Just started reading a history of the NSA , and it's very interesting. E.g., the execution of the Rosenbergs was a travesty of due process, but the US had secretly decrypted a message listing them as Soviet spies. Another example, a midlevel employee of US SIGINT efforts told the KGB that the US was capturing and decrypting basically all Russian communication, and the Russian response was to harden their protocols (far less radio traffic, much greater use of one-time pads, basically.) The traitor was never prosecuted, because reporting the evidence against him would have revealed a SIGINT source.
Cryptology became the poor stepchild of US SIGINT efforts after this, because it yielded so little useful intelligence regarding Russia. As a result, the North Korean invasion which started the Korean war took the US completely by surprise. The US was subsequently able to crush the invasion in part because the North Koreans transmitted all communications in the clear, so they often knew what NK military units were going to do before they knew themselves. It took the US about a month to spin this capability up, though, because non-Russian communications had been completely neglected.
This neglect burned the US again when China decided to enter the war. The US could not believe this was happening, despite mounting SIGINT evidence, so China again had the advantage of surprise. China actually was encrypting its military communications in a way that the US could not decrypt (at least initially; I haven't finished reading this section of the book) which gave them a huge advantage in the initial engagements with US forces.
I knew all about it, and much more. But not by reading that book - Last month I watched CNN's 1998 documentary about the Cold War. ABSOLOUTELY AMAZING. 24 episodes, each about 50 minutes. Tons of never-seen-before footage and interviews with many of the parties involved in the Cold War (Gorbachev, Castro, Kissinger, Reagan, H. W. Bush, and dozens of other well-informed ministers, ambassadors, spies, soldiers and citizens)
But more importantly, it's fair. It doesn't blame Russia while praising America or vice versa. Bot powers did dreadful things during the Cold War, and this documentary shows them all. After watching it, now I have a very deep respect for CNN and Ted Turner.
It's only available on VHS, and only on eBay (or used, at Amazon). If you don't have a VHS player anymore (who has?), contact me (edit: for download links, not for selling you a VHS player!).
If you're interested in Cold War history and want to know more, watch this definitive series. You won't be disappointed.
"According to another top official also involved with the program, the NSA made an enormous breakthrough several years ago in its ability to cryptanalyze, or break, unfathomably complex encryption systems employed by not only governments around the world but also many average computer users in the US. The upshot, according to this official: “Everybody’s a target; everybody with communication is a target.”
What do people think this refers to? Somebody managed to compile sslsniff, or something more significant? Have they found a key weakness in RSA or similar? Are they just bruteforcing all those crappy ssl certs that are floating around? Does it refer to realtime decoding of GSM? Don't we all believe they can do that anyway? I guess we can only speculate.
Just because I'm paranoid, doesn't mean they're not out to get me...
It refers to a number of technologies including DES, SSL and GSM. I suspect also <128bit AES.
The NSA stores everything anyway, because if it can't be decrypted today, it can probably be decrypted tomorrow.
On the positive side, even if the NSA could break AES 256 (or even DES) it is still a relevant and useful algorithm. It's relevant because if I, say, issue an order to storm Wimbledon Common, that order is tactically valid and useful and hence secret for maybe a day or two, after which Wimbledon Common has been taken, and the order no longer has value.
Assuming the symmetric keys are solid, even weaker algorithms will do. On that basis, if AES 256 is only relevant for another 10 years then that's ok to encrypt my documents with, because when something better comes along those documents are probably no longer relevant.
Of course they may still be relevant as evidence if someone wants to come after you.
In closing, a lot of the Wired article is drawn from the book The Shadow Factory, which ends with the start of the construction of the Utah facility. It's interesting reading that also goes into the political side of it.
From the article's excitement, I would almost guess that they have a working attack against AES, but that sounds extremely unlikely with the amount of scrutiny AES has received. Still, AES is known to have some very clean algebraic properties, and people have wondered since the AES competition whether those would translate into real attacks -- perhaps the NSA has found a way. At least, the discussions about saving data to decrypt later sounds very suggestive of a break on either Triple DES or AES.
But I should say that you wouldn't have to break AES to break HTTPS and read most of the encrypted conversations on the web. In late 2008 a group of academics broke HTTPS by lifting a digital signature from a legitimately-signed document which gave few HTTPS permissions, onto a document which gave them arbitrary permissions. They did this by breaking the MD5 algorithm, and it caused the community to finally excise the last of the MD5 certificates for SHA1 certificates. But the NSA could do the same with the SHA1 algorithm's known weakness, and could then listen in on any man-in-the-middle attack they wanted. How complex is this? Since 2008, we've had an attack which might work in 2^52 operations or so. For the NSA that's approximately nothing. The Cray computer (one which we know the US government has) does roughly 2 petaflops now, or 2^51 operations per second or 2^67 per day. So it's reasonable to believe that, if they move from eavesdropping to active communication, they can already break HTTPS. (There is a risk in this method, however: if someone catches you doing this "in the wild", then they might notice and raise a big stink about it.)
