The Crypto Wars

The Ongoing Crypto Wars




Ongoing War Image of Edward Snowden In 2006 it came to light that the NSA was promoting technologies that they already had a vulnerability for. Utilising this backdoor, they were able to get into any system that relied on this technology. This was revealed by Edward Snowden, who is seen as a saint by most of the security community, while his methods may be debated. It’s a strange topic, as this vulnerability was announced yet RSA Security, who attempted to show the government the right way, was still using this technology in some of their devices for more than 7 years! It is said that they accepted a $10 million award from the NSA to use the default values for generating the keys for these devices. In 2010 the NSA had developed state of the art capabilities against web traffic which GCHQ announced that it was affecting the signals intelligence’s most vulnerable, and spreading these vulnerabilities could lead to devastation. The project was named Bullrun and affected both citizens and targets of the U.S. as they intentionally affected many types of technology with backdoors. Crypto wars II is a reference to another much smaller Snowden revelation which caused industry-wide change, completely undermining the U.S. Government and made them furious. Edward Snowden revealed that by using warrants, absolutely all smartphones were by-passable as Apple or Google had to provide a way into the phone. This plain horrified everyone, as the strong encryption levels were nothing against a piece of paper that could be issued freely. In the eyes of the American citizens, this is how they saw the whole situation. Apple and Google jumped on this situation pretty much instantly and made it so that only the user’s password would be able to decipher a phone. There was no such data held by the companies in regard to these device passwords. This move causes utter outrage within the government, with Obama’s Attorney General Eric Holder speaking out as if this was an unacceptable act by these technology giants. A Chicago police chief, John J. Escalante, even turned to derogatory terms while being interviewed, “Apple will become the phone of choice for the paedophile”. The U.S.’s Federal Bureau of Investigations or FBI even cheekily got a court order to force Apple into unlocking an iPhone. Apple said ‘jog on’ to the FBI throughout hundreds of engagements. In 2016 this became a well-documented story in the news. The FBI had to hire a third-party company to crack the iPhone 5c in question finally. A Digital Key The hilarious story of front-doors is a comical idea proposed by the current Head of the NSA in 2015, which was unfortunately serious. Key escrow was recommended, with half of the key being held by the government, and half held by an organisation. This meant that neither could access a user’s data without a warrant in place. It just seems to be a common theme where the public tends not to trust their government, even if the government is seen as doing a better job than other countries. The people don’t believe that they should always give up more and more power to those who already hold the country's cards in their hands. This went down terribly, and not a single person was impressed. Shortly after the 2015 Charlie Hebdo shooting in France, the current Prime Minister of U.K. David Cameron called for the outlaw of non-backdoored cryptography. David Cameron even had Barack Obama who agreed with his statements of only allowing encryption which government agencies could read. This gladly dissolved as merely a fragment of our memories, with no legislation or acts made from these messages. A padlock that requires two keys, showing off PGP in this scenario So, here’s the end of our top-down crypto wars analysis, this section has covered not everything, but all the main points have been. WARNING: 3DES is considered no longer secure due to collision attacks; we at deCrypt Me recommend you use AES or RSA which are much less susceptible to attacks as of August 2020. ECC is also strong; however, as it is newer, some people are hesitant to adopt it. Protect yourself! PGP is a brilliant solution to sending and receiving encrypted data which may play an essential role in your life. A big shout out to Jack Ryhsider from Darknet Diaries who inspired this section. Written by HarryIsSecured