The flood of documents regarding the NSA’s collection methods and capabilities that have been leaked this summer has produced thousands of news stories and several metric tons of speculation about what it all means. But for all of the postulating, analysis and reporting, there are still a lot of questions left unanswered in all of this. Let’s try to address some of them.
Can the NSA break the encryption used in HTTPS connections or secure email systems?
For some definitions of “break,” yes. After the overheated reaction to the leak of the documents detailing some of the NSA’s cryptographic capabilities died down, experts took a closer look at the information and began to coalesce around the idea that the agency is essentially doing what it is supposed to do: find ways to defeat encryption. This is done in various ways, including using software vulnerabilities in crypto implementations, man-in-the-middle attacks and perhaps mathematical advances that give the NSA the ability to decrypt some traffic. There are implications in some of the leaked documents that the NSA may have worked to deliberately weaken some cryptographic standards or algorithms, specifically ones approved by NIST, the U.S agency that approves technical standards for the federal government. NIST has denied those allegations, and there are no details right now about which standards are supposedly affected. There are known attacks against some of the more popular ciphers and cryptosystems and some of them are practical. But the easiest way to defeat encryption remains going after anything other than the encryption.
Does that mean I shouldn’t use encrypted email?
No, it doesn’t. Bruce Schneier, who has examined some of the unpublished leaked NSA documents, said that he still trusts the math on which the major encryption algorithms are based. “Honestly, I’m skeptical. Whatever the NSA has up its top-secret sleeves, the mathematics of cryptography will still be the most secure part of any encryption system. I worry a lot more about poorly designed cryptographic products, software bugs, bad passwords, companies that collaborate with the NSA to leak all or part of the keys, and insecure computers and networks. Those are where the real vulnerabilities are, and where the NSA spends the bulk of its efforts,” Schneier wrote. Using secure email is still a good defense against eavesdropping and attacks, even from the most sophisticated adversaries. Schneier and other experts recommend using longer key lengths, such as 2048 or even 4096 bits, as insurance.
Should I consider the Internet to be a hostile environment?
Yes! But that was true long before any of these NSA-related leaks emerged. The Internet is a dirty, nasty place not fit for use by most decent people. In general, it’s safe to assume that the Internet is trying to do you (or your packets) some kind of harm at all times. Act accordingly.
Why does the NSA care about my email?
It’s not you they care about, individually. It’s the plural you that interests them. The NSA’s job is to collect intelligence on foreign threats, mainly terrorists, and analyze it. That intelligence is usually in the form of electronic communications, what’s known as signals intelligence, and thanks to the rise of the Internet and explosion in cell phone usage, there’s now many times more of that traffic to gather than there was just 15 years ago. And a good portion of that traffic is encrypted these days, with major email providers such as Google encrypting their users’ sessions and more and more sites offering SSL connections to users. The NSA is tasked with trying to sift through all of that traffic and find indications of terror or anti-American activity by foreigners. But those foreigners don’t always just communicate with each other, and so sometimes U.S.citizens’ traffic ends up in the net, as well. When that happens, the agency is supposed to discard it in most cases, as the NSA’s mission only applies to non-U.S. persons. But what the leaked documents show is that the agency has been collecting massive amounts of phone metadata and email and Internet traffic involving Americans.
Are they just storing this stuff indefinitely?
That’s not clear right now. Some of the encrypted communications are stored for long periods, in the hope that the NSA may be able to decrypt them at some point in the future. But whether that is happening now using some of the agency’s supposed capabilities against cryptographic algorithms isn’t known.
I read something about the NSA running man-in-the-middle attacks against Google and other companies. What does that mean?
There’s a diagram that’s surfaced online of how this kind of attack may have been done. It’s a pretty basic set-up and is one of many ways that an adversary could conduct a MITM attack on a target. In general, MITM attacks are used to intercept communications between a sender and receiver, and they’re particularly valuable against encrypted traffic. If the attacker can get to the traffic before it’s encrypted and sent off to Google or whatever the destination is, he has essentially defeated the encryption scheme without having to attack the encryption itself. MITM attacks can be accomplished in several ways, including using a spoofed or stolen digital certificate to impersonate a service such as Gmail, or compromising a wireless router that a target is using and intercepting the traffic and using a tool such as SSLstrip to remove the encryption. The diagram in question doesn’t seem to involve the use of a stolen certificate, but rather the ability of the attacker to somehow access a router in the network that’s processing Google requests. Either way, that kind of attack would give the attacker the ability to read communications that the user believes to be secure.
So, is the Internet over?
Not quite yet. But there are apparently a lot more documents coming, so…
*Image above via Mark Turnauckas‘ Flickr photostream, Creative Commons