Their exaflop goal would then be 2^85/year, which would be enough to run publicly-known attacks against Triple DES and perhaps to factor known 1024-bit RSA moduli -- for example the Equifax Root CA is 1024 bit RSA. If you could compromise one of those just once, you could issue certificates of your own -- and it would be extremely difficult if not impossible to detect the intrusion. So with exaflop computing, they could seriously just spend a couple weeks breaking an RSA-1024 modulus and launch undetectable man-in-the-middle attacks against everyone.
It's also likely that they've got more efficient attacks than the public researchers have, since they have access not only to the public research but also to a set of well-paid brilliant minds who work on these problems every day, and have been for quite some time. (It would be nice to have some transparency and know just how far they have gotten, but of course they won't even tell us that. I guess that's a bit of a weird question anyway, like asking, "in the odd event that you might want to stab the Internet to death, we would like to know: how large is the largest knife you own?")
It's also likely that they've got more efficient attacks than the public researchers have, since they have access not only to the public research but also to a set of well-paid brilliant minds who work on these problems every day, and have been for quite some time.
In case people aren't aware, this isn't just hyperbole.
The story of the DES S-Boxes indicates the NSA (actually IBM working with NSA, but still) was roughly 15-20 years ahead of publicly known attack techniques in 1990. I'd imagine the public state of the art is a bit closer now, but there is little doubt they have a big lead.
There were few reasons for mainstream adoption of cryptography in the early 90's. On-line commerce and communication barely existed. Thus little motive existed for public cryptography research and development. By comparison, militaries of the world had decades of experience. Battles had been won and lost because of cryptography.
The cypherpunk movement of the 90's and gradual push towards mass adoption of cryptography for on-line commerce led to the NSA attempting to introduce key escrow via the clipper chip (to enable backdoor access to crypto systems). This plan suffered a quick demise, hastened in part by a serious vulnerability in the scheme being identified by Matt Blaze in '94.
The rate of progress of this movement raised a lot of eyebrows. Crypto currencies were discussed and demonstrated. Julian Assange (and others) demonstrated Rubberhose FS (a deniable encryption system). And if that wasn't extreme enough, Jim Bell started a conversation about the application of cryptography to anonymous crowd-sourced political assassinations (!)...
It should be fairly obvious to see why the NSA (and more widely, the US government) had concerns. These concerns are still valid today with dual-use crypto-anarchy technology such as Tor and Bitcoin being in common use. One side may be trying to prevent this technology being used by Mexican drug cartels, smugglers, etc. The other side sees greater merit in ensuring that populations in Syria, Iran, China, etc can bypass government censorship.
It's well worth reading about this era of computing history and all the well known names that were involved. The insight gained will help with forming opinions on current topics, ensuring that both sides of arguments and all consequences are considered.
In summary, I think it'd be fair to say that mainstream reliance on strong cryptography has dwarfed military usage for a number of years now. The threat is also significantly higher to public/commercial entities because a failure of crypto systems in banking, stock exchange, news and on-line commerce could destroy economies. A break of AES, RSA, etc would primarily be kept secret to prevent economies from collapsing -- not so much to maintain an ability to decrypt meaningless chitter-chatter between millions of ordinary people.
If they had some completely unknown attack, I doubt they would leak it during an interview about their new facility... which is going to draw a lot of attention from privacy advocates and tin foil hatters.
1. Disinformation. Maybe it's about hashes, either SHA-1 (unlikely since there are known, feasible, collision attacks) or an unknown vulnerability in SHA-2 variants, and the NSA is trying to make people look elsewhere by talking about how they're going to decrypt mountains of old data.
2. GSM. I don't think the entities the NSA cares about consider GSM secure, so I doubt it.
3. RSA, DSA, plain DH. It's no secret that the NSA has been strongly encouraging suite B (EC-based) variants of older ciphersuites. But why would they encourage people to be skeptical about security of existing non-EC public key crypto just a few years after they're able to start cracking it?
4. AES. Nightmare scenario (no replacement in the pipeline).
Perhaps someone else has discovered whatever the vulnerability is, and they're too visible and cannot be coerced into shutting up, but were induced to shut up temporarily; in that case this could be part of a disclosure strategy by the NSA, possibly about a factoring/DLP advance enabling cracking of plain RSA and/or DH.
The article doesn't say anything was cracked, and the "breakthrough" is mentioned when talking about supercomputing. It would take a mind-boggling supercomputing breakthrough to put 128 bit block ciphers at risk. Could this be Bamford trying to sell more books by creating drama?
Ignoring mathematical properties, the timing wouldn't make sense. Barely anyone used ECDSA/ECDH until very recently, and still it's rare. It wouldn't make sense that the NSA has been pushing suite B for gov agencies since this "breakthrough".
I doubt they have the computing power or the tools to decypher more complex algorithms, the sheer amount of encrypted data seems to big. occams razor would dictate they are just storing vast amounts of data, maybe mapping communications (eg. mails from afghanistan to the us, etc) and then bruteforcing some of the really interesting stuff. it's not like a us government agency can suddenly leapfrog decades of research in encryption.
"I think in the coming decade, the real threats to the Internet don't come from the Bad Guys, they don't come from the criminals or the hackers, they come from politics and they come from economics, and that's really what I want to spend time talking about at RSA this year."
As a Mormon who attended BYU in Provo, Utah, I can attest that a very large percentage of the young male population is not only bilingual in common and uncommon languages, but there's a deep sense of patriotism. Universities in Utah are heavily recruited for law enforcement (FBI) and foreign service.
I agree that most of the reason for the Utah location is probably cost, but the demographics are also very unique (and yes, fairly homogeneous as well).
That is pedantry. I understand your point, but when people say something is "very" unique, they mean it's not common, or is unusual in some way. "Slightly unique" makes little sense, but "somewhat unique", while somewhat awkward, can mean "unique in some aspects, but not others".
And if you want to be really pedantic, then you have to admit that most anything can be considered unique at fine enough levels of detail. But there is no point to calling something "unique" then; it loses meaning if everything is in fact unique. Uniqueness really is more of a spectrum, when applied to the real world.
A few years ago I remember reading about this on slashot. If I remember correctly, their electricity bill has something to do with the move as well, as I think the NSA accounts for 1/4 of the electricity supplied to Maryland.
One definition of excess capacity is waste (I'm not insisting it is always a correct definition).
I imagine the regulatory environment surrounding generation in California and local opposition to big ugly infrastructure are much bigger factors in the prices than the technical capacity to actually upgrade the power grid there.
Wired's articles are reasonably paged, and the complete article is very long. On many devices (eg phones) long pages don't always render well. Additionally, a publication like Wired deserves the page views for the good article.
It is different for publications that only have a paragraph per page.
and let the user's user agent decide what pagination view to display and how. That often happens automatically on well designed websites. That also helps the Hacker News duplicate submission detector work in its intended way.
We also know that there is a very few people that connect people together, the social "hubs".
What totalitarian regimes(Mussolini, Hitler, Stalin, Pol Pot, Kim Jol Il) did was identify those hubs an exterminate them(at first they can't kill them so putting them in jail is enough), and replacing them with puppets, eventually changing society overnight.
It is too risky having someone storing every single communication between people(including cell phone calls). They will understand what you say(a la Siri) and text analyze it and search display it on graphs. With facebook and cell phone connections they have everything to know more about yourself that you know thyself.
When the US debt bubble explodes(that will happen in less than 5 years) and people loose a significant part of their savings and get angry about the status quo I don't know what is going to happen.
The US is becoming more and more of a totalitarian state day after day.
Hahaha, think they're gonna tell you? The NSA is by FAR the most secretive govt agency, more so than the NGA, CIA, or any other three letter agency. And the scale of their operations are kinda scary, and probably violate several consitunional rights... But's that's just opinion banter, will we ever really know for sure?
People good at math, or data mining, or etc might enjoy working for GCHQ. I assume they'd enjoy working for NSA.
There's a bunch of very smart people, with interesting tech, and, uh, low pay.
I don't know about NSA but GCHQ is subject to a lot of oversight; breaking laws would be problematic. Laws get written with specific exclusions for GCHQ. And there are creative methods to evade other laws - US in theory cannot spy on its citizens so they team with UK and ask us to do it for them.
If this will be one of the most powerful encryption-cracking facility in the world, can we just set our key strength based on it's computing power? So if they end up being able to crack 1024 bit keys, can we just set our keys to 2048 and be ok? And then when they upgrade, everyone goes to 4096?
I'm not a security expert (obviously), so maybe I'm wrong, but in general I don't see how they'll be able to build new monster computing facilities as fast as consumer hardware can be upgraded to use slightly stronger encryption.
