The New York Times has reported that the random number generator Dual_EC_DRBG contains a back door from the NSA, which would allow the NSA to break encryption keys generated by the random number generator. Out of interest, why do we trust RSA either? See below - they have some explaining to do: The authors of one NSA presentation boast of a project called FOURSCORE that stores information including decrypted PPTP VPN metadata. Experts have considered PPTP insecure for some time now, but it is still in use in many commercial systems. Both seem to pose few problems for the NSA spies if they really want to crack a connection. The most widely used ones are called Point-to-Point Tunneling Protocol (PPTP) and Internet Protocol Security (Ipsec). VPN connections can be based on a number of different protocols. In other words, by the end of 2011, the NSA's plans called for simultaneously surveilling 20,000 supposedly secure VPN communications per hour. The aim was for the system to be able to completely process "at least 20 percent" of these requests, meaning the data traffic would have to be decrypted and reinjected. This number was expected to increase to 100,000 per hour by the end of 2011. According to an NSA document dating from late 2009, the agency was processing 1,000 requests an hour to decrypt VPN connections.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |