PaulSpoerry.com

Social Media, technology, and geeky stuff for your brain.

  • Home
  • About
    • Privacy Policy
  • Categories
    • Google+ Posts
    • Site news
    • Tech
      • Android
      • Apple
      • Chrome
      • Gadgets
      • Hacking
      • Linux
      • OSX
      • Privacy
      • Web Life
        • Bittorrent
        • Facebook
        • FireFox
        • GMail
        • Google
        • Google+
        • Twitter
        • WordPress
        • Windows
          • Windows 7
    • Google+: Getting Started Guides
    • Games
    • Meditation
    • Politics
    • Science
    • That’s freakin hilarious
  • Code
    • FreeImageZoom
    • Post Editor for Google+™
    • The Plus Editor
  • Contact
You are here: Home / Google+ Posts / NSA can break VPNs, HTTPS websites, email, and many other protocols

NSA can break VPNs, HTTPS websites, email, and many other protocols

October 15, 2015 by Paul Spoerry 2 Comments



How the NSA can break trillions of encrypted Web and VPN connections | Ars Technica
Researchers show how mass decryption is well within the NSA’s $11 billion budget.

There's a reason the NSA isn't pushing to backdoor encryption: they don't need them. "All your base are belong to us."

How come? Most implementations use standardized or hard-coded primes in a Diffie-Hellman key exchange, the SAME primes. So once the NSA cracks a majority of widely used primes they get snoop anything that uses that type of implementation… obviously this is well within its reach.

"Since a handful of primes are so widely reused, the payoff, in terms of connections they could decrypt, would be enormous," researchers Alex Halderman and Nadia Heninger wrote in a blog post published Wednesday. "Breaking a single, common 1024-bit prime would allow NSA to passively decrypt connections to two-thirds of VPNs and a quarter of all SSH servers globally. Breaking a second 1024-bit prime would allow passive eavesdropping on connections to nearly 20% of the top million HTTPS websites. In other words, a one-time investment in massive computation would make it possible to eavesdrop on trillions of encrypted connections."

Check this out on Google+

Filed Under: Google+ Posts

About Paul Spoerry

I’m a groovy cat who’s into technology, Eastern Thought, and house music. I’m a proud and dedicated father to the coolest little guy on the planet (seriously, I'm NOT biased). I’m fascinated by ninjas, the Internet, and anybody who can balance objects on their nose for long periods of time.

I have a utility belt full of programming languages and a database of all my knowledge on databases... I practice code fu. Oh, I've also done actual Kung Fu, and have a black belt in Tae Kwon Do.

I run. I meditate. I dance. I blog at PaulSpoerry.com, tweet @PaulSpoerry, and I'm here on Google+.

I'm currently work for IBM developing web enabled insurance applications for IBM and support and develop a non-profit called The LittleBigFund.

Comments

  1. Sir Lucifer says

    October 15, 2015 at 3:17 pm

    nothing worse then a false sense of security for some and others, well get all the good ideas

  2. Steve Vance says

    October 15, 2015 at 8:10 pm

    They can spy on all the weird sites and porn sites that I visit on the daily all they want. All it's going to get them is an erection.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Copyright © 2023 · Epik on Genesis Framework · WordPress · Log in