Guru3D.com
  • HOME
  • NEWS
    • Channels
    • Archive
  • DOWNLOADS
    • New Downloads
    • Categories
    • Archive
  • GAME REVIEWS
  • ARTICLES
    • Rig of the Month
    • Join ROTM
    • PC Buyers Guide
    • Guru3D VGA Charts
    • Editorials
    • Dated content
  • HARDWARE REVIEWS
    • Videocards
    • Processors
    • Audio
    • Motherboards
    • Memory and Flash
    • SSD Storage
    • Chassis
    • Media Players
    • Power Supply
    • Laptop and Mobile
    • Smartphone
    • Networking
    • Keyboard Mouse
    • Cooling
    • Search articles
    • Knowledgebase
    • More Categories
  • FORUMS
  • NEWSLETTER
  • CONTACT

New Reviews
Backforce One Plus Gaming Chair review
ASUS GeForce RTX 3080 Noctua OC review
AMD Ryzen 5 5600 review
PowerColor RX 6650 XT Hellhound White review
FSP Hydro PTM Pro (1200W PSU) review
ASUS ROG Radeon RX 6750 XT STRIX review
AMD FidelityFX Super Resolution 2.0 - preview
Sapphire Radeon RX 6650 XT Nitro+ review
Sapphire Radeon RX 6950 XT Sapphire Nitro+ Pure review
Sapphire Radeon RX 6750 XT Nitro+ review

New Downloads
Corsair Utility Engine Download (iCUE) Download v4.24.193
Intel HD graphics Driver Download Version: 30.0.101.1994
GeForce 512.95 WHQL driver download
AMD Radeon Software Adrenalin 22.5.2 driver download
AIDA64 Download Version 6.70
FurMark Download v1.30
Display Driver Uninstaller Download version 18.0.5.1
Download Samsung Magician v7.1.1.820
Intel ARC graphics Driver Download Version: 30.0.101.1732
HWiNFO Download v7.24


New Forum Topics
AMD Announces Ryzen 7000 - passing 5.5 GHz 15% Single Thread perf Increase - RDNA2 AMD reaffirms that the 5.5+ GHz of the Ryzen 7000 in the presentations was achieved without overclocking NVIDIA GeForce 512.95 WHQL driver download & Discussion NVIDIA DLSS Extends Support for 12 More Games including Hitman 3 and F1 22 Nvidia Shadercache setting. RTX 3080 fans go crazy Lexar 2 GB/s SL660 BLAZE Portable SSD The AMD Ryzen All In One Thread /Overclocking/Memory Speeds & Timings/Tweaking/Cooling Part 2 NVIDIA Re-Enables LHR On Its Graphics Cards With New Driver Review: Backforce One Plus Gaming Chair




Guru3D.com » News » How is NSA breaking so much crypto?

How is NSA breaking so much crypto?

by Hilbert Hagedoorn on: 10/19/2015 09:14 AM | source: | 25 comment(s)
How is NSA breaking so much crypto?

There have been rumors for years that the NSA can decrypt a significant fraction of encrypted Internet traffic. In 2012, James Bamford published an article quoting anonymous former NSA officials stating that the agency had achieved a 'computing breakthrough' that gave them 'the ability to crack current public encryption.'

 The Snowden documents also hint at some extraordinary capabilities: they show that NSA has built extensive infrastructure to intercept and decrypt VPN traffic and suggest that the agency can decrypt at least some HTTPS and SSH connections on demand. However, the documents do not explain how these breakthroughs work.

The key is, somewhat ironically, Diffie-Hellman key exchange, an algorithm that we and many others have advocated as a defense against mass surveillance. Diffie-Hellman is a cornerstone of modern cryptography used for VPNs, HTTPS websites, email, and many other protocols. Our paper shows that, through a confluence of number theory and bad implementation choices, many real-world users of Diffie-Hellman are likely vulnerable to state-level attackers. 

For the nerds in the audience, here's what's wrong: If a client and server are speaking Diffie-Hellman, they first need to agree on a large prime number with a particular form. There seemed to be no reason why everyone couldn't just use the same prime, and, in fact, many applications tend to use standardized or hard-coded primes. But there was a very important detail that got lost in translation between the mathematicians and the practitioners: an adversary can perform a single enormous computation to “crack” a particular prime, then easily break any individual connection that uses that prime.

How enormous a computation, you ask? Possibly a technical feat on a scale (relative to the state of computing at the time) not seen since the Enigma cryptanalysis during World War II. Even estimating the difficulty is tricky, due to the complexity of the algorithm involved, but our paper gives some conservative estimates. For the most common strength of Diffie-Hellman (1024 bits), it would cost a few hundred million dollars to build a machine, based on special purpose hardware, that would be able to crack one Diffie-Hellman prime every year. 

Would this be worth it for an intelligence agency? Since a handful of primes are so widely reused, the payoff, in terms of connections they could decrypt, would be enormous. Breaking a single, common 1024-bit prime would allow NSA to passively decrypt connections to two-thirds of VPNs and a quarter of all SSH servers globally. Breaking a second 1024-bit prime would allow passive eavesdropping on connections to nearly 20% of the top million HTTPS websites. In other words, a one-time investment in massive computation would make it possible to eavesdrop on trillions of encrypted connections.






« Incense Burning Under A Macro Lens Is Intense · How is NSA breaking so much crypto? · MSI to offer GeForce GTX 980 Ti Gaming LE (Light) edition »

5 pages 1 2 3 4 5


Humanoid_1
Senior Member



Posts: 960
Joined: 2009-10-14

#5174809 Posted on: 10/19/2015 09:42 AM
wow, that's some real carelessness brought on by number blindness and faith in that blindness.

"Hey guys, we we have this Reeally Big Number, so big we won't have to worry about it being ever cracked, lets all just use the same key...." -.-"""

Kinda reminds me of :

"640 kB ought to be enough for anybody"

lolol

kosh_neranek
Senior Member



Posts: 341
Joined: 2012-12-31

#5174821 Posted on: 10/19/2015 10:01 AM
This is hard to believe. The whole world using just a handful of huge primes for crypto..WOW

Koniakki
Senior Member



Posts: 2843
Joined: 2009-09-15

#5174825 Posted on: 10/19/2015 10:15 AM
Thankfully I upgraded my protection and I'm not worried! :wanker:



RzrTrek
Senior Member



Posts: 2550
Joined: 2012-04-16

#5174832 Posted on: 10/19/2015 10:30 AM
http://i.imgur.com/Nl5gC4R.jpg

How do I upvote your picture?

SirDremor
Senior Member



Posts: 586
Joined: 2008-06-20

#5174838 Posted on: 10/19/2015 10:37 AM
Thankfully I upgraded my protection and I'm not worried! :wanker:
http://i.imgur.com/Nl5gC4R.jpg

Awesome! Lol =)

And regarding the news - as much as I do not like NSO and Snowden - this technology feat is just awesome. Hats off to them.
Though I would be even more happy if it was done via Quantum computing...

5 pages 1 2 3 4 5


Post New Comment
Click here to post a comment for this news story on the message forum.


Guru3D.com © 2022