Permanent Record(83)



Encryption algorithms are basically just sets of math problems designed to be incredibly difficult even for computers to solve. The encryption key is the one clue that allows a computer to solve the particular set of math problems being used. You push your readable data, called plaintext, into one end of an encryption algorithm, and incomprehensible gibberish, called ciphertext, comes out the other end. When somebody wants to read the ciphertext, they feed it back into the algorithm along with—crucially—the correct key, and out comes the plaintext again. While different algorithms provide different degrees of protection, the security of an encryption key is often based on its length, which indicates the level of difficulty involved in solving a specific algorithm’s underlying math problem. In algorithms that correlate longer keys with better security, the improvement is exponential. If we presume that an attacker takes one day to crack a 64-bit key—which scrambles your data in one of 264 possible ways (18,446,744,073,709,551,616 unique permutations)—then it would take double that amount of time, two days, to break a 65-bit key, and four days to break a 66-bit key. Breaking a 128-bit key would take 264 times longer than a day, or fifty million billion years. By that time, I might even be pardoned.

In my communications with journalists, I used 4096-and 8192-bit keys. This meant that absent major innovations in computing technology or a fundamental redefining of the principles by which numbers are factored, not even all of the NSA’s cryptanalysts using all of the world’s computing power put together would be able to get into my drive. For this reason, encryption is the single best hope for fighting surveillance of any kind. If all of our data, including our communications, were enciphered in this fashion, from end to end (from the sender end to the recipient end), then no government—no entity conceivable under our current knowledge of physics, for that matter—would be able to understand them. A government could still intercept and collect the signals, but it would be intercepting and collecting pure noise. Encrypting our communications would essentially delete them from the memories of every entity we deal with. It would effectively withdraw permission from those to whom it was never granted to begin with.

Any government hoping to access encrypted communications has only two options: it can either go after the keymasters or go after the keys. For the former, they can pressure device manufacturers into intentionally selling products that perform faulty encryption, or mislead international standards organizations into accepting flawed encryption algorithms that contain secret access points known as “back doors.” For the latter, they can launch targeted attacks against the endpoints of the communications, the hardware and software that perform the process of encryption. Often, that means exploiting a vulnerability that they weren’t responsible for creating but merely found, and using it to hack you and steal your keys—a technique pioneered by criminals but today embraced by major state powers, even though it means knowingly preserving devastating holes in the cybersecurity of critical international infrastructure.

The best means we have for keeping our keys safe is called “zero knowledge,” a method that ensures that any data you try to store externally—say, for instance, on a company’s cloud platform—is encrypted by an algorithm running on your device before it is uploaded, and the key is never shared. In the zero knowledge scheme, the keys are in the users’ hands—and only in the users’ hands. No company, no agency, no enemy can touch them.

My key to the NSA’s secrets went beyond zero knowledge: it was a zero-knowledge key consisting of multiple zero-knowledge keys.

Imagine it like this: Let’s say that at the conclusion of my CryptoParty lecture, I stood by the exit as each of the twenty audience members shuffled out. Now, imagine that as each of them passed through the door and into the Honolulu night, I whispered a word into their ear—a single word that no one else could hear, and that they were only allowed to repeat if they were all together, once again, in the same room. Only by bringing back all twenty of these folks and having them repeat their words in the same order in which I’d originally distributed them could anyone reassemble the complete twenty-word incantation. If just one person forgot their word, or if the order of recitation was in any way different from the order of distribution, no spell would be cast, no magic would happen.

My keys to the drive containing the disclosures resembled this arrangement, with a twist: while I distributed most of the pieces of the incantation, I retained one for myself. Pieces of my magic spell were hidden everywhere, but if I destroyed just the single lone piece that I kept on my person, I would destroy all access to the NSA’s secrets forever.





25



The Boy





It’s only in hindsight that I’m able to appreciate just how high my star had risen. I’d gone from being the student who couldn’t speak in class to being the teacher of the language of a new age, from the child of modest, middle-class Beltway parents to the man living the island life and making so much money that it had lost its meaning. In just the seven short years of my career, I’d climbed from maintaining local servers to crafting and implementing globally deployed systems—from graveyard-shift security guard to key master of the puzzle palace.

But there’s always a danger in letting even the most qualified person rise too far, too fast, before they’ve had enough time to get cynical and abandon their idealism. I occupied one of the most unexpectedly omniscient positions in the Intelligence Community—toward the bottom rung of the managerial ladder, but high atop heaven in terms of access. And while this gave me the phenomenal, and frankly undeserved, ability to observe the IC in its grim fullness, it also left me more curious than ever about the one fact I was still finding elusive: the absolute limit of who the agency could turn its gaze against. It was a limit set less in policy or law than in the ruthless, unyielding capabilities of what I now knew to be a world-spanning machine. Was there anyone this machine could not surveil? Was there anywhere this machine could not go?

Edward Snowden's Books