Encryption protocols compromised by NSA and GCHQ, according to leaked Edward Snowden documents
The latest revelation shows "an aggressive, multi-pronged effort to break widely used internet encryption"
Friday 06 September 2013
Intelligence agencies from Britain and the US have cracked many of the encryption protocols used to secure communications on the internet, according to documents leaked by the NSA whistleblower Edward Snowden.
The fresh information reveals that the US National Security Agency has worked in collaboration with the the UK's GCHQ to compromise online privacy.
"For the past decade, NSA has lead [sic] an aggressive, multi-pronged effort to break widely used internet encryption technologies,” reads a GCHQ document from 2010. "Vast amounts of encrypted internet data which have up till now been discarded are now exploitable."
Various methods have been pursued in order to break or circumvent the security protecting the personal data of billions of people.
These include breaking encryption with “brute force” attacks conducted by super computers; using court-orders to force companies into handing over master keys to their software, and one program that “actively engages US and foreign IT industries to covertly influence and/or overtly leverage their commercial products' designs”.
This latter scheme, named the Sigint Enabling Project, costs the NSA $254.9m a year according to a 2013 budget document provided by Snowden. Sigint stands for "signal intelligence". An internal memo from the agency records the reaction from British analysts: “Those not already briefed were gobsmacked!”
“These frightening revelations imply that the NSA has not only pursued an aggressive program of obtaining private encryption keys for commercial products […] but that the agency has also attempted to put backdoors into cryptographic standards designed to secure users' communications,” said the Electronic Frontier Foundation in response.
“Additionally, the leaked documents make clear that companies have been complicit in allowing this unprecedented spying to take place, though the identities of cooperating companies remain unknown.”
In response to the leaked documents - which were handed from Mr Snowden to The Guardian, The New York Times and the non-profit news site Pro Publica - Google have claimed that no such "active engagement" has taken place.
"We have no evidence of any such thing ever occurring,” said the company in a statement. “We do not provide any government, including the US government, with access to our systems […] We provide user data to governments only in accordance with the law.”
The NSA described their various decryption programs as "price of admission for the US to maintain unrestricted access to and use of cyberspace”, but security experts believe that their actions are an attack against the most basic structure of the internet.
“Cryptography forms the basis for trust online," Bruce Schneier, a fellow at Harvard's Berkman Center for Internet and Societ, told The Guardian. "By deliberately undermining online security in a short-sighted effort to eavesdrop, the NSA is undermining the very fabric of the internet."
- 2 Friends 20th anniversary: Alison Jackson photographs reunited cast
- 3 Friends 20th anniversary: The highs and lows of the cast's careers since 2004
- 5 Free U2 album: How the most generous giveaway in music history turned into a PR disaster
Scottish independence: Despite defeat history may still point to Alex Salmond as the victor
Scottish independence referendum: Frankie Boyle reacts to nation's 'No' vote - 'To be fair, I've always hated Scotland'
Iranian blogger found guilty of insulting Prophet Mohammad on Facebook sentenced to death
Scottish referendum: Police struggle to control Unionist rally in Glasgow's George Square
Glasgow 'riots': 'Dishonest' social media users accused of fuelling panic with pictures from London riots
Daniele Watts: Django Unchained actress detained by Los Angeles police after being mistaken for a prostitute
Scottish independence referendum: A nation divided against itself
Scottish referendum results: Cross-party consensus collapses amid Tory-Labour spat on the 'English question'
Scottish independence: David Cameron is becoming the 'George Bush of Britain'
Russia freezes Ukraine into submission: Kiev admits country doesn't have enough fuel for winter
Scottish independence: The Queen breaks silence on referendum debate – as think tank warns of £14bn black hole if Scotland votes Yes
£75 - £90 per day + negotiable: Randstad Education Group: Are you a cover supe...
£30000 - £35000 per annum: Ashdown Group: Marketing Manager (CIM, B2B, MS Offi...
£22000 - £25000 per annum: Ashdown Group: A highly successful organisation wit...
£1 per day: Randstad Education Leeds: Job Purpose To work closely with the he...