We are going to replace our use of P–384 with that new curve, or perhaps two curves. We are going to replace our use of the AES cipher with the Twofishcipher, as it is a drop-in replacement. We are going to replace our use of the SHA–2 hash functions with the Skein hash function. We are also examining using the Threefish cipher where that makes sense. (Full disclosure: I’m a co-author of Skein and Threefish.) Threefish is the heart of Skein, and is a tweakable, wide-block cipher.
Note, they don’t say that these algorithms are broken, just that they are uncertain that they not “not broken.” Considering Schneier is involved with these folks and has seen the documents, this immediately give me pause with using any cryptographic standard that NIST has outlined.
Which is utterly frustrating considering the fact that we could be entirely wrong and the standards are valid.
Now, another big reveal, this time from Lavabit’s legal proceedings:
The U.S. government in July obtained a search warrant demanding that Edward Snowden’s e-mail provider, Lavabit, turn over the private SSL keys that protected all web traffic to the site, according to to newly unsealed documents.
Now, if you don’t know cryptography, I cannot quite express how utterly frightening this is. This means that they demanded that Lavabit hand over its root certificates. Thus, no matter what anyone did, the traffic would be easily decrypted by the US government. The NSA could have easily requested this from Google, Yahoo, etc. Thus making SSL totally pointless with those entities.
In fact, it makes doing any confidential work lying on American “cloud” hardware totally open. As in, those pictures you have on your Dropbox are likely not secure; or those confidential emails you have on your Amazon cloud server are not confidential at all; or even worse, any private details you have actually encrypted and put onto a private server in the US is likely not secure at all.
In other worse, all American businesses are suspect. Not because they are untrustworthy, but because they have no choice.
In fact, let’s go one step further. What if the NSA asked for the root certificates for a major CA? If they did, would that CA give it to them? Considering that Yahoo’s CEO has openly stated they are afraid of defying the NSA in case they will be thrown in prison:
“We can’t talk about it because it is classified,” she continued. “Releasing classified information is treason, and you are incarcerated. In terms of protecting our users, it makes more sense to work within the system.”
So, it wouldn’t be outside of belief that the NSA has gotten the private key for a major certificate authority.
If so, then SSL is broken. They can Man in the Middle any SSL communication and decrypt it trivially. So you can’t use SSL anymore and expect secrecy.
Now, what about all of those other standards outside of SSL?
Since NIST is the primary force behind AES, SHA and the other standards we are all reliant on, we cannot believe they are secure anymore. The whole system is brought down, and now needs to be rebuilt using algorithms that are free of the taint of the actions of the NSA for the past decade.
So it’s starting to look like it’s time to leave the US cloud behind until they can sort out their privacy issues.
I note though, this may be extreme, there are some solutions which can allow for servers to be used in the US where even if root certificates are requested, the data stored will remain secure. In fact, Panda Rose is working on one right now. However, if you have secure data, be it private corporate data, or private personal data, you better not put it into the hands of an American business and consider it to be secure.
This,sadly, also includes data your are concerned about corporate espionage around as the leaks have shown that the NSA has been openly involved in economic and corporate espionage as well.