Tor encryption can allegedly be accessed by the NSA according to a security expert. While the Tor browser is popular amongst people who would prefer to protect their identity and what they are doing online, a security expert suggests that the NSA might still be able to access the encrypted data.
A security expert by the name of Robert Graham, however, has outlined his reasons for actually believing that the NSA might not even need tricks and paltry exploits in order for them to gain access to Tor, according to a blog post on Erratasec. Why? The security expert notes that this is because they might already have the keys to the kingdom. If they don't, then they might be able to, according to arsTechnica.
Tor Version 2.3 VS. Tor Version 2.4
Tor uses 1024 bit keys in order for it to be able to run a lot of its encryption and it is currently pretty much agreed that the actual NSA is capable of cracking these with the use of custom chips that IBM along with other manufacturers make for them. It was noted that this is especially true for anyone that is still using the older versions of Tor like the Tor 2.3 version.
The newer Tor 2.4 version, however, has better security but it was said that only about 10% of Tor's total servers have actually been upgraded. The security researcher, Graham, ran a sort of "hostile" exit node on a massive 22,920 Tor connections in order to look at the encryption that is mediated by algorithms on the incoming connections.
Is Tor Safe?
There were only about 24% that were using the newer Tor 2.4 version software. This means that there are still about 76% of users that were still using the older, NSA-vulnerable version keys.
According to the article by arsTechnica, Graham then called on Tor Project leaders to try and do a better job of getting their end users to finally upgrade to the newer 2.4 version. He then wrote that of course, this is basically just guessing when it comes to finding out the NSA's true capabilities.
He also noted that it turns out that the newer elliptical keys can turn out to be much easier to be cracked than previously thought. This means that the older software might actually be more secure. It was noted however that due to the 1024 bit RSA/DH being used as a popular SSL encryption, Graham assumes that the NSA is best at cracking it.
This article is owned by Tech Times
Written by Urian B.