Original URL: http://www.theregister.co.uk/2013/09/06/how_uk_spooks_revealed_they_did_not_fear_ssl_encryption/

Now we know why UK spooks simply shrugged at SSL encryption

HTTPS thwarting spies, web filters? They already had ways of breaking the code

By Kelly Fiveash

Posted in Government, 6th September 2013 14:05 GMT

Analysis In July 2012, Britain's top spook Charles Farr made a rare public appearance: sat across a table from MPs in Parliament, he was quizzed by backbenchers scrutinising Home Secretary Theresa May's widely criticised plan to snoop on Brits' internet connections.

At the time, the government was trying to get politicos to agree that there was a solid case for massively increasing the surveillance of our online activities by granting the police and intelligence agencies in Blighty greater spying powers.

It was the latest Home Office push to hand more control to the likes of the UK's eavesdropping nerve-centre - the Government Communications Headquarters (GCHQ). And readers of these pages will be only too familiar with the regular attempts by successive administrations over more than a decade to write legislation that allows British spies to have deep access to our online communications, much like they already do with our telephone system.

All the while, technology companies have insisted that systems that protect sensitive information - such as credit card details and passwords - while in transit over the net are largely secure. Websites, VPN gear and similar online services that ordinary punters use to buy goods, send emails and share pictures rely on the TLS/SSL encryption protocol to keep data beyond the reach of eavesdroppers.

In the last two years, some of the biggest internet players including Google, Yahoo!, Microsoft and Facebook have all enabled SSL, switching their web communications to HTTPS.

The tech titans hoped the move would reassure their users that their in-transit data is safe. Now we've learnt that America's NSA has poured hundreds of millions of dollars into mathematically cracking, or otherwise ruthlessly undermining, the protocol family and related crypto technologies.

If the agency can't use maths to decrypt data, it can turn to backdoors in equipment and flaws in algorithms it helped plant, or ask the root certificate authorities for their secret keys, in order to snaffle the information.

Quite recently, Wikipedia founder Jimmy Wales - who has increased his lobbying against various aspects of UK government policy in the past year - reasserted that his online encyclopaedia will encrypt its connections in the wake of revelations from one-time NSA sysadmin Edward Snowden, who blew the whistle on spooks' activities on both sides of the Atlantic.

Jimbo said in August that Wikipedia would start using HTTPS by default on its site once it overcomes some problems with how its "current architecture" fails to handle the secure protocol.

Logged in users should now be redirected to HTTPS. But there is no timescale set for when the website will be encrypted for all its visitors. Jimbo insisted at the time that it was "highly unlikely" that US spooks could decrypt HTTPS.

But last night the New York Times and allied publications reported that Brit spooks and their American counterparts at the National Security Agency had in fact been doing what was expected of them: breaking encryption.

And included on that list was the trusted SSL protocol - which is used throughout the world to "secure" websites where personal data is carried across the net.

But should we really be that surprised that the NSA claims it can bypass that security? The clues were arguably there to show that such everyday access was already largely in play.

Hidden in plain sight

One need only sift through the evidence from the joint select committee hearings in 2012 that looked painstakingly over May's now shelved Communications Data bill, dubbed colloquially as the Snoopers' Charter, to recognise the level of complacency on display around matters such as SSL.

Just as Facebook and chums were switching to HTTPS by default, Britain's security services were showing little signs of discomfort with the move.

Politically, at least, it was an opportunity for May to argue the case for beefing up spooks' communications access powers. But Farr and other top-ranking Home Office officials did not complain about how their online surveillance work might be deeply disrupted by sites shifting to SSL. The g-men shrugged off Brits encrypting their network traffic, a move that should have have hampered or halted the analysis of said communications.

Here's one such exchange from 10 July 2012 [PDF] between Tory MP Stephen Mosley and Director of Communications Capability Directorate Richard Alcock:

Stephen Mosley: When it comes to cryptic communication, for instance, SSL or something, the encrypted communications data might be in the content of that communication. How is that classified?

Richard Alcock: Through the Bill, we will only be able to store communications data. The means by which we access communications data, our preferred route, will be working in partnership with the communications service providers, who will hold unencrypted data on their own services, i.e. the services that they are providing for their customers. We will be working with them to retain, in some cases, some aspects of communications data and, in that case, it is very easy to separate content from CD [communications data]. Though I must stress, through the Bill it is illegal for us to collect content. We will only be able to retrieve and store communications data. We will not be applying any systems that cannot reliably extract CD from content through whatever data streams. So, in essence, by working with communications service providers, we can ensure a very reliable means by which we can ensure that we only collect communications data and store that appropriately.

Tellingly, Farr then added this response to whether internet security protocols such as SSL was actually "an issue at all." He told the MPs:

We have already, of course, relations with many, but by no means all, overseas providers, including those who are household names and are the big suppliers into this country. We have that relationship, for all sorts of reasons, under existing legislation. Those relationships are co-operative and collaborative and, as some of those providers have made clear, they provide data, to the extent that they can — I would emphasise that — in accordance with existing legislation.

It is our hope and expectation that that collaborative relationship would continue and it would be part of the purpose of this legislation to facilitate that wherever we can. You are right, however, that the obligations do apply to overseas providers and in the event, which I regard as unlikely, that co-operation was not possible, an enforcement route would be open to Ministers, if they chose to exercise it, through civil action. This would apply as much to overseas providers as to domestic providers. I emphasise that is not the purpose of this legislation. The purpose is to facilitate a collaborative, co-operative relationship, building on the relationships that we have already.

Indeed, one of the key points raised in the latest revelations from the NYT and others is that spooks, without naming names, were "collaborating with technology companies in the United States and abroad to build entry points into their products".

As our American cousins might put it: you do the math.

BT refuses to attack its security guru for working with Snowden

Bruce Schneier, who is one of the world's most respected security experts, has been working directly with journalists on the latest revelations from Snowden. As part of that collaboration, the Guardian published an essay by Schneier in which he called for people who helped the NSA build backdoors into internet technologies to come forward and blow the whistle.

Meanwhile, the crypto boffin said on his blog: "Basically, the NSA is able to decrypt most of the internet. They're doing it primarily by cheating, not by mathematics."

One of Schneier's day jobs is a critical one for telecoms in the UK: he is BT's security futurologist.

The Register asked BT if Schneier's direct involvement with Snowden in any way compromised the one-time national telco's position. BT told us: "These are Bruce’s personal views." ®