Category: NSA

Oct 26 2015

Top German official infected by highly advanced spy trojan with NSA ties

A diagram of the Regin platform. (credit: Kaspersky Lab)

German Chancellor Angela Merkel may not be the only high-ranking leader from that country to be spied on by the National Security Agency. According to a report published over the weekend, German authorities are investigating whether the head of the German Federal Chancellery unit had his laptop infected with Regin, a highly sophisticated suite of malware programs that has been linked to the NSA and its British counterpart, the Government Communications Headquarters.

As Ars reported almost 12 months ago, Regin is among the most advanced pieces of malware ever discovered, with dozens of modules that can be used to customize attacks on targets in the telecommunications, hospitality, energy, airline, and research industries. Its technical DNA bears some resemblance to previously discovered state-sponsored malware, including the espionage trojans known as Flame and Duqu, as well as Stuxnet, the computer worm and trojan that the US and Israel reportedly unleashed to disrupt Iran's nuclear program.

According to research published last year by security firm Kaspersky Lab, Regin was used to infect more than 100 targets and has been active since 2008. Kaspersky Lab researchers went on to say that the targets included Belgacom, the partly state-owned Belgian telecom, and Jean-Jacques Quisquater, a prominent Belgian cryptographer. Documents leaked by former NSA subcontractor Edward Snowden have further linked Regin to the NSA, specifically to an NSA attack tool dubbed QWERTY. According to German magazine Der Spiegel, QWERTY is a keylogging plugin that's part of a much larger framework described in Snowden-leaked documents as WARRIORPRIDE. The takeaway is that Regin and WARRIORPRIDE are the same thing.

Read 3 remaining paragraphs | Comments

Oct 22 2015

NSA advisory sparks concern of secret advance ushering in cryptoapocalypse

In August, National Security Agency officials advised US agencies and businesses to prepare for a not-too-distant time when the cryptography protecting virtually all sensitive government and business communications is rendered obsolete by quantum computing. The advisory recommended backing away from plans to deploy elliptic curve cryptography, a form of public key cryptography that the NSA spent the previous 20 years promoting as more secure than the older RSA cryptosystem.

Almost immediately, the dramatic about-face generated questions and anxiety. Why would the NSA abruptly abandon a series of ECC specifications it had championed for so long? Why were officials issuing the advice now when a working quantum computer was 10 to 50 years away, and why would they back away from ECC before recommending a suite of quantum-resistant alternatives? The fact that the NSA was continuing to endorse use of RSA, which is also vulnerable to quantum computing, led some observers to speculate there was a secret motivation that had nothing to do with quantum computing.

On Tuesday, researchers Neal Koblitz and Alfred J. Menezes published a paper titled A Riddle Wrapped in an Enigma that compiles some of the competing theories behind the August advisory. The researchers stressed that that their paper isn't academic and at times relies on unsourced facts and opinions. And sure enough, some of the theories sound almost conspiratorial. Still, the paper does a good job of evaluating the strengths and weaknesses of the NSA's highly unexpected abandonment of ECC in a post quantum crypto (PQC) world.

Read 6 remaining paragraphs | Comments

Oct 15 2015

How the NSA can break trillions of encrypted Web and VPN connections


For years, privacy advocates have pushed developers of websites, virtual private network apps, and other cryptographic software to adopt the Diffie-Hellman cryptographic key exchange as a defense against surveillance from the US National Security Agency and other state-sponsored spies. Now, researchers are renewing their warning that a serious flaw in the way the key exchange is implemented is allowing the NSA to break and eavesdrop on trillions of encrypted connections.

The cost for adversaries is by no means modest. For commonly used 1024-bit keys, it would take about a year and cost a "few hundred million dollars" to crack just one of the extremely large prime numbers that form the starting point of a Diffie-Hellman negotiation. But it turns out that only a few primes are commonly used, putting the price well within the NSA's $11 billion-per-year budget dedicated to "groundbreaking cryptanalytic capabilities."

"Since a handful of primes are so widely reused, the payoff, in terms of connections they could decrypt, would be enormous," researchers Alex Halderman and Nadia Heninger wrote in a blog post published Wednesday. "Breaking a single, common 1024-bit prime would allow NSA to passively decrypt connections to two-thirds of VPNs and a quarter of all SSH servers globally. Breaking a second 1024-bit prime would allow passive eavesdropping on connections to nearly 20% of the top million HTTPS websites. In other words, a one-time investment in massive computation would make it possible to eavesdrop on trillions of encrypted connections."

Read 8 remaining paragraphs | Comments

Aug 21 2015

NSA preps quantum-resistant algorithms to head off crypto-apocalypse

The National Security Agency is advising US agencies and businesses to prepare for a time in the not-too-distant future when the cryptography protecting virtually all e-mail, medical and financial records, and online transactions is rendered obsolete by quantum computing.

Quantum computers have capabilities that can lay to ruin all of the public-key cryptographic systems currently in use. These capabilities, which aren't known to be present in the classical computers of today, include the ability to almost instantly find the prime factors of extremely large numbers, using a method called Shor's algorithm. Quantum computing is also believed to be capable of tackling other mathematical problems classical computers can't solve quickly, including computing discrete logarithm mod primes and discrete logs over elliptic curves.

The difficulty of factoring and computing discrete log primes and elliptic curve discrete logs play an essential role in cryptographers' confidence in RSA, elliptic curve cryptography, and other public-key crypto systems. When implemented correctly, most scientists and cryptographers believe that the crypto can't be defeated with today's computers before the end of the universe.

Read 11 remaining paragraphs | Comments