Matthew Green, an assistant professor in the Department of Computer Science and the Information Security Institute at Johns Hopkins, is an expert in encryption. He spoke with us about PRISM, the top-secret National Security Agency surveillance operation that was first made public late last week by The Washington Post and The Guardian.
According to the reports, the NSA and FBI are tapping directly into the central servers of nine leading U.S. Internet companies—including Google, Microsoft, Apple, Yahoo, Facebook, Skype, and YouTube—to obtain audio and video chats, photographs, e-mails, documents, and other information that enable analysts to track foreign targets.
How do you think the recent disclosures about the NSA's PRISM program might affect cryptography research (yours and the field in general)?
At the moment PRISM doesn't have any impact. Right now the real concern comes from a set of related measures that we refer to as CALEA II. This refers to a set of proposals designed to address the "problem" of end-to-end encrypted communications, possibly by adding "backdoors" to voice and IM software with this capability.
We learned from the PRISM slide deck that some services (like Skype and PalTalk) already have some kind of wiretap capability. There seems to be a movement in Washington to mandate such eavesdropping backdoors on all software, even possibly in open source software. This would obviously extend the eavesdropping capabilities in PRISM and would make it very difficult to hide from government eavesdropping.
This has huge implications for cryptographic research, particularly research like our work at Hopkins, which aims to release working privacy tools. For more, see this document about CALEA II.
Tor is a great system and has both good and bad features. For one thing, Tor is distributed and run by volunteers all over the world. That makes it hard for a single agency to target Tor with a court order. At the same time, Tor was not really designed to handle nation-state adversaries like the NSA.
There are known weaknesses in the technology—things like using message timing and traffic analysis to trace connections—that are too sophisticated for you or I to exploit, but would be in the capability of the NSA. There have been persistent rumors that many Tor "exit nodes" (the last Tor server on each connection, and the one that sees your web traffic in the clear) have been operated by parties like the FBI or NSA. None of these are confirmed, but it wouldn't be beyond the reach of these agencies.
More the point: Tor is a huge target. If al-Qaida is using it to communicate, you can bet that the U.S. intelligence community is devoting resources to monitoring it.
Are there other Internet applications that the public can use to protect their privacy, in the age of PRISM, when they are phone-calling, emailing, texting, browsing, etc.?
Right now there are quite a few. SilentCircle makes an excellent encrypted phone and IM application for the iPhone and Android, though you have to subscribe to their service in order to use it. RedPhone by WhisperSystems offers a similar service but using free software. Online chat applications Adium and Cryptocat offer "off the record" (OTR) messaging, which encrypts all of your chat messages using strong encryption.
I wrote a long review of some of these things a few months back.
The real problem with many of these apps—aside from the fact that they're hard to use—is that they often leak who you're communicating with, even if they encrypt the content of communications. And as we've learned over the last week, this "metadata" can be useful in surveillance.