Last Updated on November 27, 2018 by Dave Farquhar
Ever since the Snowden leaks, there’s been considerable speculation about what cryptography the NSA could break, and why. Finally, there’s a study that goes into deep detail about what it is the NSA probably can break, and why, plus how to protect against it.
The takeaway is all the way at the bottom, but the real key is to remember two numbers: 1024 and 2048. It’s no longer safe to use 1024-bit primes in your RSA keys and elsewhere. Bump all of your asymmetric key lengths up to 2048, and you’re resistant to nation-state attacks.
It’s also important to stop using obsolete cryptography. SHA1 and RC4 are no longer safe to use. Use SHA256 and AES. Counterintuitively, AES128 is probably safer for the moment in SSL than AES256, but that’s going to be only a temporary thing. SSL as a whole is no longer safe to use–use TLS, and ideally, use TLS 1.2. When encrypting hard drives or individual files, use 256-bit AES.
It’s important to keep in mind that the NSA isn’t the only one with this capability. If the NSA can break 1024-bit primes, it’s likely the equivalent Russian and Chinese agencies can as well. Or they’ll be able to very soon.
Knowledge of these kinds of things is fair game for security certification tests.
David Farquhar is a computer security professional, entrepreneur, and author. He started his career as a part-time computer technician in 1994, worked his way up to system administrator by 1997, and has specialized in vulnerability management since 2013. He invests in real estate on the side and his hobbies include O gauge trains, baseball cards, and retro computers and video games. A University of Missouri graduate, he holds CISSP and Security+ certifications. He lives in St. Louis with his family.