ECHDE_RSA offers an excellent degree of protection against after the fact analysis if and only if the private key is disclosed (or captured.)
If the the privkey is unavailable, NSA can always go after the session keys -- capture of communications is actually made easier in these cases when sites use SSL Keep-alive and Session resumption. It makes things much harder for them, though. The session key is always weaker than the RSA or DH exchange. -j On Fri, Jun 21, 2013 at 8:14 AM, Joseph Lorenzo Hall <j...@cdt.org> wrote: > Am I off in thinking that this is a good time to push more web > properties to use forwardly secret SSL key exchange (like Google does > with ECDHE_RSA)? > > best, Joe > > On Fri Jun 21 08:32:46 2013, Eugen Leitl wrote: > > > > > http://www.forbes.com/sites/andygreenberg/2013/06/20/leaked-nsa-doc-says-it-can-collect-and-keep-your-encrypted-data-as-long-as-it-takes-to-crack-it/ > > > > Leaked NSA Doc Says It Can Collect And Keep Your Encrypted Data As Long > As It > > Takes To Crack It > > > > If you use privacy tools, according to the apparent logic of the National > > Security Agency, it doesn’t much matter if you’re a foreigner or an > American: > > Your communications are subject to an extra dose of surveillance. > > > > Since 29-year-old systems administrator Edward Snowden began leaking > secret > > documentation of the NSA’s broad surveillance programs, the agency has > > reassured Americans that it doesn’t indiscriminately collect their data > > without a warrant, and that what it does collect is deleted after five > years. > > But according to a document signed by U.S. Attorney General Eric Holder > and > > published Thursday by the Guardian, it seems the NSA is allowed to make > > ambiguous exceptions for a laundry list of data it gathers from Internet > and > > phone companies. One of those exceptions applies specifically to > encrypted > > information, allowing it to gather the data regardless of its U.S. or > foreign > > origin and to hold it for as long as it takes to crack the data’s privacy > > protections. > > > > The agency can collect and indefinitely keep any information gathered for > > “cryptanalytic, traffic analysis, or signal exploitation purposes,” > according > > to the leaked “minimization procedures” meant to restrict NSA > surveillance of > > Americans. ”Such communications can be retained for a period sufficient > to > > allow thorough exploitation and to permit access to data that are, or are > > reasonably believed likely to become, relevant to a future foreign > > intelligence requirement,” the procedures read. > > > > And one measure of that data’s relevance to foreign intelligence? The > simple > > fact that the data is encrypted and that the NSA wants to crack it may be > > enough to let the agency keep it indefinitely. “In the context of > > cryptanalytic effort, maintenance of technical data bases requires > retention > > of all communications that are enciphered or reasonably believed to > contain > > secret meaning,” the criteria for the exception reads. “Sufficient > duration > > [for retaining the data] may consist of any period of time during which > > encrypted material is subject to, or of use in, cryptanalysis.” > > > > That encryption exception is just one of many outlined in the document, > which > > also allows NSA to give the FBI and other law enforcement any data from > an > > American if it contains “significant foreign intelligence” information or > > information about a crime that has been or is about to be committed. > > Americans’ data can also be held if it’s “involved in the unauthorized > > disclosure of national security information” or necessary to “assess a > > communications security vulnerability.” Other “inadvertently acquired” > data > > on Americans can be retained up to five years before being deleted. > > > > “Basically we’re in a situation where, if the NSA’s filters for > > distinguishing between domestic and foreign information stink, it gives > them > > carte blanche to review those communications for evidence of crimes that > are > > unrelated to espionage and terrorism,” says Kevin Bankston, a director > of the > > Free Expression Project at the Center For Democracy and Technology. “If > they > > don’t know where you are, they assume you’re not a US person. The > default is > > that your communicatons are unprotected.” > > > > All of those exceptions seem to counter recent statements made by NSA > and FBI > > officials who have argued that any collection of Americans’ data they > perform > > is strictly limited by the Foreign Intelligence Surveillance Act (FISA) > > Court, a special judiciary body assigned to oversea the National Security > > Agency. “We get great oversight by all branches of government,” NSA > director > > Alexander said in an on-stage interview at the Aspen Institute last year. > > “You know I must have been bad when I was a kid. We get supervised by the > > Defense Departmnet, the Justice Department the White House, by Congress… > and > > by the [FISA] Court. So all branches of government can see that what > we’re > > doing is correct.” > > > > But the latest leaked document bolsters a claim made by Edward Snowden, > the > > 29-year-old Booz Allen contractor who has leaked a series of top secret > NSA > > documents to the media after taking refuge in Hong Kong. In a live Q&A > with > > the public Monday he argued that NSA analysts often make independent > > decisions about surveillance of Americans not subject to judicial review. > > “The reality is that…Americans’ communications are collected and viewed > on a > > daily basis on the certification of an analyst rather than a warrant,” > > Snowden wrote. “They excuse this as ‘incidental’ collection, but at the > end > > of the day, someone at NSA still has the content of your communications.” > > > > However, the leaked document doesn’t exactly paint Snowden’s picture of a > > random NSA analyst determining who is surveilled. The guidelines do state > > that exceptions have to be “specifically” approved by the “Director (or > > Acting Director) of NSA…in writing.” > > > > Just how much actual surveillance the NSA’s exception for Americans’ > > encrypted data allows also remains unclear. The Center for Democracy and > > Technology’s Kevin Bankston points out that a previously leaked slide > from an > > NSA presentation makes reference to programs called FAIRVIEW and BLARNEY, > > which are described as “collection of communications on fiber cables and > > infrastructure as data flows past.” > > > > If the NSA is in fact tapping the Internet’s network infrastructure, > > Thursday’s leaked guidelines suggest it might be allowed to collect and > > retain all data protected with the common Web encryption Secure Sockets > > Layer, (SSL) used for run-of-the-mill private communications like the Web > > email offered by Google and Microsoft, social networking services like > > Twitter and Facebook, and online banking sites. “If they’re tapping at > the > > [network] switches and they take full allowance of this ability to retain > > data, that could mean they’re storing an enormous amount of SSL traffic, > > including things like Gmail traffic,” Bankston says. > > > > In other words, privacy advocates may be facing a nasty Catch-22: Fail to > > encrypt your communications, and they’re vulnerable to any eavesdropper’s > > surveillance. But encrypt them, and they become legally subject to > > eavesdropping by the most powerful surveillance agency in the world. > > -- > > Too many emails? Unsubscribe, change to digest, or change password by > emailing moderator at compa...@stanford.edu or changing your settings at > https://mailman.stanford.edu/mailman/listinfo/liberationtech > > -- > Joseph Lorenzo Hall > Senior Staff Technologist > Center for Democracy & Technology > 1634 I ST NW STE 1100 > Washington DC 20006-4011 > (p) 202-407-8825 > (f) 202-637-0968 > j...@cdt.org > PGP: https://josephhall.org/gpg-key > fingerprint: BE7E A889 7742 8773 301B 4FA1 C0E2 6D90 F257 77F8 > > > > -- > Too many emails? Unsubscribe, change to digest, or change password by > emailing moderator at compa...@stanford.edu or changing your settings at > https://mailman.stanford.edu/mailman/listinfo/liberationtech >
-- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
