Feeds

EU denies rumours NSA has broken its encryption system

The spy who didn't give up the codes

  • alert
  • submit to reddit

Providing a secure and efficient Helpdesk

Paranoia is alive and well at the European Union (EU) Commission, which has been forced to officially deny its encryption system has been compromised by the NSA (National Security Agency).

Fears of eavesdropping by the ultra-secretive US spy agency grew out of comments by a Commission employee, Briton Desmond Perkins, who told a EU Parliamentary committee of regular but unsuccessful attempts by the NSA to crack the Commission's encryption system.

As reported on the UK Crypto mailing list, Perkins told the EU Parliament Echelon Committee last month that he knew of the NSA's activities because he had a relative (now retired) who worked at the agency. However these comments resulted in speculation that Perkins was an NSA mole.

Lodewijk Briet, a senior Commission official, has stepped in to quash the speculation and tell the Echelon committee "the suggestion that US agencies control or have access to EU codes is complete rubbish, and simply not true". Furthermore, Perkins was an honest man and certainly not a spy, Briet added.

It's well known that the NSA attempts to intercept and decode the communications of government agencies including those between the Commission's missions. This might even be successful but the point here is that there's no evidence from what Perkins said to prove this one way or another.

Certainly official denial shouldn't be taken at face value but isn't it just as credulous to believe everything is compromised?

We're inclined to believe Brian Gladman, former technical director at Nato, and noted encryption expert, who told us that "the concern that there was someone in the Commission working to undermine its encryption system is a bit of a storm in a teacup." ®

External links

Tales of spies, bugs and back doors from the ukcrypto mailing list
European Parliament Echelon committee (not up to date)

Related stories

NSA and FBI big winners at Big Brother awards
CIA patching ECHELON shortcomings
French Echelon report says Europe should lock out US snoops
Echelon spy system wildly exaggerated - official
What the hell is - the Echelon scandal?
US National Security Agency (NSA) badly crippled

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Hackers thrash Bash Shellshock bug: World races to cover hole
Update your gear now to avoid early attacks hitting the web
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.