Why the NSA is breaking our encryption -- and why we should care | Matthew Green | TEDxMidAtlantic

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

so i'm here to tell you a story about the national security agency but before i do that i want to tell you a little bit about what i do so i'm a professor of computer science up at johns hopkins but the area that i particularly specialize in is cryptography now how many of you know what cryptography is yeah like a few hands i found that if you go to a cocktail party and you really want to like shut down all conversation tell people you study cryptography because nobody knows what it is i've had people actually say you study maps you make maps i don't make maps that's cartography so uh let me explain a little bit about what cryptography or cryptology is so cryptography is uh in the greek it literally means hidden writing it's the science and the art of making secret codes now most of you probably don't think that secret codes have a lot of relevance to your life you think that maybe the only place you're going to encounter a secret code is in something like this you've probably seen this this is the cryptoquip it's uh in the comic section of most newspapers and this is actually a very good code it's an example of encryption encryption is the process of taking a message transforming it by replacing letters and changing it around until it looks like something totally not like a message that nobody can read you can send it to your destination and then they can decrypt it and get back the original data or the message that was there now like i said you probably don't think this has a lot of relevance to your life but i want to convince you if i do nothing else in this talk i want to convince you that every single one of you has used encryption a dozen or a hundred times today how many of you have cell phones on you how many of you have made a call today how many of you have sent a text message or a tweet every single one of you has used encryption to protect that data uh let me uh give you an example every time you make a cell phone call the data that's going over the air is encrypted and it's encrypted for really good reasons which is that if you don't encrypt that data anybody can listen into what you're saying if you live in the dc area right around here there's kind of a very special reason you might care about that this hasn't been widely reported but it has been reported that the fbi has been quietly removing devices from the tops of cell phone poles in the dc area and what these devices do is they capture all of the data arriving at that cell tone tower and they route that into the wire room at several foreign embassies in the area so the fbi has been taking these things down so what i like to say to my students is you're not paranoid everybody actually is out to get you all of these people are doing this stuff so that encryption is what's protecting you it's protecting you against people who don't have your best interests at heart we almost didn't get that encryption in the 90s there were big wars they call them the crypto wars about whether we should be able to have access to encryption i should also say that you know it's not just cell phones of course it's the internet it's every time you send an email there's almost always encryption going on somewhere sort of in there so now i want to change topics a little bit and actually before i get to what this this slide you see behind me is i want to tell you a story a personal story something that happened to me about two months ago so earlier this summer i received a call from a reporter at the public interest news site propublica which admittedly i had not heard of until that point and this reporter wanted to ask me about my area he wanted to talk to me about encryption and more specifically he had heard or he said he had seen documents claiming that the national security agency was weakening american encryption products and standards and making it so that basically none of the information sent over the internet was protected anymore so that all that information could be read by them and i'm ashamed to say that i i kind of thought that he was a little bit of a kook um and this is because it's kind of an occupational hazard in my area about once a month or every two months somebody comes to me and says the nsa is spying on me and by the way they have a bug in my light switch and can you help me remove it and so i kind of avoid those people but this guy was very nice and i talked to him for a while what i should have realized and this is by the way a lesson that you may not take to heart but it's important to me in 2013 when somebody calls you and tells you they have nsa documents believe them to take that away so i want to take you through a few of these nsa documents they were actually published these are our formerly classified documents i'm going to show you these were published in the new york times and in propublica but the story ran in the new york times they are now public you can actually go see them yourself i'll read you the title of the entire trove its secret documents reveal nsa campaign against encryption let's take a look at some of those slides okay so this is one of my favorite slides if only because of the title response to improving security so in other words we're getting more secure and that's a bad thing we need to do something about it this is actually a slide from gchq which is the british british version of the nsa they work very closely together and again these are not beautiful slides i'm just going to read you this information in case you can't see it for the past decade nsa has led an aggressive multi-pronged effort to break widely used internet encryption technologies vast amounts of encrypted internet data which have up till now been discarded are now exploitable so what technologies are we talking about this is a very hard slide to read so i'm going to help you uh one of them is that they are going to reach full operating capability for access to a major internet peer to peer voice and text communication system now i'm not going to name any names here but i think it rhymes with swipe okay another thing they mention here is that they're going to make gains in enabling decryption and computer network exploitation to fourth generation lte long-term evolution networks via enabling which means breaking the encryption how many of you have a 4g or an lte phone on you most of you exactly so this is something that's really important about this this is not breaking foreign encryption this is not breaking terrorist encryption it's breaking our encryption the same weakening applies to us now a lot of people have looked at this information they've argued that well you know it's it's it's spying and we need to spy there are people out there after 9 11 who are going to hurt us there are a lot of people who need to be able to find out what they're saying just a couple of weeks ago we saw we got a little glimpse at the kind of information the nsa is sweeping up this is a slide another nsa slide about buddy lists and inboxes that they're collecting these are basically who you talk to in your address book now what i want to point you to is not what they're doing but how big the scope of this effort is the nsa collects on a representative day 500 000 buddy lists and inboxes there aren't 500 000 terrorists in the world and certainly not communicating in a day this is mass surveillance encryption is one of the only technologies we have that can prevent that kind of mass surveillance and it's being taken apart and it's being weakened from right here inside of the country now i would like to convince you if i had more time i would sit you down i would convince you this is terrible for a whole bunch of reasons one of the reasons is obviously that it makes america weaker our own information systems use this exact same encryption now if we are going to protect ourselves and not just government communications but corporate communications personal communications bank communications we need this encryption to be strong and now it's been made weaker who knows who's going to exploit that i could also try to convince you that this is devastating to our technology industry these are people who rely on selling products to the whole world who's going to trust our technology now but i actually want to end on a slightly different note i want to show you a picture something that i don't think you've seen before you have seen this guy before this is james madison there are actually a number of pictures of this guy you've seen them in your history books what you probably haven't seen before is this don't bother straining your eyes if you're in the back row you won't be able to read this this is an in ciphered encrypted message that was sent in the 1780s i believe it was by james madison to monroe but there were a number of these this is one of hundreds of such communications it turns out that the founding fathers of our country were cryptology and cryptography enthusiasts and they weren't so interested in cryptography because it was some kind of academic pursuit they were interested in it because it was the only technology that could allow them to communicate with each other and to share their ideas securely and they had very kind of dangerous ideas ideas like the bill of rights which uh it turned out uh even after we became a country there were people who were actually steaming open letters at the post office the the 1780s equivalent of the nsa and they were reading those messages and using them for political purposes so a lot of these communications even after we became america were encrypted to protect these ideas nowadays the tools we use are actually very different but the purpose is the same these tools include things like tor the tor network which is an anonymous communication network truecrypt which encrypts your disks these are tools that allow people to share ideas and to organize and to communicate securely if the nsa is weakening these tools that's not something that i think we as americans should be condoning and i hope that you will all think about this a little bit in the future and maybe reach out to your congress person and see if there's something that maybe they can do about it thank you very much

Info

Channel: TEDx Talks

Views: 179,137

Rating: undefined out of 5

Keywords: Law, Politics, United States, International Affairs, Global Issues, Social Justice, Data Science, ted, English, tedx talks, tedx talk, ted x, tedx, ted talks, Public Policy, TEDxTalks, ted talk

Id: M6qoJNLIoJI

Channel Id: undefined

Length: 9min 32sec (572 seconds)

Published: Mon Oct 20 2014