Comments on: How could the NSA's snooping be foiled?

Question: How could the NSA's snooping be foiled?

pracowity — Wed, 21 Dec 2005 10:57:47 -0800

Could the US government's efforts to scan the contents of everyone's email be overloaded by everyone routinely using encryption for every message?

Is there some strong encryption software that could be used transparently with Google Mail and other common mail systems to encrypt everything sent and received? Something that could be distributed and installed automatically with, say, Firefox? What percentage of everyday email users would have to use such encryption to make it impossible for the NSA or anyone else to keep up with its scanning? (And, by the way, how about encrypting all Skype phone calls?)

By: phrontist

phrontist — Wed, 21 Dec 2005 11:07:04 -0800

This was the idea behind PGP and most projects undertaken by ypherpunks.

By: phrontist

phrontist — Wed, 21 Dec 2005 11:08:42 -0800

What percentage of everyday email users would have to use such encryption to make it impossible for the NSA or anyone else to keep up with its scanning?

It's highly unlikely the NSA even attempts to crack messages automatically. Far more likely is certain keywords being used to "tag" emails for perusal by human analysts. I remember a few year's back someone came up with a list of words the NSA would likely be watching out for and advocated appending this list to every email and website to "jam" the hypothetical system.

By: kcm

kcm — Wed, 21 Dec 2005 11:11:21 -0800

If the transport of everything was encryption, the gov't would attempt to move their interception point to another part of the chain - your browser, client, or keyboard. Be happy that the extent, currently, allows you to selectively encrypt what should be secret without their interference (as far as we know).

By: vacapinta

vacapinta — Wed, 21 Dec 2005 11:13:12 -0800

There is a Gmail S/MIME Firefox extension.
But if you are interested in ongoing private communication with one person, I'd use a one-time pad, like a large sheaf of random numbers you exchanged at some point.

But as phrontist says, if you just want to avoid a keyword scan anything basic will do - even pig latin.

By: smackfu

smackfu — Wed, 21 Dec 2005 11:13:27 -0800

Previous thread on e-mail encryption.

By: delmoi

delmoi — Wed, 21 Dec 2005 11:22:25 -0800

vacapinta: One time pads are really impractical, because you have to either physicaly deliver the pad to the person, and you have to be certan that they destroy the pad after use.

Really, you can be very certan encrypted email will not be read if you use RSA public key crypto.

By: delmoi

delmoi — Wed, 21 Dec 2005 11:24:26 -0800

But as phrontist says, if you just want to avoid a keyword scan anything basic will do - even pig latin.

Ugh, come on Public key crypto isn't good enough, but pig latin is? What is up with people suggesting non-standard crypto methods? Stop being retarded.

PGP will solve all your problems. This is a known solution, and you should be able to integrate it with almost any mail client.

By: b1tr0t

b1tr0t — Wed, 21 Dec 2005 11:27:51 -0800

The idea that the government reads even a small percentage of internet traffic is completely silly. The best layer 5-7 switches can only manage a few hundred megabits per second of traffic. Email scaning would require even deeper inspection, which would be computationally much more expensive. Further, there would have to be stacks of network inspection devices at internet meeting points across the country (every major city has several). Finally, there would have to be cross-connects back to a massive rack of NSA gear someplace. You couldn't hide it - it would be the only stack of gear connected to EVERYONE else. None of the Tier-1 providers come close to this. They peer with the other Tier-1 providers, and a few of the smaller providers.

So, the cost would be high, and the quantity of equipment required would be enormous, and the whole thing would be impossible to hide.

All encryption will do is draw attention to your data.

By: kcm

kcm — Wed, 21 Dec 2005 11:28:49 -0800

PGP introduces the problem of being extremely difficult to use both conceptually (do you understand the difference between the choices of ciphers?) and operationally. Getting people to use an appropriate method, which MAY be pig latin, is better than not using a heavyweight monster method.

Just skip DES. Always.

By: andrew cooke

andrew cooke — Wed, 21 Dec 2005 11:35:49 -0800

i suspect that the level of encrpyted email is so low that it can be given special treatment. if i were the nsa and i had to manage limited resources, i would probably give extra attention to encrypted email.

so there's a trade-off. if you use encrypted email you're probably flagging yourself for extra treament, which probably means additional traffic analysis (perhaps a deeper ply search for connections with known targets?) and, in very extreme cases, more detailed work (including, presumably, attempts to access your private keys and/or change your software).

of course, if everyone used it, then that argument wouldn't be correct.

but anyway, the answer to the question is smime or pgp, and vacapinta's reply implies that smime can be integrated with gmail.

