Revealed: the encryption tools spies can’t crack

The NSA has been cracking encryption for years. Photo: Reuters

Australia's electronic espionage agency is a partner in a massive United States-led assault on internet security and privacy, according to top secret documents disclosed by former US intelligence contractor Edward Snowden.

The GermanDer Spiegelmagazine has published new disclosures of signals intelligence cooperation between the United States and its "5-eyes" partners the United Kingdom, Canada, Australia and New Zealand revealing that the secret agencies have broken most widely-used forms of internet encryption.

Many of the leaked documents are classified top secret, "COMINT" (communications intelligence) and releasable only to "5-eyes" agencies the US National Security Agency (NSA), the Australian Signals Directorate (ASD), the United Kingdom's Government Communications Headquarters, Canada's Communications Security Establishment and New Zealand's Government Communications Security Bureau.

Intensive efforts to overcome what is described as the "major threat" of "ubiquitous encryption" on the internet have been regularly discussed at top secret "SIGDEV" signals intelligence development conferences between the "5-eyes" agencies.

Advertisement

The leaked documents show the NSA and its allies routinely intercept supposedly secure Hypertext Transfer Protocol (Https) connections used for internet applications including banking and financial services, e-commerce or accessing webmail accounts. According to one top secret document, the NSA planned to crack 10 million intercepted https connections a day by late 2012 with a particular focus on "password based encryption systems".

Other priority intelligence targets are virtual private networks (VPN) which are used by companies and organisations operating from multiple offices and locations. NSA and its partners operate a large-scale VPN exploitation project to intercept the data exchanged inside VPNs. Examples of successful interception cited in the leaked documents include government networks in Afghanistan, Greece, Pakistan and Turkey as well as a Russian telecommunications company.

According to a 2013 NSA document leaked by Mr Snowden and previously revealed byThe New York Times, the ASD obtained nearly 1.8 million encrypted master keys, used to protect private communications, from the Telkomsel Mobile network in Indonesia, and developed a way to decrypt almost all of them.

Another supposedly secure system accessed by the NSA and its partners is Skype, which is widely used to conduct internet video chat. The newly leaked documents show Skype has been successfully intercepted since at least February 2011.

See the rest here:
Revealed: the encryption tools spies can't crack