If you’re a crypto-nerd or even have a passing interest, you might enjoy Matthew Green‘s post speculating on how the NSA breaks SSL. We know, courtesy of Edward Snowden’s leaked documents, that they’ve had some sort of success with SSL but we’re not sure exactly what it is or how they’re doing it. It could be anything from stealing/coercing server keys to an actual crypto break.
Green breaks his analysis into two parts:
- Attacks using known techniques
- Tin foil hat speculations
The really interesting parts, of course, are the tin foil hat speculations. These range from breaking RSA keys, breaking RC4, new side-channel attacks, and other even more far out things. Green and others believe that if the NSA has indeed broken a crypto system it is most likely RC4. It’s an aging system with several known weaknesses and is probably ripe for major attacks.
The post doesn’t tell us what the NSA knows or what their capabilities with respect to SSL are, of course, but it’s an informed and interesting read on the security of SSL and how an organization like the NSA might go about trying to defeat it.