NSA Could Put Undetectable “Trapdoors” in Your Crypto Keys
Researchers at the University of Pennsylvania and the University of Lorraine in France published a paper that reported on a method of decrypting encrypted communication by embedding a “trapdoor“.
This technology is noticeable in that they are implanting the trapdoor into the 1024-bit key used by the Diffie-Hellman key exchange protocol. The trapdoor is the backdoor in cryptography, and building a trapdoor makes factorization easier.
If the NSA or another adversary succeeded in getting one or more trapdoored primes adopted as a mainstream specification, the agency would have a way to eavesdrop on the encrypted communications of millions, possibly hundreds of millions or billions, of end users over the life of the primes. So far, the researchers have found no evidence of trapdoored primes in widely used applications. But that doesn’t mean such primes haven’t managed to slip by unnoticed.
The document disclosed by Edward Snowden has revealed that NSA is capable of listening to encrypted communications on a large scale. NIST recommends increasing the key length from 1024 bits to 2048 bits in 2010, but 1024 bits are still widely used. The survey found that 22% of Top 200,000 HTTPS sites use 1024-bit keys to perform key exchange . Java 8 does not support keys longer than 1024 bits.