NSA Targeting AES-256

"Targeting AES-256

You may be wondering why our Intelligence Community is targeting the Advanced Encryption Standard (AES) algorithm with a classified supercomputer. The AES algorithm is used globally to protect electronic data. It is estimated that it would take longer than the age of the universe to break the code using current technology. That’s why in 2004, the NSA launched a plan to build a classified supercomputer designed specifically for cryptanalysis targeting this algorithm.

By 2018, they hope to use this machine to make a stunning breakthrough that will enable them to break down the complex coding behind AES-256 encryption key within an actionable time period. To do so, they are building an exaflop machine (1 quintillion instructions per second). In order for this goal to be successful, our Utah Data Center was built with future expansion in mind. Its ultimate capacity will definitely be ‘alottabytes’!

All incoming encrypted data is stored at the Utah Data Center for safekeeping until such time as our code-breaking machine can crack through it. This massive repository has been designed with cutting-edge technology and security measures in place. It makes sure only authorized personnel have access to any confidential information held within its walls."

I read that massive facility is something like 20-storeys deep in the ground. I’ve been wondering what exactly it is for. Clearly they are gathering a GREAT deal of data there!

Lol, this is written like a middle school book report (with a 1000-word minimum length requirement)! It has been cribbed from this web article, which is a self-admitted “parody of nsa.gov”. We can tell that it’s a parody by the name of the (fake) government entity (“Domestic Surveillance Directorate”), and such over-the-top comments such as “…encrypted (and thereby suspicious) data…”.

More seriously, even an exaflop machine is not sufficient for brute-forcing a 256-bit AES encryption key. Even if the equivalent of only a single floating-point operation (FLOP) was needed to test one AES key (in reality, cryptographic calculations typically require hundreds of FLOPs each), at 10¹⁸ guesses per second, on average, 10⁵¹ years would be required to crack a 256-bit AES encryption key.

Even if they are brute-forcing an MD5-hashed password at 10¹⁸ H/s, it would take a year to crack a single 13-character password.

A more serious (and informative) analysis is available in a 2012 Wired article. It is a lengthy article, but the most relevant part is the excerpt I have quoted below. The bottom line is: NSA is engaged in “harvest now, decrypt later” surveillance of encrypted data; they are not anywhere near the ability to break AES-256, but was (in 2012) “on the verge” of being able to break a more vulnerable encryption algorithm (RSA?).

At the DOE’s unclassified center at Oak Ridge, work progressed at a furious pace, although it was a one-way street when it came to cooperation with the closemouthed people in Building 5300. Nevertheless, the unclassified team had its Cray XT4 supercomputer upgraded to a warehouse-sized XT5. Named Jaguar for its speed, it clocked in at 1.75 petaflops, officially becoming the world’s fastest computer in 2009.

Meanwhile, over in Building 5300, the NSA succeeded in building an even faster supercomputer. “They made a big breakthrough,” says another former senior intelligence official, who helped oversee the program. The NSA’s machine was likely similar to the unclassified Jaguar, but it was much faster out of the gate, modified specifically for cryptanalysis and targeted against one or more specific algorithms, like the AES. In other words, they were moving from the research and development phase to actually attacking extremely difficult encryption systems. The code-breaking effort was up and running.

The breakthrough was enormous, says the former official, and soon afterward the agency pulled the shade down tight on the project, even within the intelligence community and Congress. “Only the chairman and vice chairman and the two staff directors of each intelligence committee were told about it,” he says. The reason? “They were thinking that this computing breakthrough was going to give them the ability to crack current public encryption.”

In addition to giving the NSA access to a tremendous amount of Americans’ personal data, such an advance would also open a window on a trove of foreign secrets. While today most sensitive communications use the strongest encryption, much of the older data stored by the NSA, including a great deal of what will be transferred to Bluffdale once the center is complete, is encrypted with more vulnerable ciphers. “Remember,” says the former intelligence official, “a lot of foreign government stuff we’ve never been able to break is 128 or less. Break all that and you’ll find out a lot more of what you didn’t know—stuff we’ve already stored—so there’s an enormous amount of information still in there.”

The NSA believes it’s on the verge of breaking a key encryption algorithm—opening up hoards of data.

That, he notes, is where the value of Bluffdale, and its mountains of long-stored data, will come in. What can’t be broken today may be broken tomorrow. “Then you can see what they were saying in the past,” he says. “By extrapolating the way they did business, it gives us an indication of how they may do things now.” The danger, the former official says, is that it’s not only foreign government information that is locked in weaker algorithms, it’s also a great deal of personal domestic communications, such as Americans’ email intercepted by the NSA in the past decade.

But first the supercomputer must break the encryption, and to do that, speed is everything. The faster the computer, the faster it can break codes. The Data Encryption Standard, the 56-bit predecessor to the AES, debuted in 1976 and lasted about 25 years. The AES made its first appearance in 2001 and is expected to remain strong and durable for at least a decade. But if the NSA has secretly built a computer that is considerably faster than machines in the unclassified arena, then the agency has a chance of breaking the AES in a much shorter time. And with Bluffdale in operation, the NSA will have the luxury of storing an ever-expanding archive of intercepts until that breakthrough comes along.

I wonder why they need/want a facility so massive. Clearly an incomprehensible magnitude of data is being captured and stored there.

It’s in the Wired article that I linked. They are wholesale capturing voice and digital communication data and digital transactions from wide swaths of the world population (including domestic surveillance). From the article:

…given the massive new storage facility in Utah, Binney [a former senior NSA official, who left after the Stellar Wind program was implemented] suspects that [the NSA] now simply collects everything. “The whole idea was, how do you manage 20 terabytes of intercept a minute?” he says. “The way we proposed was to distinguish between things you want and things you don’t want.” Instead, he adds, “they’re storing everything they gather.” And the agency is gathering as much as it can.

Binney goes on to estimate that in the period 2001–2012, the NSA amassed around 20 trillion such recordings of voice or digital communications.

Fair to say all phone calls are recorded and stored. If you want more privacy, have to use encrypted communications.

Haha, and make sure to not use one of those FBI encrypted phones.