Is anything safe? I mean, at this point, would it be too much to assume that given that the NSA has so much brain power (mathematicians) working for them, that they have not already cracked most encryption schemes we trust? I am not being a conspiracy theorist, I am genuinely curious.
Consider that the CIA's internal policy is to treat every computer you touch as if it's been compromised. Even the ones at your desk in the CIA.
Remember that airgapped, inside a Faraday cage computer deep in the vault in Mission Impossible where that analyst was typing a report? They really have those buried away for the Uber Top Secret, don't give this to Russia/China stuff.
So, if even the spy agencies don't trust anything here at home, you think they might know something we don't. Trust nothing, it's all already compromised, seriously.
I think it's more about complexity than actual case-history: modern machines are so complex in both hardware and software, they're basically un-auditable.
You have programs executing code compiled by other programs on top of programs booted by special programs embedded in hardware chips built with circuits as small as atoms. You can barely detect unauthorised operations at the very top layers (and at huge cost in terms of effort), everything underneath the OS is basically a black box for all intents and purposes... and you can't trust a black box.
Even those are compromised. Key tap patterns can be recorded and calculated. You need to have a zero electronics, faraday cage room in order to start to trust things.
This is why the NSA does their own chip fabrication. Although probably only used for crypto gear not server chips. I wonder what they do for the servers in the Utah DC.
»To protect against secret surveillance, Snowden said, we need to make encryption a part of everything we do. "The bottom line is that encryption does work," he said. "We need to not think of encryption as an arcane, dark art, but as basic protection for the digital world."«
The other element of his encryption comment: the problem is that end-point security is so weak that encryption often isn't effective. That may mean key "exfiltration" (theft), or simply having cleartext access to content.
Schneier addressed this in his recent Stanford lecture on the NSA and Internet security. Long, > 1 hour, but very much worth viewing.
A reasonable assumption to make, and one which I would live by if I had really top-secret information.
However, I doubt it. There are plenty of clever mathematicians not working for the NSA...
Instead I believe they mostly focus on methods to find flaws in implementations of encryption schemes, possibly with the help of some theoretical breakthroughs and formal automated reasoning, because it is so much easier. Even the people working at NSA are lazy ;-)
It's not out of the realm of possibilities for intelligence agencies to let soldiers die rather than risk divulging their actual capabilities.
But I personally don't see much of a (self-determination-ful) way forward other than making the assumption that some public key crypto works (ie one way functions exist), and building secure systems based on it.
> In his 1974 book The Ultra Secret, Group Captain F. W. Winterbotham asserted that the British government had advance warning of the attack from Ultra: intercepted German radio messages encrypted with the Enigma cipher machine and decoded by British cryptoanalysts at Bletchley Park. He further claimed that Winston Churchill ordered that no defensive measures should be taken to protect Coventry, lest the Germans suspect that their cipher had been broken.[1] Winterbotham was a key figure for Ultra; he supervised the "Special Liaison Officers" who delivered Ultra material to field commanders.[2]
> However, Winterbotham's claim has been rejected by other Ultra participants and by historians. They state that while Churchill was indeed aware that a major bombing raid would take place, no one knew what the target would be.[3][4]
> Peter Calvocoressi was head of the Air Section at Bletchley Park, which translated and analysed all deciphered Luftwaffe messages. He wrote "Ultra never mentioned Coventry... Churchill, so far from pondering whether to save Coventry or safeguard Ultra, was under the impression that the raid was to be on London."[5]
> Scientist R. V. Jones, who led the British side in the Battle of the Beams, wrote that "Enigma signals to the X-beam stations were not broken in time," and that he was unaware that Coventry was the intended target. Furthermore, a technical mistake caused jamming countermeasures to be ineffective. Jones also noted that Churchill returned to London that afternoon, which indicated that Churchill believed that London was the likely target for the raid.[6]
4. Hunt, David (28 August 1976), "The raid on Coventry", The Times: 11
5. Calvocoressi, Peter (1981). Top Secret Ultra. New York: Ballantine Books. pp. 85–86. ISBN 0-345-30069-6.
6. Jones, R. V. (1978). Most Secret War: British Scientific Intelligence 1939–1945. London: Hamilton. p. 149. ISBN 0-241-89746-7. This book was also published in the US under the title The Wizard War.
All that being as it may (because you're right), don't let that detract from the larger point about the tension between using intelligence products (like a tip-off about a bombing raid) and protecting the sources and methods of those intelligence products for the future.
The British were paranoid about this; if they wanted to attack a tactical target where the Germans would think "there's no way they could have known about this, our codes must be broken", they'd always send a decoy scout or something out first to "accidentally come across" the secret target.
The Americans did similar things; when Adm. Yamamoto was shot down, his flight was duly "detected" by a reconnaissance plane first, even though the Americans knew full well when it was taking off and where it was going.
Another example: the search for the Malaysia Airlines plane was hampered because regional governments were reluctant to release their radar information because it would reveal their systems' capabilities to other regional governments.
Devil's advocate: Cost/benefit. Snowden already knew they'd be grabbing everything that they could on him. Why spend potentially million(s) dollars cracking the encryption when you can get it cheaper with a court order?
imho it was as a show of force. To deter anybody in a similar situation from taking the same stance against the U.S. government in the future.
The relentless legal troubles of the lavabit case closely mimic the troubles of Joseph Nacchio (who refused NSA wiretapping while he was CEO of Qwest) [0]
You're assuming that they are crackable, some are but it's not a gauranty that they all are. Snowden slack of capture suggests that properly used encryption is still good.
Korea, Japan, Russia, China, India and Brazil will all be spending tons more on encryption. The most fatal flaw in all of this is that I expect they will have their own secure protocols in the next couple decades and what's really ironic, our former "enemies" may do a better job.
