You rely on encryption every day, but it isn’t as safe from curious government eyes as you once thought it was.
The National Security Agency has broken much of the encryption people use to protect their emails, messages, file transfers, online shopping, and more. That means the NSA has the ability to read such encrypted documents at will — an ability it did not have prior to 2010.
This is just the latest revelation from a series of leaked documents from Edward Snowden released to The Guardian and The New York Times.
According to the reports, the NSA is able to bypass encryption a number of ways: Via back doors the companies build in to their own products at the NSA’s request, through weaknesses built into publicly known encryption standards that the NSA has influenced, and through decryption keys that the NSA has access to, which enable it to decrypt data stored by many commercial products.
If a tech company does not agree to build in back doors or hand over decryption keys, the NSA may resort to stealing the keys by hacking into the company, according to the documents.
“Everything you put on the Internet is always going to come out,” said Wickr co-founder Nico Sell in an interview with VentureBeat. (Wickr makes an app for encrypted communications.)
We reached out to Google and Yahoo to find out if the encryption associated with their email clients is still safe in the light of today’s leak. Neither company has responded. No specific companies or encryption protocols are implicated by name in the the Times and Guardian reports — but it is clear the NSA’s decryption capabilities are widespread.
To understand the problem, imagine encryption like a house. If you want to send a private message to a friend, you don’t send it to her via the mail. Instead, you put a letter on your desk inside the house and then lock the house (encrypting the message). In order for your friend to come read the letter, she needs to have the key to your house, so you’re going to send her your key. But first, you put your key in an envelope that is protected by a special lock that she has provided to you. You send her the locked envelope. She unlocks the envelope with her own key and extracts your key. She can now open your house and read your letter (decrypting the message).
There are a few problems with this classic encryption process, however:
- Short of handing the key to your friend in person, there’s always a chance that the envelope could be intercepted en route to your friend. Even though it is locked (encrypted) that third party could crack the lock.
- Companies that promise to encrypt your messages, such as your email provider, might have a master key that lets them “unlock” any messages sent via their services. That master key gives them a back door that they would have to give to the government if they’re subpoenaed. But it’s not just the government: If there is a master key, hackers could conceivable steal it and use it, too.
- Instead of using a master key, some companies may just decrypt all messages when they hit their servers. But that means that the data is unencrypted for part of its journey — it is not encrypted from end to end (sender to recipient).
Options 2 and 3 have a consumer benefit, which is that it gives the companies a way for you to recover your own information in the event that you lost your private key. But it also gives the government an easy way to access your data too.
“These systems are totally unsecure,” said Wickr chief technology officer Robert Statica. “Master keys are a kiss of death.”
PGP and its free version, GPG, allow you to set up the encryption explained above without any kind of master key, but they’re difficult to use.
So what is a security conscious person or company to do?
As security researcher Bruce Schneier points out, nothing is 100 percent safe, but using some kind of encryption is still better than talking out in the open. Schneier says since the Snowden surveillance documents hit, he has been using:
- GPG, OTR and Silent Circle for encrypted messaging
- TrueCrypt for encrypted local storage
- BleachBit for generally keeping your system squeaky clean
App such as Wickr can also provide good protection for your communications. The company doesn’t allow your unencrypted message to touch any server along the way, which means it’s encrypted end-to-end — meaning that even Wickr doesn’t have access to the unencrypted text. Wickr’s Statica says you should never share your private keys with anyone and you should use end-to-end encryption services only.
But you still have to trust these services, which Sell points out is the backbone of the security industry. At this point, anyone who wants to use another company’s communication or file transfer products needs to read their legal documents.
“Read their actual legal documents where they make legal promises to you. Their marketing might say one thing but their lawyers know better,” said Sell.
“If someone is telling you that they don’t do backdoors, and their privacy policies say there are no backdoors, then I’d trust that.”