If they are actively logging communications for future decryption due to predicted increased computational power, and the allegations of them leaking confidential communications to US firms to gain competitive advantage are true:
Then this is another argument against (foreign/multinational) businesses conducting anything sensitive in the cloud, even if it is encrypted end to end and stored encrypted. Particularly for information that the businesses want to keep indecipherable for many years.
Most likely most of their breaks consist of widespread implementation of very specific techniques on problematic protocols (say timing attacks). Even with the ability to straightforward break certain primitives, it's computationally intensive, so widespread crypto usage still hurts their dragnet ability. And they certainly can't engage in widespread active attacks, so I doubt they care very much about digest/signature algorithms. And why would they waste time snooping SSL banking sessions just to screen scrape the HTML when having the banks/FinCen setup a DB mirror is much easier?
Even if you were to find out, what good would it do? Let's say the worst case scenario was true, and all block ciphers are extremely busted, and their contents decrypted and mined along with everything else. Would you basically forfeit your life to be a patriot of humanity and publicize that fact? (Especially given how much kool-aid you had to drink to find out in the first place, and how overwhelmed you'd be by the reality of an industrial spying operation). If such a break really is the case, the private sector will figure it out over time. Meanwhile, IMHO, the only thing a freedom-preserving person can do is assume the abstract concepts of cryptography are feasible, and build systems with the primitives we currently have. Don't worry about them reading your present communication in the future, because if we're to the point where they're casually arresting people based on their ideas, we're boned anyway.
Also, to anyone who thinks "US laws protect citizens from spying", your wishful fairytale is only deceiving yourself. I'm sure NSA views the whole process akin to a quantum computation, where they massage the data on everyone using massive vector operations (which they don't consider interception on individuals, as it's a mechanical process), and then a kind of decoherence step where they read the answer. If your completely-between-citizens correspondence is interesting, it's reflected in the interest level of a cross-border relationship, and the latter is reported. They start a specific investigation (with the sham-court rubber stamp) and see the whole picture eventually. And yes, I know the NSA isn't interested in widespread de facto criminality, but if the only reason the details of your personal life aren't being scrutinized by another human being is that you are just not interesting enough, exactly how could you claim that you aren't being spied on?
If such a thing exists, they wouldn't share it internally either. It seems they are already collecting data across many protocols and encryption schemes, and very few people would get to know reliably which were cracked or how.
That said, the various security clearances you'd have to pick up would virtually guarantee serious compensation in the private sector, if/when you chose to leave. There are a lot of positions that can't possibly be outsourced or filled with H1-B workers.
Is that £25k training pay or introductory pay. When I was applying for an Air traffic controller position, training pay (18 months) was £13k. But duty pay was much higher and, according to the ATCs at the interview day, overtime regularly pushed it into £50k-60k at the busiest airports.
I have a feeling the £25k isn't the complete story and there might be other compensation not mentioned.
Nope its civil service (you dont get big pay rises) this is for entry level grads and 25k is low discounting the fact that ML and Crypto is worth more as a specialisation than bog standard Java by the numbers graduates.(and GCHQ you would have to go through the DV process and work in the middle of nowhere)
Oh and for the past few years there have been pay freezes in the civil service which will be continuing for the life of this parliament.
I didn't downvote you, but my guess is that your (pre-edit) comment adds little to the conversation, and could nearly as easily have been expressed by upvoting the parent (which, IMO, also fails to add much to the discussion).
If they weren't using all that power to spy on US citizens, it might be a bit more palatable. You can make a case for being nosy when it comes to people who aren't covered by our own Constitutional guarantees, but when it comes to US citizens, due process is something I consider awfully important. (And no, "national security letters" are not what I consider due process.)
Obviously not everything the NSA does is a problem from a Constitutional standpoint, but still... the odds of being ordered to do something I would find grossly unethical are too high for me to want to work there.
Worse still, I could see myself modifying my own ethics over time for the sake of staying in my employer's good graces. How many people can honestly say they would never fall prey to that temptation?
A shame, too, because I'll bet they still have some of the coolest toys around, even in the present age of commoditized supercomputing.
The NSA is relatively careful not to do blanket spying on US citizens, at least not directly, outside of specific legally approved programs (the NSLs, combatants, those engaged in communications with a foreign power, etc.). I agree the NSA and military/intelligence overreaches, but the people within NSA do make some effort to obey the law. The right place to change this is with the legislature (and judiciary) -- if there were stronger laws against domestic spying, the NSA would follow them.