By: andrew cooke

andrew cooke — Wed, 21 Dec 2005 11:37:45 -0800

The idea that the government reads even a small percentage of internet traffic is completely silly.

oh, i didn't think of that. is it reasonable to assume that all international communication is monitored? (echelon?).

By: kcm

kcm — Wed, 21 Dec 2005 11:37:47 -0800

Then.. if you used overt encryption to divert attention from your actual communication, which may be covertly encrypted (i.e. steganography) or non-encrypted (code words in plain Hotmail messages), you would be a rank yet bright junior agent.

By: delmoi

delmoi — Wed, 21 Dec 2005 11:44:40 -0800

vacapinta, sorry for calling you retarded. :P

By: driveler

driveler — Wed, 21 Dec 2005 11:46:30 -0800

If you do decide on a plan to foil the NSA, you'd better hope they never find this thread. For all we know, they're reading it right now, snickering to themselves.

By: pracowity

pracowity — Wed, 21 Dec 2005 12:03:24 -0800

is it reasonable to assume that all international communication is monitored?

Looking at the news, it is reasonable to assume that the current US administration would like to monitor all international communication. If they can't quite do it yet, I'm sure it isn't for lack of trying or lack of secret billions in funding.

I would love it if something as silly as a piglatinizer/depiglatinizer plug-in for Firefox and used by millions would mess with the snoopers at the NSA and prepare users for adopting real encryption when needed.

By: kcm

kcm — Wed, 21 Dec 2005 12:13:01 -0800

you people realize that anything with a finite, definable input-output mapping (domain/image if you will) is not going to "mess with the NSA".. right?

By: Arthur Dent

Arthur Dent — Wed, 21 Dec 2005 13:18:22 -0800

Just pointing this out without any comment....

By: b1tr0t

b1tr0t — Wed, 21 Dec 2005 13:31:41 -0800

If you do decide on a plan to foil the NSA, you'd better hope they never find this thread. For all we know, they're reading it right now, snickering to themselves.

Judging by our brilliant inteligence prior to 9/11, I would not be surprised to discover that is exactly what they are doing.

oh, i didn't think of that. is it reasonable to assume that all international communication is monitored? (echelon?).

If you were doing illegal, or against the USA's national interests, that would be a reasonable assumption. For the average citizen, I think the amount of bandwidth alone on any one of the international cables is enough to make the task laughable.

A single high quality multimode fiber pair can carry a 40 gb/sec OC-768 signal. If you use the best DWDM gear available, you can cram 64 such signals onto a single fiber pair, yielding 2.56 terabits per second of data. No one really does this because four 10 gb/sec OC-192 channels are much cheaper than a single OC-768, and the OC-192s work just fine with the DWDM gear.

So if you (or the NSA) wanted to monitor a international fiber link, you would need something that could process at least 10 gb/sec of data in real time. If you tried to do it offline, you would need more than a 500mb/sec hard drive per minute to store the data, and those drives would need to be able to receive data at 10 gb/sec.

By: b1tr0t

b1tr0t — Wed, 21 Dec 2005 13:37:20 -0800

"500mb/sec hard drive" should read "500gb hard drive"

By: em

em — Wed, 21 Dec 2005 14:41:31 -0800

Processing 10 gigabits per second is not totally outlandish -- the Large Hadron Collider, coming online in a couple of years, is going to produce about that much.

To be sure, dealing with that much output is a hard problem -- I believe data is being farmed out to computing centers all over the world. Still, the total budget for the LHC is "only" about $6 billion, so the amount of resources required doesn't seem to be prohibitive if one is really motivated.

By: breath

breath — Wed, 21 Dec 2005 14:45:06 -0800

I think the more realistic scenario is that the government will request records from your ISP. It's much easier for the ISP to keep records/copies of your email, and there may be laws in place requiring them to do so for a certain period of time. If your name gets on one of those secret lists, then the gag orders and records requests start flowing, and they read your email retroactively.

I think email encryption would only cause them problems if many people that they choose to target in this manner have encrypted email. For every such person they'd have to crack the encryption, which will cost them a lot in CPU time.

By: kcm

kcm — Wed, 21 Dec 2005 14:48:27 -0800

One might think that applying COTS stock hardware to a large, secret, well-funded gov't project plan could be the wrong approach.

By: bshort

bshort — Wed, 21 Dec 2005 15:46:00 -0800

Who has some of the most extensive computing power in the world?

That's right, the NSA.

If they're reading everyone's internet traffic, all the time, you can be sure it's not being done by just one computer somewhere. There's bound to be subsidiary nodes scattered around that do an initial pass on the traffic to look for interesting data. Then, the mounds of interesting data get sent higher up the food chain, where it gets filtered again.

Rinse, repeat.

