::  Posts  ::  RSS  ::  ◂◂RSS  ::  Contact

Decrypt All Https Traffic?

August 30th, 2013
tech, privacy  [html]
With the recent increased interest in internet surveillance, people sometimes say things like "the NSA is snooping on everything, even encrypted traffic". Could they really do that? How hard would it be?

No one has good stats on total internet traffic but Wikipedia publishes their numbers and we can use that to estimate. They get 12.7B monthly global pageviews or 4.9K pageviews per second. Alexa estimates that Wikipedia has 5,629 pageviews per million, which is another way of saying they're 0.5629% of all traffic. These give total pageviews per second for the internet as a whole at around 1 million. [1]

(Note: all the numbers in this post are very rough. In talking about practicality of breaking cryptography we often care about orders of magnitude of orders of magnitude.)

I can't find any stats on what fraction of these are encrypted, but let's say 1 in 50 (2%). That's 20K encrypted pages per second. What kind of hardware would you need to keep up with that?

Imagine we were all still using DES to encrypt everything. While there are some theoretical attacks faster than brute force, in practice people just try all the combinations. The key length is 56 bits, so there are only 256 keys to try. This is low enough to be practical now: you can pay cloudcracker to do this in about a day. They're using specialized hardware and on average need 12 hours to crack a DES key.

At 12 hours per key on one machine to crack the 20K/s of https traffic as it comes in you'd need about a 0.9 billion of them. Maybe they cost $1K each in those quantities, so this is about $1T for just the machines. Electricity to run and cool them would also be enormous, but $1T is already more than ten times the entire intelligence budget.

But the NSA would have custom hardware, right? Those machines are using powerful FPGAs, 48 per box with 40 cores each, but in those volumes you want to go with custom chips. Even if you can get them down to $1 for a 40 core chip you still need 40 billion of them, along with all the supporting hardware and infrastructure.

Remember, though, that all of this is about cracking DES while the weakest encryption people are using for SSL is 128 bit AES. With keys this long brute force is beyond impractical. [2] There might be flaws in AES, but they would need to bring it from a complexity of 2128 down to 256 before they were in the range of DES, and that would be an incredible cryptographic achievement. [3]

Unless the NSA has production-quality quantum computers or has solved AES to where it's trivial to break, both of which are very unlikely, they're not decrypting https traffic at scale.


[1] Methodology from here.

[2] The Landauer limit is the "minimum possible amount of energy required to change one bit of information," and is 2.89e-21 joules. Trying 2128 keys requires at least that many bit flips, so 9.8e17 joules. That's 278 terawatt hours, which is about 1000 large power plants operating for a year. And testing a key would require many bit flips, not just one.

[3] The best public attack (pdf) gets the complexity down to 2126.1.

Comment via: google plus, facebook

Recent posts on blogs I like:

Train and Bus Cleaning

Well before the coronavirus struck, I noticed how trains in Asia were cleaner than in Europe, which are for the most part cleaner than in the United States. There are overlaps: the elevated BTS in Bangkok is similar to the cleaner cities in Europe, like L…

via Pedestrian Observations April 8, 2020

Improving your Internet for video calls

Lots of people have really bad video calls for avoidable reasons. Here’s how to fix that.

via benkuhn.net April 8, 2020

Finding home in the time of coronavirus

Disclaimer: I’m going to say this once. Obviously, I am not happy about the coronavirus’s threat to public health or the economic toll it’s taking. I do not think the existence of this pandemic is good. Just so happens that social distancing and remote wo…

via Holly Elmore March 31, 2020

more     (via openring)

More Posts:


  ::  Posts  ::  RSS  ::  ◂◂RSS  ::  Contact