+ Post New Thread
Results 1 to 5 of 5
General Chat Thread, 2010 breakthrough? (by NSA) in General; Recent leaks from the NSA talk about them having made a "breakthrough in 2010", making "vast amounts of data newly ...
  1. #1

    Join Date
    Oct 2008
    Location
    Leeds
    Posts
    222
    Thank Post
    21
    Thanked 17 Times in 17 Posts
    Rep Power
    15

    Post 2010 breakthrough? (by NSA)

    Recent leaks from the NSA talk about them having made a "breakthrough in 2010", making "vast amounts of data newly exploitable".

    Journalists assume it relates to cracking SSL (e.g. HTTPS), but does anyone care to speculate on exactly what that the breakthrough was? The online press seem reluctant to speculate.

    My guess is that they have got hold of one or more of the 'master' secret key(s) used by the main root certification authorities (i.e. a secret key used to sign the certs for the intermediary authorities who then provide/sign certs for companies like Google etc.). My browser has around 25 of these root certificates installed (from the likes of VeriSign etc.)

    This will enable them to produce fake certificates, but this by itself won't let them eavesdrop on traffic 'passively'. They would have to initiate an 'active' Man in the Middle Attack for each SSL session, whereby the session is decrypted-> recorded/analysed -> re-encrypted using a fake certificate, on-the-fly. Which I guess is feasible, but perhaps a little processor intensive for millions of sessions (e.g. when passing through a major Internet hub).

    Or have they cracked SSL in a more fundamental way? If they have not then re-issuing of the root certs would render this breakthrough obsolete.

    If they did obtain the master secret keys from the root CAs (rather than breaking SSL), how did they do this? By hacking into their systems? By brute force on the public keys available in the root certs (would take too long surely)?

    Or have they discovered an efficient way to factorise primes (as in fundamentally breaking RSA/SSL)? Some kind of leap forward in quantum computing?

    No harm in speculating..

    Thanks,

    Bruce.
    Last edited by Bruce123; 6th September 2013 at 08:05 PM.

  2. #2
    kevin_lane's Avatar
    Join Date
    Mar 2007
    Location
    Derby
    Posts
    521
    Thank Post
    26
    Thanked 21 Times in 21 Posts
    Blog Entries
    5
    Rep Power
    20
    But the thing is if they have broken them then surely they would have to tell them because what happened to the data protection act

  3. #3

    Join Date
    Oct 2008
    Location
    Leeds
    Posts
    222
    Thank Post
    21
    Thanked 17 Times in 17 Posts
    Rep Power
    15
    I think GCHQ thinks the DPA doesn't apply to them (or it actually doesn't apply to them - I know there is an exception in the Act for prevention and detection of crime). Similar for NSA and the USA DPA act I imagine.

  4. #4


    Join Date
    Feb 2007
    Location
    51.403651, -0.515458
    Posts
    9,147
    Thank Post
    234
    Thanked 2,738 Times in 2,018 Posts
    Rep Power
    800
    Quote Originally Posted by Bruce123 View Post
    If they did obtain the master secret keys from the root CAs (rather than breaking SSL), how did they do this?
    Some sort of blunt instrument?


  5. #5

    Join Date
    Oct 2008
    Location
    Leeds
    Posts
    222
    Thank Post
    21
    Thanked 17 Times in 17 Posts
    Rep Power
    15
    The obvious/simple solution is often the right one... But I image they'd prefer the carrot to the stick.. less questions asked. IT Bod with the Ferrari in the car park might raise a few eyebrows though.

  6. Thanks to Bruce123 from:

    kevin_lane (7th September 2013)

SHARE:
+ Post New Thread

Similar Threads

  1. [MS Office - 2010] outlook 2010 corrupted by outlook 2003 advertised shortcut
    By KK20 in forum Office Software
    Replies: 1
    Last Post: 14th September 2011, 02:12 PM
  2. Replies: 5
    Last Post: 24th August 2011, 04:48 PM
  3. Replies: 6
    Last Post: 15th February 2010, 09:21 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •