to the document” (Google has repeatedly denied that the NSA gets any special access).
- According to Snowden, the NSA spends roughly $250 million to weaken international encryption standards and products so that they can be cracked by the NSA.
- In one instance, a fatal security flaw discovered by Microsoft engineers in 2007 was first “pushed” on an international standards group by the NSA.
- There is a tight inner circle of intelligence officials around the world who have full access to the cracking technologies. “The full extent of the N.S.A.’s decoding capabilities is known only to a limited group of top analysts from the so-called Five Eyes: the N.S.A. and its counterparts in Britain, Canada, Australia and New Zealand.”
- The NSA argues that decrypting messages from the likes of Syria and al-Qaeda leaders are essential for national security.
According to the story, authorities asked the Times not to publish the article. The Times withheld some information for security purposes, but (obviously) went ahead with the piece.
As we’ve written about before, the NSA tried a similar strategy in the 1990 with a hardware product that would permit backdoor access to cell phones, the failed “Clipper Chip.” Apparently, the NSA found a new way to gain back-door access. “They went and did it anyway without telling anyone,” cryptographer Paul Kocher told The Times.
Snowden still says that “strong” encryption can’t be decoded by the NSA. “Properly implemented strong crypto systems are one of the few things that you can rely on.” So apparently, there are still ways of keeping messages safe.
It is important to note that all of the legal requirements for search still apply to decrypted information.