Cryptographers Attack NSA's Secret Effort to Subvert Internet Security

17/09/2013 19:25
 

 

Cryptographers are fighting back against efforts by spy agencies to secretly weaken the encryption standards designed to keep the Internet secure.

In an open letter posted online Monday, security experts from universities in the United Kingdom and Luxemburg blasted the National Security Agency and its British counterpart GCHQ for what they describe as the “systematic undermining of cryptographic solutions and standards.” The letter was written in response to a jointly reported scoop by the New York Times, ProPublica, and the Guardian that revealed earlier this month how the NSA and GCHQ were working to break and in some cases covertly subvert common forms of encryption. In at least one case, for instance, the NSA apparently planted vulnerabilities in an encryption standard adopted by the National Institute of Standards and Technology, the federal agency responsible for recommending cybersecurity standards, presumably so that it could exploit it for spying.

The academics’ strongly worded letter demands that the U.K. Parliament’s intelligence and security committee—which is tasked with conducting oversight of the country’s spy agencies—open an urgent investigation into the encryption subversion. They write:

By weakening cryptographic standards, in as yet undisclosed ways, and by inserting weaknesses into products which we all rely on to secure critical infrastructure, we believe that the agencies have been acting against the interests of the public that they are meant to serve. We find it shocking that agencies of both the U.S. and U.K. governments now stand accused of undermining the systems which protect us. By weakening all our security so that they can listen in to the communications of our enemies, they also weaken our security against our potential enemies. 

In United States, too, there is also mounting anger over the spy agencies’ covert attempts to break encryption. The NSA’s clandestine conduct appears to be causing tension between government agencies, with the National Institute of Standards and Technology last week distancing itself from the NSA. NIST put out a statement that included a footnote recommending that people steer clear of an encryption standard reportedly targeted by the NSA, and it attempted to reassure people that it “would not deliberately weaken a cryptographic standard.” Johns Hopkins University cryptography researcher Matthew Green told the New York Times that he knew “from firsthand communications that a number of people at NIST feel betrayed by their colleagues at the NSA.”

Read More...

Please note : The content on this site does not always express the viewpoints of the site owner

Many topics are covered and links given, so that you can do your own research

 

FAIR USE NOTICE: These pages/video may contain copyrighted (© ) material the use of which has not always been specifically authorized by the copyright owner. Such material is made available to advance understanding of ecological, Political, Human Rights, economic, scientific, Moral, Ethical, and Social Justice issues, etc. It is believed that this constitutes a 'fair use' of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C. Section 107, this material is distributed without profit to those who have expressed a prior general interest in receiving similar information for research and educational purposes.

globalnoncompliance.net