Tuesday04 October 2022

New Documents Show the NSA's efforst to break encryption and TOR

Reading time is around minutes.

Edward Snowden is the gift that keeps on giving. After walking out on the NSA with a ton of secret documents detailing the extent that the agency and their partners were digging into ordinary people’s lives he started to release them. Even after the first and very damaging release of documents Snowden promised that there was more and worse to come. We have seen some pretty bad things coming from the classified document stash including a report that was recently published by Der Speigel.

The report was covering the way the NSA and other agencies in the “Five Eyes” program are working to compromise encryption methods and anonymous networks like TOR. In it are details of their work including the way they see each as a threat to security (without the whole privacy thing). There is no mention of the legitimate uses of Encryption or TOR. From the stand point of the NSA it is all bad…

Some of the top contenders are AES (Advanced Encryption Standard), SSH, TOR, PGP, and OTR. In this group they have yet to truly penetrate PGP and AES, the others have weaknesses that appear to have given them a foothold. OTR has issues with the application side of the house that leave it vulnerable to exploitation while TOR has some rather critical weaknesses in implementation that seem to excite the spying community.

With TOR, as we have said before, there is the plain truth that someone can track packets based on timing. If you know the time a packet left a suspect system you can find its entry point (possible one that is compromised) and map it through the system of proxies base on the time it exits back into the world. This type of exploit can take some time to setup and requires signal intelligence on the front end (entry points) and more data from the exit points. The timing needs to be down to the second to reduce false positives and mapping the wrong user to the wrong exit point. It is a method that has already been used to back track people through a network when a destination site and exit point IP is known, so the idea of tracking someone through the TOR network is not farfetched.  

In the end there is nothing that is secure and it is only a matter of time before someone finds a way to break into it…

Tell us what you think in our Forum.

Last modified on Monday, 29 December 2014 15:01

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.