I´m pretty sure the unencrypted communications will be automatically parsed and processed to look for certain patterns or keyword, and if not found, ignored, but after processing nonetheless.
They can attack an encrypted communication and probably decrypt it, but they just want you to be afraid of encrypting with fear of being targeted so that they have it easier to process your information.
But that´s a fallacy and a puny tactic to make the general public afraid of being under scrutiny because of the very reason of using encryption.
They might be able to decypher encrypted communications if they are the minority, but even with their big supercomputers and billions of dollars, I doubt they would be able to process people´s communication if encryption was the majority of communications.
And these articles work towards the NSA´s goals and agenda misleading the public in thinking that it´s better not to use any encryption at all. If the public was educated on this subject and everyone used encryption, I guess they would have a really hard time processing all this information...
>> They can attack an encrypted communication and probably decrypt it
No. If you do it right, nobody on earth can decrypt it. From Bruce Schneier:
>> In fact, we cannot even imagine a world where 256-bit brute force searches are possible. It requires some fundamental breakthroughs in physics and our understanding of the universe. For public-key cryptography, 2048-bit keys have same sort of property; longer is meaningless.
and
>> These numbers have nothing to do with the technology of the devices; they are the maximums that thermodynamics will allow. And they strongly imply that brute-force attacks against 256-bit keys will be infeasible until computers are built from something other than matter and occupy something other than space.
>> But what about very well funded entities such as the US National Security Agency (NSA)? Could they build a machine to crack a 256 bit key? Assume they could build a theoretical nanocomputer that executes 10^13 instructions per second (approximate rate of atomic vibrations) in a space of a cube with a side that is 5.43nm across (This is the approximate size of a silicon lattice10 atoms wide, or a crystal containing 1000 silicon atoms). Assume that it could calculate an attempt in 10 cycles. Such a computer the size of the earth would take more than 10^13 years (roughly 58 times the estimated age of the earth) to attack a 256 bit algorithm via brute force.
Snowden himself said it in a recent interview: the NSA can not decrypt your messages if you use a reasonable encryption method. They rely on endpoint security.
"They can attack an encrypted communication and probably decrypt it"
Why this assumption? The NSA has NO super-human abilities.
And one of their jobs is to protect gov secrets. Which is why they participated in the AES standard. If you really believe they can decrypt AES, then you believe they chose an algo that is insecure, than would allow China, Russia and others with similar abilities to read any of our nation's secrets.
Not to mention, that there are currently no known attacks that would allow them to decrypt AES in any reasonable amount of time, even if they had every single computer in the world.
If you really believe the NSA can decrypt anything, then you're out in conspiracy-theory land, with magical yet-to-be-invented computers, and humans with super-math abilities.
A larger research budget than the entire open cryptographic community? Maybe. But it's not just about budget. A lot of the smartest cryptographers don't work for the NSA anymore, because they like to publish their research, and/or because industry pays better.
If you haven't broken the algorithm, a "larger hardware budget" really isn't helpful at all. Key sizes are big enough that the laws of physics prevent you from brute-forcing them. From Bruce Schneier: "If we built a Dyson sphere around the sun and captured all its energy for 32 years, without any loss, we could power a computer to count up to 2^192. Of course, it wouldn't have the energy left over to perform any useful calculations with this counter." http://www.schneier.com/blog/archives/2009/09/the_doghouse_c...
If they've made a huge breakthrough on quantum computers, they could break the popular public-key algorithms, but could only halve the effective key size of symmetric algorithms.
> Key sizes are big enough that the laws of physics prevent you from brute-forcing them
A lot of it still boils down to password guessing. The limitation is in the user's choice of password, not the laws of physics.
Given the techniques listed here http://arstechnica.com/security/2013/05/how-crackers-make-mi... (e.g. generating password guesses with Markov chains) suprisingly long and un-obvious passwords are found without brute-forcing the whole space. In other words, you have to pay attention to a whole lot of lateral things to actually be secure. The mathematical properties of the key-space don't matter if your OS has been backdoored and a keystroke logger installed.
That's only true if you have a copy of the user's encrypted private key. You've got that if you've confiscated his hard drive, but it doesn't go over the wire. The key itself is random.
A keylogger bypasses the whole thing but so far nobody's accusing the NSA of hacking lots of domestic computers, and that would definitely do away with the excuse that "we didn't know he was in the U.S."
> That's only true if you have a copy of the user's encrypted private key. it doesn't go over the wire.
I know several people who have put all of their (strong) website passwords in a 1password/keepass/truecrypt file covered by a password that they can remember and type; and then put that on dropbox. Over the wire. I am assuming that this is compromised now.
> nobody's accusing the NSA of hacking lots of domestic computers
I am sitting in front of a domestic computer that is not in the US. The line about "but only for non-americans" is no reassurance whatsoever to the world.
I was familiar with both those stories, and neither is about the NSA hacking into domestic computers (by which I mean, computers in the USA, which is "domestic" for the NSA). Voluntary cooperation by firms is not the same as the NSA surreptitiously installing keyloggers.
And yet you were arguing a few comments up that the keyspace that 1password etc use was too large to ever crack. But you have to remember some master password. Your crypto is only as strong as the weakest part.
> domestic computers (by which I mean, computers in the USA)
I'm sorry, I thought that you meant "computers in people's houses". In the USA or not, I could not care less.
> Voluntary cooperation by firms is not the same as the NSA surreptitiously installing keyloggers
The keyloggers is a logical endpoint of what they would do with the 0-day exploits mentioned in the two articles. Not directly related to the "cooperation by firms"
The annoying thing about this defeatist attitude is that people don't realise it's the same thing as being afraid of their massive resources being employed to purchase enormous kettle elements to boil the ocean.
As a foreigner with an enormous distaste for the US government and a comfortable relationship with cryptography I say; good luck with that fascists, bring it on.
I don't think that I personally have a "defeatist attitude". To guard yourself against someone with superior resources but no superpowers is possible, but you do have to be very careful.
"cryptography" is not enough - but good cryptography with good passwords, and due care at the points where the decryption happens may be.
All the computers in the world wouldn't be able to brute force the strongest crypto algorithms in far more than billions of years. Are you implying that the NSA has access to other planets?
No, but I am implying that your choice of crypto, your choice of passwords, and your security at the points where the decryption happens had all better be good. They have superior resources but no superpowers. You only have to make one mistake in order to be exposed.
This 'tactic' was classified until leaked, so I don't think its purpose is to scare the public. My guess is that they just want tons of ciphertext samples to use in future cryptanalysis work.
Since he's apparently now deep in debriefment with the Ruskies, this would have been a brilliant counter-intel maneuver, leveraging the prejudices of all of us chattering morons to fake out everybody in the world.
That it would have been brilliant, is how I know that General Surveillance and his minions didn't do it.
There's absolutely no evidence that's true. People are just speculating that the Russians might want to do that. As far as anyone knows, Snowden is still sitting in the transit area of the Moscow airport and has never left that location so far.
They can attack an encrypted communication and probably decrypt it, but they just want you to be afraid of encrypting with fear of being targeted so that they have it easier to process your information.
But that´s a fallacy and a puny tactic to make the general public afraid of being under scrutiny because of the very reason of using encryption.
They might be able to decypher encrypted communications if they are the minority, but even with their big supercomputers and billions of dollars, I doubt they would be able to process people´s communication if encryption was the majority of communications.
And these articles work towards the NSA´s goals and agenda misleading the public in thinking that it´s better not to use any encryption at all. If the public was educated on this subject and everyone used encryption, I guess they would have a really hard time processing all this information...