Content deleted Content added
Mor.nitesh (talk | contribs) mNo edit summary |
Mor.nitesh (talk | contribs) m →Methods |
||
Line 16:
Through the NSA-designed [[Clipper chip]] which used [[Skipjack (cipher)|Skipjack]] cipher with an intentional backdoor, and using various specifically designed laws such as [[Communications_Assistance_for_Law_Enforcement_Act|CALEA]], [[Cyberspace Electronic Security Act|CESA]] and restrictions on export of encryption software as evidenced by [[Bernstein v. United States]], the U.S. government had publicly attempted in the 1990s to ensure its access to communications and ability to decrypt.<ref name="reason-cesa">{{cite web | url=http://reason.com/archives/2000/05/01/rendering-unto-cesa | title=Rendering Unto CESA: Clinton's contradictory encryption policy. | publisher=Reason | date=May 2000 | accessdate=2013-09-09 | author=Mike Godwin|quote=[...] there was an effort to regulate the use and sale of encryption tools, domestically and abroad. [...] By 1996, the administration had abandoned the Clipper Chip as such, but it continued to lobby both at home and abroad for software-based "key escrow" encryption standards.}}</ref><ref name="epic-keyescrow">{{cite web | url=http://epic.org/crypto/key_escrow/wh_cke_796.html | quote=Although we do not control the use of encryption within the US, we do, with some exceptions, limit the export of non-escrowed mass market encryption to products using a key length of 40 bits.|title=Administration Statement on Commercial Encryption Policy | date=July 12, 1996 | accessdate=2013-09-09}}</ref> In particular, technical measures such as [[key escrow]], a euphemism for a [[backdoor (computing)|backdoor]], have met with criticism and little success.
The NSA encourages the manufacturers of security technology to disclose backdoors to their products or encryption keys so that they may access the encrypted data.<ref> ("NSA is Changing User's Internet Experience.") Info Security Institute </ref> However, fearing widespread adoption of encryption, the NSA set out to stealthily influence and weaken encryption standards and obtain master keys—either by agreement, by force of law, or by computer network exploitation ([[hacker (computer security)|hacking]]).<ref name="
According to a Bullrun briefing document, the agency had successfully infiltrated both the [[Secure Sockets Layer]] as well as [[virtual private network]] (VPN).<ref name=guardian20130905/><ref name=pp20130905 /> The ''New York Times'' reported that: "But by 2006, an N.S.A. document notes, the agency had broken into communications for three foreign airlines, one travel reservation system, one foreign government’s nuclear department and another’s Internet service by cracking the virtual private networks that protected them. By 2010, the Edgehill program, the British counterencryption effort, was unscrambling VPN traffic for 30 targets and had set a goal of an additional 300."<ref name="nytimes3">http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?pagewanted=4&_r=0</ref>
| |||