By: Caviar

Caviar — Wed, 21 Dec 2005 16:11:14 -0800

I linked earlier to the Libertarian Party as an answer to this, and my comment was deleted as being too abstract, so I'll elaborate.

If you're concerned about the NSA reading your email, no technological solution will help you, and you need to strongly participate in creating a government that simply won't spy on its citizens, and doesn't have the legal power (secret or not) to do so.

By: pompomtom

pompomtom — Wed, 21 Dec 2005 17:07:44 -0800

So if you (or the NSA) wanted to monitor a international fiber link, you would need something that could process at least 10 gb/sec of data in real time

Something like this?

(asking, not telling)

By: odinsdream

odinsdream — Wed, 21 Dec 2005 18:12:58 -0800

For serious, unbreakable cryptography, your only option is the One-Time Pad.

By: Caviar

Caviar — Wed, 21 Dec 2005 19:25:36 -0800

OTP encryption is not practical for most purposes. You need an actual random source to generate the pad (pseudorandom number generators won't cut it) There isn't a good way to revoke the key if it's compromised, historical communications are exposed if the key is exposed, and it can't be used with multiple parties.

Also, you need a secure channel to transmit a pad of equal size to your plaintext. If you have that on a regular basis, you might as well just use it to transmit the plaintext in the first place.

By: b1tr0t

b1tr0t — Wed, 21 Dec 2005 19:58:56 -0800

pompomtom: Here is some more information on the SAM650.

It looks like that "DSP Supercomputer" connects to the host computer via a PCI bus, at 600 megabits per second. The spec sheet lists 600 MB (mega-bytes), but the actual bandwidth is closer to 600 Mb, not 600 MB. Unfortunately, it will have to share bandwidth with an ethernet adapter. If a Gigabit ethernet adapter is used, and everything runs from memory (no hard drive), the GigE adapter will get a maximum of 300 mb/sec of bandiwdth, and the SAM-650 will get the same. That meanst that a single SAM-650 and corresponding host PC will be useless for studying even a single 1 gigabit link, much less a 10-gigabit link. It might be useful for cracking the encryption on a few 100mb links at a time, but not much else.

By: odinsdream

odinsdream — Wed, 21 Dec 2005 21:27:28 -0800

Here's a source of true random numbers: HotBits

(currently not responding, but check back later - they generate the bits by monitoring radioactive decay of some, well, radioactive stuff, pretty neat)

By: pracowity

pracowity — Thu, 22 Dec 2005 02:08:11 -0800

All encryption will do is draw attention to your data.

Obviously, but my intention was to have so many people encrypting everything they send to everyone else that the government couldn't keep up with it and wouldn't know where to start.

By: b1tr0t

b1tr0t — Thu, 22 Dec 2005 02:21:07 -0800

Obviously, but my intention was to have so many people encrypting everything they send to everyone else that the government couldn't keep up with it and wouldn't know where to start.

That wouldn't help, it MUCH easier to select data based on the data's format (plantext vs. encrypted, ftp vs http, etc.) than to just decode everything.

What really makes monitoring the internet a dumb idea is the quantity of noise out there. In 1994, you had to have a fairly good reason to have a website. Now half of the teenagers have a blog, and they aren't all hosted at livejournal.com. I would guess that there are more kids discussing the latest FPS video game than terrorists planning to invade lower manhattan.

Rather than convince everyoen to encrypt their email, you should convince everyone to call their representatives and senators and demand that the government return to getting search warrants before they start sneaking around in US citizens' data streams. There is no practical danger of the government reading your email today, but there may be a danger in the future, particularly if the government continues to ignore the bill of rights.

By: phrontist

phrontist — Thu, 22 Dec 2005 05:36:02 -0800

no technological solution will help you

If there isn't a technical solution, there isn't a solution at all.

All encryption will do is draw attention to your data.

Hence the entire bloody field of steganography, which is often just as important as the actual encryption.

There is really only one reasonable theory as to how the big bad three letter agency at Fort Meade works. They perform a "digital wiretap" (terribly, terribly, stupid term) when you've done something to arouse their suspicion. It could be an inter-library loan request for the little red book, a few too many parking tickets near government buildings, visiting a compromised "terrorist" coordination website, or having a name with too many consonants in a row. The NSA can read anything, but not everything.

The easiest way to avoid all of this is to never call attention to yourself.

So, in conclusion, the basic premise of your question is flawed. It is highly, highly, unlikely the NSA tries to filter even a tiny portion of net traffic, as the signal to noise ratio would not work out in their favor.

By: andrew cooke

andrew cooke — Fri, 23 Dec 2005 06:41:22 -0800

the whole point of filtering is to deal with signal to noise. i don't see the argument there at all (but i do see the problems with both volume and access).