Two researcher point out how NSA can break trillions of encrypted Web and VPN connections
Two researchers have found that the National Security Agency (NSA) of USA could have the technology to break into the 1024 bit Diffie-Hellman cryptographic key exchange due to a commonplace weakness. This means that NSA could be able to peer into a large amount of encrypted communications.
The researchers noted that one single prime is used to encrypt two-thirds of all virtual private networks (VPNs) and a quarter of secure shell (SSH) servers globally, two major security protocols used by a number of businesses. A second prime is used to encrypt “nearly 20 [percent] of the top million HTTPS websites.” This is a commonly used way of keeping data indecipherable for anyone except its intended recipient – almost anyone, that is.
“Since a handful of primes are so widely reused, the payoff, in terms of connections they could decrypt, would be enormous,” researchers Alex Halderman and Nadia Heninger wrote in a blog post published Wednesday. “Breaking a single, common 1024-bit prime would allow NSA to passively decrypt connections to two-thirds of VPNs and a quarter of all SSH servers globally. Breaking a second 1024-bit prime would allow passive eavesdropping on connections to nearly 20% of the top million HTTPS websites. In other words, a one-time investment in massive computation would make it possible to eavesdrop on trillions of encrypted connections.”
The problem is that many of these 1024-bit prime numbers are reused because of how (previously) inconceivably expensive it would be to break them. As noted above, the researchers found that one single prime number is used to encrypt two-thirds of all VPNs and a quarter of all SSH servers, two security measures used by businesses globally. Another is used to encrypt 18 percent of the “top million HTTPS websites.” That means that a single instance of the aforementioned year-long cracking effort could give the NSA access to all of this information.
“This isn’t a flaw in a particular protocol, it’s a property of the math [that] underlies Diffie-Hellman, which is part of the foundation of almost every important cryptographic protocol we use,” Halderman said. “It’s certainly not an overnight [fix]. One of the problems is that the standards behind any important protocols like the IPsec VPN protocol specify that everyone will use these particular primes that by virtue of being so lightly used are made weaker. I think it’s going to be years unfortunately before standards and implementations are widely updated to account for this threat.”