Month: April 2015

The NSA wants a multi-part encryption key for “front door” access to your data

The NSA wants a multi-part encryption key for 'front door' access to your data

The US National Security Agency (NSA) appears to be increasingly concerned about the growing adoption of encryption and its ability to thwart the agency’s surveillance efforts.

Now, after months of debate with tech firms about government access to encrypted data on smartphones and other devices, the NSA has proposed a solution which it hopes will strike a balance between its desire to know everything about everyone and the average law-abiding citizen’s right to privacy.

According to The Washington Post, that solution – put forward by NSA director Michael S. Rogers – lies in a multi-part encryption key, created by various tech companies, which could unlock any device.

Speaking at Princeton University recently, Rogers said the key could be broken into several parts, meaning no one agency or company would be able to use it without the co-operation of the others:

I don't want a back door. I want a front door. And I want the front door to have multiple locks. Big locks.

With the highly contentious Section 215 of the Patriot Act – legislation that has allowed mass eavesdropping from the security services – due to sunset on 1 June 2015, privacy rights groups and concerned members of the public have long been voicing their concerns about bulk data collection.

Add to that the fact that firms such as Apple, Google and Microsoft recently sent a letter to President Barack Obama which demanded an end to data collection, and you can probably see why the NSA is exploring more palatable alternatives.

The debate about encryption and government access comes about as tech companies continue to make customer privacy a key selling point for their products and services.

Companies like Apple – which recently took the decision to enable device encryption by default and made key promises to its customers concerning their privacy – are giving the NSA a real headache as the agency argues the need for government access to data to aid in the battle against crime and terrorism.

Edward Snowden, for his part, continues to lament the level of access the US government still has. At a ecret meeting at this year’s South by Southwest festival he urged tech companies to foil surveillance efforts through the development of better privacy tools.

But Rogers firmly believes that his proposal for a ‘front door’ is both sound and justified, allowing for access as and when required, while keeping data safe from would-be hackers and other forms of attack.

Of course, his view is not universally shared – Donna Dodson, chief cyber­security adviser at the Commerce Department’s National Institute of Standards and Technologies pointed out that a master key still presents a risk, even if it is broken into parts held by different parties:

The basic question is, is it possible to design a completely secure system? There’s no way to do this where you don’t have unintentional vulnerabilities.

Privacy advocates and industry officials alike are not convinced by Rogers’ proposal either. Marc Zwillinger, a former Justice Department official now working as an attorney for tech companies on encryption-related matters, told the Post that law enforcement should not have the undeniable right to access every means of communication between two parties. He added:

I don’t think our Founding Fathers would think so, either.

The fact that the Constitution offers a process for obtaining a search warrant where there is probable cause is not support for the notion that it should be illegal to make an unbreakable lock. These are two distinct concepts.

Another Reason For Ubiquitous Web Encryption: To Neuter China’s “Great Cannon”

Another Reason For Ubiquitous Web Encryption: To Neuter China's "Great Cannon"

China’s web censorship machine, the Great Firewall, has a more offensive brother, researchers have declared today. Called the Great Cannon by Citizen Lab, a research body based at the University of Toronto, it can intercept traffic and manipulate it to do evil things.

In recent distributed denial of service (DDoS) attacks on code repository Github, the Great Cannon was used to redirect traffic intended for Baidu , the equivalent of Google in China, to hit two pages on the target site, including one that provided links to the Chinese-language edition of the New York Times. GreatFire.org, a website dedicated to highlighting Chinese censorship, was hit by a similar attack.

The Great Cannon only intercepts traffic to or from a specific set of targeted addresses, unlike the Great Firewall, which actively examines all traffic on tapped wires going in and out of China. According to Citizen Lab, in the recent DDoS hits, it intercepted traffic going to Baidu, and when it saw a request for certain JavaScript files on a Baidu server, it appeared to either pass the request on “unmolested”, as it did for 98 per cent of connections, or it dropped the request before it reached Baidu and sent a malicious script back to the requesting user, as it did nearly 2 per cent of the time. That malicious script would fire off traffic to the victims’ servers. With so many users redirected to the targets, the internet pipes feeding Github and GreatFire.org were clogged up, taking them offline. It was an effective, if blunderbuss, approach to censoring the targets.

But, as the researchers noted, the Great Cannon could be abused to intercept traffic and insert malware to infect anyone visiting non-encrypted sites within the reach of the attack tool. That could be done, said Citizen Lab, by simply telling the system to manipulate traffic from specific targets, say, all communications coming from Washington DC, rather than going to certain sites, as in the abuse of Baidu visitors. “Since the Great Cannon operates as a full man-in-the-middle, it would also be straightforward to have it intercept unencrypted email to or from a target IP address and undetectably replace any legitimate attachments with malicious payloads, manipulating email sent from China to outside destinations,” Citizen Lab added in its report released today.

The Great Cannon is not too dissimilar to QUANTUM, a system used by the National Security Agency and the UK’s GCHQ, according to the Edward Snowden leaks.  So-called lawful intercept providers, FinFisher and Hacking Team, sell products that appear to do the same too, Citizen Lab noted.

But there’s one simple way to stop the Great Cannon and the NSA from infecting masses of users: encrypt all websites on the internet. The system would not be able to tamper with traffic that is effectively encrypted. The SSL/TLS protocols (which most users commonly use when on HTTPS websites rather than HTTP) drop connections when a “man-in-the-middle” like the Cannon is detected, whilst preventing anyone from peeking at the content of web communications.

There are some significant projects underway designed to bring about ubiquitous web encryption. Just this week, the Linux Foundation announced it would be hosting the Let’s Encrypt project, which seeks to make SSL certificates, which website owners have to own and integrate into their servers to provide HTTPS services, free and easy to acquire. It should be possible to grab these simple and (hopefully) secure certificates from mid-2015, though Josh Aas, executive director at the the Internet Security Research Group (ISRG), which runs Let’s Encrypt, would not say when exactly. It has some serious backers, including Akamai, Cisco, Electronic Frontier Foundation and Mozilla.

It’s unclear whether Let’s Encrypt would provide certificates to Chinese sites. “The default stance is that we want to issue to everyone – but we will have to comply with US laws… our legal team is looking into it.”

“There’s a lot of the web that isn’t encrypted,” added Jim Zemlin, executive director at The Linux Foundation. “We think that’s a big deal for internet security.”