Flutterby™! : NSA breaking crypto

Next unread comment / Catchup all unread comments User Account Info | Logout | XML/Pilot/etc versions | Long version (with comments) | Weblog archives | Site Map | | Browse Topics

NSA breaking crypto

2017-03-14 00:01:19.697565+01 by Dan Lyke 0 comments

How is the NSA breaking so much crypto?

For the nerds in the audience, here’s what’s wrong: If a client and server are speaking Diffie-Hellman, they first need to agree on a large prime number with a particular form. There seemed to be no reason why everyone couldn’t just use the same prime, and, in fact, many applications tend to use standardized or hard-coded primes. But there was a very important detail that got lost in translation between the mathematicians and the practitioners: an adversary can perform a single enormous computation to “crack” a particular prime, then easily break any individual connection that uses that prime.

That enormous computation would probably cost a few hundred million bucks, and "Breaking a single, common 1024-bit prime would allow NSA to passively decrypt connections to two-thirds of VPNs and a quarter of all SSH servers globally."

That appears to have happened.

[ related topics: Interactive Drama Privacy Civil Liberties Cryptography Currency Government ]

comments in ascending chronological order (reverse):