Researchers Figure Out How To Put Invisible Backdoor In Common Internet Encryption

Image courtesy of Saechang

Even consumers who aren’t necessarily very technically-minded have at least a vague sense that an encrypted site is safer to use than one that isn’t. But encryption, alas, is never a permanent cure-all. And that’s why it’s troubling that new research has found it’s easier than anyone thought to put a backdoor into internet encryption that could let any big, surveillaince-minded entity (good morning, NSA) have a listen.

Ars Technica has a much more technical and complete explanation, for those who are into the details. It’s complicated, but if words like “Diffie-Hellman key exchange” and “RFC 5114” have no meaning to you, here’s the gist:

Encryption is, basically, a giant math problem: a set of numbers and a set of rules for what to do with them. Researchers have discovered a way to basically tunnel through or end-run around the process by putting in a number that makes the rules — usually hidden — visible. And when you know the rules the math problem is working with, you can break through it.

An encrypted communication that has this “trapdoor” in it is about 10,000 times easier to solve than one without, Ars explains. That puts access to files encrypted this way within reach for anyone with access to a big enough bank of processing power… like, say, the NSA.

“The Snowden documents have raised some serious questions about backdoors in public key cryptography standards,” one of the researchers on the project told Ars. “We are showing that trapdoored primes that would allow an adversary to efficiently break 1,024-bit keys are completely feasible.”

Ars writes that about 22% of the most popular HTTPS-using sites on the internet use this specific type of cryptographic key. And because of that, if someone with bad intentions (…like the NSA again…) managed to get one of the trapdoor numbers made into a standard, mainstream specification, a huge, huge number of those sites would find themselves vulnerable.

That might sound paranoid… but it wouldn’t be the first time. As Ars points out, there are known previous cases of the NSA deliberately weakening technology standards so that it would have a way to access systems.

NSA-developed code used in 2007 for a random number generator turned out to have a weakness in it that made it easy for the surveillance agency to worm its way back into systems, and the 2013 Snowden document dump confirmed it, Ars reports. And a similar number generator, embedded in different tech, was discovered this year to be a backdoor allowing attackers access to traffic flowing through VPNs.

The up-side is, there’s no proof that any of the security protocols in widespread use on the internet have been made susceptible to the trapdoor. The down-side is, there’s also no proof they haven’t; it’s basically impossible to know without devoting a huge amount of processing power to investigating the problem.

“We show that we are never going to be able to detect primes that have been properly trapdoored,” the same researcher wrote to Ars. “But we know exactly how the trapdoor works, and [we] can quantify the massive advantage it gives to the attacker.”

The solution is, well, better encryption. It’s time for sites to get off of 1,024-bit numbers, Ars and the researchers suggest, and move on to 2,048-bit or even 4,096-bit replacements.

NSA could put undetectable “trapdoors” in millions of crypto keys [Ars Technica]

Want more consumer news? Visit our parent organization, Consumer Reports, for the latest on scams, recalls, and other consumer issues.