NSA Forces Replacement of RSA Encryption (SSL is next)

We’ve known about this sort of thing for several years, ever since some former govt contractors told us “if the encryption is widely used and public, it’s broken”.  We’ve planned for this replacement since starting our project.  Edward Snowden confirmed much of this, but one of the more shocking allegations he released had to do with a systematic program to weaken encryption that was reported by the Guardian:

 The NSA spends $250m a year on a program which, among other goals, works with technology companies to “covertly influence” their product designs.

And this little tidbit:

To think that something as important as RSA, the leading public/private key software could be compromised for only $10 million shows how low the price is to get to these folks.  Just think about the researchers at a university and how little it would cost to buy a grant and influence them, too.  This now makes all “open source” encryption suspect — how can you trust all the various people making contributions to code, that they didn’t get a taste of NSA money?  Of course, there are still some very good and honest people working in cryptography, but all it takes is one bad one to ruin everyone else’s work.

Once the weakener is installed and these things become established standards, they get into everything.  The biggest security risk is now that other governments, the Russians, Chinese, French, etc., know about these backdoors, they have also been exploiting them.  This ability to break encryption is filtering down to the criminal gangs who broke into Target and stole millions of credit and debit cards, along with PIN numbers (that are stored encrypted).  Some banks have put limits on cash withdrawals, most likely because they believe the encryption that stores the PIN numbers has been broken.  With any technology, it’s only a matter of time before criminal elements get ahold of it and master it.

We initially used the public domain RSA to create your public key as a way to get started, but we also understood, it had two major problems.  First, it was broken.  The NSA and CIA stopped complaining about 2048 bits RSA encryption that was used by various companies in the mid-1990′s.  Even if you double the bits for that encryption, it’s not going to hold up, given the side attacks made possible by weakeners placed in the code as we discussed above.  The second problem is one of speed.  RSA is very slow to generate a key and to do it effectively for consumers who are short of time or using lower powered mobile devices, we had to generate keys in batches on our servers and deliver the private keys to our users.  That’s far from ideal and we found a way to improve that and completely replace the RSA code.

We selected another technology known as NTRU, which is a public/private key system based on an entirely different technology, and it’s been used commercially for a number of years, mainly by banks.  Because it’s still under patent protection, most of the open source community avoided it so they wouldn’t have to pay any license fees.  Most of the quantum resistant codes are still covered by patents, and we have a license and pay royalties.  NTRU is believed to be resistant to quantum computing attacks.  Quantum computers are the next generation computer that can be used for code cracking — it’s literally 10 billion times faster than current computers.  That means if you have a code that will take 30 years to crack on a regular computer, it could be broken in seconds or just a few minutes with a quantum computer.  That renders all but a few encryption methods obsolete if you’ve got a quantum computer at your disposal.  We know that Google and NASA together recently bought a D-Wave quantum computer,  and if that kind of gear is publicly available to companies like Google, you know that the top spies have even better stuff at their disposal created by their best scientists, crashed UFO’s or whatnot (just joking).

We don’t believe NTRU has been broken, so we took their publicly available code and modified it.  First, we removed the SHA-1, which is only 160 bits strong and replaced it with stronger code.  We also added our own xAES at 4096 bits, which significantly increased the number of dimensions in the computation.  All of this is now done on YOUR computer, you are generating the key.  Many of our competitors still keep the key, or send it over SSL to your computer, which makes it vulnerable to interception.  If someone else gets your private key, you might as well not bother with encryption at all — that’s how important this is.  As soon as next month, our premium users will also be able to store the key themselves, too, using very strong encryption on your local computer.  That’s the only way to guarantee your security.

Once we complete that, the only weak area from an encryption point of view is the SSL encryption used to establish the “padlock” connection between your computer and the server.  We’ll be adding another NTRU layer to that before we leave “beta” and will then have what we believe will be the most solid “end to end” encryption available to the public.

What’s the problem with SSL?  We were told by a former ISP from a communist country in Asia that their government had been provided with a toolkit from the US government to break the SSL encryption being used to secure web visits and communications.  Even earlier, I had been told in 1997 that the NSA had broken then current 128 bits SSL in real time.  You can imagine what the capabilities for breaking into SSL are today, from state actors and organized and technical criminal gangs.  This is why you can only rely on encryption that’s obscure, strong, and mature and it’s always going to be a cat and mouse game with the people who want to break into your messages.