{"id":3225,"date":"2015-10-15T18:14:55","date_gmt":"2015-10-15T18:14:55","guid":{"rendered":"https:\/\/www.novonon.com\/blog\/?p=3225"},"modified":"2015-10-15T18:15:35","modified_gmt":"2015-10-15T18:15:35","slug":"the-nsa-sure-breaks-a-lot-of-unbreakable-crypto-this-is-probably-how-they-do-it-boing-boing","status":"publish","type":"post","link":"https:\/\/www.novonon.com\/blog\/2015\/10\/15\/the-nsa-sure-breaks-a-lot-of-unbreakable-crypto-this-is-probably-how-they-do-it-boing-boing\/","title":{"rendered":"Very plausible argument for how NSA breaks much of the crypto online"},"content":{"rendered":"<p><a href=\"https:\/\/boingboing.net\/2015\/10\/15\/the-nsa-sure-breaks-a-lot-of.html\"><img data-recalc-dims=\"1\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/i0.wp.com\/www.novonon.com\/blog\/wp-content\/uploads\/2015\/10\/bump-key.gif?w=625&#038;ssl=1\" alt=\"\" \/><\/a><\/p>\n<blockquote><p>There have long been rumors, leaks, and statements about the NSA &#8220;breaking&#8221; crypto that is widely believed to be unbreakable, and over the years, there&#8217;s been mounting evidence that in many cases, they can do just that. Now, Alex Halderman and Nadia Heninger, along with a dozen eminent cryptographers have <a href=\"https:\/\/weakdh.org\/imperfect-forward-secrecy-ccs15.pdf\">presented a paper<\/a> at the ACM Conference on Computer and Communications Security (a paper that won the ACM&#8217;s prize for best paper at the conference) that advances a plausible theory as to what&#8217;s going on. In some ways, it&#8217;s very simple &#8212; but it&#8217;s also very, very dangerous, for all of us.<\/p>\n<p><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"bordered\" src=\"https:\/\/i0.wp.com\/www.novonon.com\/blog\/wp-content\/uploads\/2015\/10\/lazlo2.jpg?resize=239%2C135&#038;ssl=1\" alt=\"\" width=\"239\" height=\"135\" align=\"right\" \/>The paper describes how in Diffie-Hellman key exchange &#8212; a common means of exchanging cryptographic keys over untrusted channels &#8212; it&#8217;s possible to save a lot of computation and programmer time by using one of a few, widely agreed-upon large prime numbers. The theoreticians who first proposed this described it as secure against anyone who didn&#8217;t want to spend a nearly unimaginable amount of money attacking it.<\/p>\n<p>Lost in transition between the theoreticians and practicioners was the distinction between &#8220;secure against anyone who doesn&#8217;t have a titanic amount of money to blow&#8221; and &#8220;secure against <em>anyone<\/em>,&#8221; and so many of our cryptographic tools use hard-coded and\/or standardized large primes for Diffie-Hellman.<\/p>\n<p><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"bordered\" src=\"https:\/\/i0.wp.com\/www.novonon.com\/blog\/wp-content\/uploads\/2015\/10\/hqdefault1.jpg?resize=239%2C179&#038;ssl=1\" alt=\"\" width=\"239\" height=\"179\" align=\"right\" \/>The paper&#8217;s authors posit that the NSA has undertaken a technological project on a scale &#8220;not seen since the Enigma cryptanalysis during World War II,&#8221; spending an appreciable fraction of the entire black budget to break the standard widely used primes.<\/p>\n<p>&nbsp;<\/p><\/blockquote>\n<p><em><a href=\"https:\/\/boingboing.net\/2015\/10\/15\/the-nsa-sure-breaks-a-lot-of.html\">The NSA sure breaks a lot of &#8220;unbreakable&#8221; crypto. This is probably how they do it. \/ Boing Boing<\/a><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>There have long been rumors, leaks, and statements about the NSA &#8220;breaking&#8221; crypto that is widely believed to be unbreakable, and over the years, there&#8217;s been mounting evidence that in many cases, they can do just that. Now, Alex Halderman and Nadia Heninger, along with a dozen eminent cryptographers have presented a paper at the [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[1],"tags":[],"class_list":["post-3225","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p3pfIY-Q1","jetpack_sharing_enabled":true,"jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/www.novonon.com\/blog\/wp-json\/wp\/v2\/posts\/3225","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.novonon.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.novonon.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.novonon.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.novonon.com\/blog\/wp-json\/wp\/v2\/comments?post=3225"}],"version-history":[{"count":2,"href":"https:\/\/www.novonon.com\/blog\/wp-json\/wp\/v2\/posts\/3225\/revisions"}],"predecessor-version":[{"id":3230,"href":"https:\/\/www.novonon.com\/blog\/wp-json\/wp\/v2\/posts\/3225\/revisions\/3230"}],"wp:attachment":[{"href":"https:\/\/www.novonon.com\/blog\/wp-json\/wp\/v2\/media?parent=3225"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.novonon.com\/blog\/wp-json\/wp\/v2\/categories?post=3225"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.novonon.com\/blog\/wp-json\/wp\/v2\/tags?post=3225"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}