It's also quite reasonable (and I'd say honorable) to not work for them, if you think either they're doing something immoral, or it would negatively affect you. I support a lot of the NSA's mission (cyber defense for the US and USG, specific international activity against enemies of the US), but certainly would like to see greater privacy protections in the US, and to protect private citizens (vs. governments) globally.
The problem, Ryan, is that when you have a huge super-secretive military government organization whose people "make some effort to obey the law", there's absolutely nothing stopping them from, one day, with no fanfare, choosing to start ignoring the law when and where convenient.
There are no checks or balances on their power and the potential abuse thereof. They operate in a legal vacuum, with carte blanche to do whatever they decide is necessary. Even THEIR BUDGET is classified information. We're not even allowed to know how many tax dollars they're spending to do illegal shit they're not telling us about.
You can support their mission 100% (I do), and still think that they should be entirely disbanded for this reason alone.
Only criminals would operate in this sort of LEGAL environment.
You've obviously never worked for a government agency if you think anything could 'just happen' one day.
It's hard enough to get things done that you ARE legally allowed to do, let alone anything remotely questionable.
Tell that to a country that has had a military coup, or similar. One day the military obeys civilian orders, the next day they don't. Same could happen with NSA. One day they obey the law, the next day they don't.
Wouldn't have to be the whole agency, just some small, but connected, group. They could sell information to foreign countries or, maybe more likely, companies or do all sorts of other socially destructive but personally profitable things.
Of course it doesn't literally happen overnight. But would we know about it if NSA/CIA and similar started going rogue? Seems to me that the government would cover up any extra-legal activities that were discovered so we'd never know until it was too late.
You've obviously never worked for a government agency if
you think anything could 'just happen' one day. It's hard
enough to get things done that you ARE legally allowed to
do, let alone anything remotely questionable.
That's pure BS. I know of a couple of companies which had done work for gov't agencies which were screwed by powerful individuals in said agencies doing blatantly illegal things. In both cases, the companies involved refused to go along, and paid the price. 7 years down the road, they were "cleared", but the companies' owners had suffered great financial and personal devastation. Nothing happened to the gov't individuals save promotions.
There was a scandal when the NSA's high-volume tap at AT&T came to light. Such a tap at a core router counts as blanket spying. The reaction to it, increased powers and retroactive immunity, speaks volumes.
The very idea that something like “retroactive immunity” can protect someone from the consequences of breaking the law is a bit mind-bending. Whoever comes up with this stuff, it is to protect a culture of unaccountability and disregard for the law.
Out of interest - why do you consider it more unethical to spy on people from one arbitrary geographical area as opposed to people from another? What if they agree not to spy on anyone from Utah and only spy on those suspicious people from other states?
> So you would be quite happy that All American Terrroists are safer than forign Actors?
Maybe it goes without saying, but yes, yes, a thousand times yes.
The U.S. Constitution guarantees the rights of everyone in the United States, whether citizen, immigrant, or undocumented, whether law-abiding or terrorist. It specifically guarantees a right to trial, and forbids government searches without a warrant based on probable cause.
The founders knew that government can eat away at vague promises of freedom, and so they guaranteed not only "due process of law" and security from "unreasonable searches and seizures," but also specific mechanisms for protecting those rights from the government. They guaranteed those rights to everyone on our shores.
Personally I hope for a day when everyone in the world is entitled to the same rights. But until that happens -- yes. The law demands that all human beings will be safe on our soil, unless and until they are punished by due process of law. May we find the courage to live up to that demand.
I'm older than you are, evidently. Over the years, as I've read literature from various eras and traveled to various places, I've learned that people can feel under more constant surveillance, and BE under more constant surveillance, in a small, isolated town or village than as citizens of a modern high-technology state. And yet in 1989 people in several parts of central Europe rose up for freedom--courageously doing so even after the Tian'anmen Square Massacre was a worldwide news story--and defeated the secret police organizations of totalitarian dictatorships. You can still fight for freedom. That takes courage, but you'll find the courage if freedom means that much to you. I'm wondering when the tens of thousands of local uprisings that China reports each year in its official press will coalesce into a national movement for freedom.
1989 people in several parts of central Europe rose up for freedom--courageously
there was no need to rise up in central Europe: the regime collapsed by itself, primarily for financial reasons. The countries were surveyed by the West years before, and given IMF loans. The rest in 89 was literally a show, albeit not in theatres but on screens. the regimes just morphed, like now in China.
Good news. The more resource spent on electronical intelligence the less money spent on human intelligence.
And since humint has proven to be far more efficient, praise the experts for taking the wrong decisions.