Encryption protocols compromised by NSA and GCHQ, according to leaked Edward Snowden documents
The latest revelation shows "an aggressive, multi-pronged effort to break widely used internet encryption"
Friday 06 September 2013
Intelligence agencies from Britain and the US have cracked many of the encryption protocols used to secure communications on the internet, according to documents leaked by the NSA whistleblower Edward Snowden.
The fresh information reveals that the US National Security Agency has worked in collaboration with the the UK's GCHQ to compromise online privacy.
"For the past decade, NSA has lead [sic] an aggressive, multi-pronged effort to break widely used internet encryption technologies,” reads a GCHQ document from 2010. "Vast amounts of encrypted internet data which have up till now been discarded are now exploitable."
Various methods have been pursued in order to break or circumvent the security protecting the personal data of billions of people.
These include breaking encryption with “brute force” attacks conducted by super computers; using court-orders to force companies into handing over master keys to their software, and one program that “actively engages US and foreign IT industries to covertly influence and/or overtly leverage their commercial products' designs”.
This latter scheme, named the Sigint Enabling Project, costs the NSA $254.9m a year according to a 2013 budget document provided by Snowden. Sigint stands for "signal intelligence". An internal memo from the agency records the reaction from British analysts: “Those not already briefed were gobsmacked!”
“These frightening revelations imply that the NSA has not only pursued an aggressive program of obtaining private encryption keys for commercial products […] but that the agency has also attempted to put backdoors into cryptographic standards designed to secure users' communications,” said the Electronic Frontier Foundation in response.
“Additionally, the leaked documents make clear that companies have been complicit in allowing this unprecedented spying to take place, though the identities of cooperating companies remain unknown.”
In response to the leaked documents - which were handed from Mr Snowden to The Guardian, The New York Times and the non-profit news site Pro Publica - Google have claimed that no such "active engagement" has taken place.
"We have no evidence of any such thing ever occurring,” said the company in a statement. “We do not provide any government, including the US government, with access to our systems […] We provide user data to governments only in accordance with the law.”
The NSA described their various decryption programs as "price of admission for the US to maintain unrestricted access to and use of cyberspace”, but security experts believe that their actions are an attack against the most basic structure of the internet.
“Cryptography forms the basis for trust online," Bruce Schneier, a fellow at Harvard's Berkman Center for Internet and Societ, told The Guardian. "By deliberately undermining online security in a short-sighted effort to eavesdrop, the NSA is undermining the very fabric of the internet."
X Factor judge will appear in court later this month
Guide dog mauled while helping owner deliver Christmas cards
Life on Earth may have developed below rather than above ground, reveal scientists
Nelson Mandela’s complex bond with Britain
The poorest pay the price for austerity: Workers face biggest fall in living standards since Victorian era
10 stone five-year-old taken into care
- 1 Gurdwaras-turned-food banks: Sikh temples are catering for rise in Britain’s hungry
- 2 Council bans use of word ‘Commie’ – but ‘fascist’ and ‘Nazi’ are fine
- 3 The man who made Femen: New film outs Victor Svyatski as the mastermind behind the protest group and its breast-baring stunts
- 4 The poorest pay the price for austerity: Workers face biggest fall in living standards since Victorian era
- 5 Mass murder in the Middle East is funded by our friends the Saudis
- < Previous
- Next >
£35000 - £45000 per annum + BONUS + BENEFITS: Harrington Starr: A leading, Cit...
£60000 - £75000 per annum: Cornwallis Elt : Senior Business Analyst- Data, SD...
£45000 per annum + benefits: Pro-Recruitment Group: Audit Senior? Incredible P...
Initially paid internship designed to lead to full-time job: Inspiring Interns...