Yahoo on Monday announced it will extend 2048-bit encryption planned for Yahoo Mail across its entire network.
CEO Marissa Mayer reiterated that the company “has never given access to our data centers to the NSA or to any other government agency.”
However, documents from NSA whistleblower Edward Snowden published in August by The Guardian indicate the United States National Security Agency reimbursed Yahoo, Google and other high-tech companies for costs incurred to meet the demands of its Prism surveillance program.
“I think they’re trying to get ahead of any potential competitor and say ‘This is what we’re doing, here’s why you should go with us for email and other services,” Daniel Castro, senior analyst at the Information Technology & Innovation Foundation, told the E-Commerce Times.
Yahoo’s Screw-Tightening Road Map
Yahoo will encrypt all information moving between its data centers and offer users the option to encrypt all data flowing to and from its servers by the end of Q1.
It will work with international mail partners to ensure that Yahoo-branded mail accounts are HTTPS-enabled.
“We will continue to evaluate how we can protect our users’ privacy and their data,” Mayer said. “We appreciate, and certainly do not take for granted, the trust our users place in us.”
That assertion may raise some eyebrows in light of Yahoo’s statement to The Guardian that it requested reimbursement in keeping with laws that require the U.S. government to pay providers for costs incurred to respond to a compulsory legal process imposed by the government.
Going With the 2048-Bit Flow
The move to 2048-bit security has been gaining strength.
Google announced in May that it would upgrade all its SSL certificates to 2048-bit keys by the end of the year, and several digital certificate authorities are implementing 2048-bit security.
The Certification Authority/Browser Forum and the U.S. National Institute of Standards and Technology have determined that key lengths of less than 2048 bits are no longer strong enough in light of the increase in computing power, Symantec has pointed out.
After Dec. 31, all certificate authorities have to stop issuing 1024-bit certs and revoke any certs with key lengths before 2048 bits.
Can We Trust Big Brother?
Perhaps NIST’s recommendation should be taken with a grain of salt, though, since the Institute took the recommendation of the NSA to make the Dual Elliptic Curve Deterministic Random Bit Generator (Dual_EC_DRBG), which had a back door introduced by the agency, as a security standard.
Still, using 2048-bit symmetric encryption “is definitely a good thing from a security perspective” because it would take decades to brute-force an example with modern supercomputers, Alex Watson, director of security research at Websense, told the E-Commerce Times.
“Most vulnerabilities in modern cryptosystems exist in their implementation,” Watson continued.
One such flawed implementation is repeating random numbers in cryptographic keys, noted Nadia Heninger in the Freedom to Tinker blog.
The problem mainly affects embedded devices such as routers and virtual private network devices. One solution is to have a large enough pool of random numbers to draw on that the numbers will not be repeated.
Pros and Cons of 2048-Bit Encryption
Equipment upgrades may be needed when dealing with a service provider that has implemented the 2048-key encryption.
An internal upgrade might impact server resources; 2048-bit key lengths can require more than 4x as much CPU usage, notes Kemp Technologies.
Solutions range from upgrading the server processor to adding a cryptography ASIC card or placing an SSL accelerator appliance in front of the servers.
However, most modern CPUs have native acceleration for cryptographic algorithms, Websense’s Watson pointed out, so there is “relatively little” reduction in performance.