The latest tranche of documents to come from whistleblower Edward Snowden has identified the encryption methods - and combinations of methods - that even the US National Security Agency can’t seem to crack.
The documents, published by German newspaper Der Spiegel, include a 2012 slide deck which classifies commonly used encryption protocols into five categories based on their level of obstruction, from ‘trivial’ to ‘catastrophic’, with the latter box reserved for methods incurring “near-total loss/lack of insight to target communications, presence”.
The only example the presentation offers of a ‘catastrophic’ level of crypto protection is the combined use of Tor browsing with the CSpace anonymised messaging system, Trilight Zone anonymisation, and ZRTP (the protocol behind RedPhone and Signal) VOIP client on Linux.
The next category of obstruction is listed as comprising ‘major’ cryptographic impediments.
In this box the NSA has included:
- Zoho encrypted webmail
- Off-the-record (OTR) protocol for instant messaging encryption
‘Major’ level encryption techniques will hide the “majority” of targeted communications from NSA collection when used on their own, but not all, the presentation explains.
Records of failed intercepts, also published by Der Spiegel, suggest that the NSA cyber-spies have not yet cracked the 20+ year-old Pretty Good Privacy (PGP) encryption protocol either. Attempts to access the content of several PGP-encrypted Yahoo mail messages, also sent in 2012, are shown to be unsuccessful, with the explanation “no decrypt available for this PGP message”.
Documents also suggest the NSA was working to crack the Advanced Encryption Standard (AES) - despite endorsing it to the National Institute of Standards and Technology (NIST) at the same time.
On the other side of the coin, however, the documents also attest to the ease - and frequency - at which the NSA has been able to break down privacy protections individuals and organisations work to establish using VPNs to secure communications.
The documents refer to a massive-scale program to decrypt and collect communications exchanged via VPNs thought to be encrypted by the PPTP and Ipsec protocols. They indicate that PPTP-protected communications pose little imposition to the NSA, and when it comes to the harder-to-crack Ipsec protocol, the NSA officers attack individual routers to obtain the decryption keys that will allow them to see the content exchanged.
Meanwhile, the UK’s Government Communications Headquarters (GCHQ) is the NSA partner reportedly leading the charge against decryption of the commonly-used TLS and SSL protocols, commonly used to protect financial transactions and passwords online.