Is open source encryption the answer to NSA snooping?

FREE

Become An Insider

Sign up now and get free access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content from the best tech brands on the Internet: CIO, CITEworld, CSO, Computerworld, InfoWorld, ITworld and Network World. Learn more.

Going the open source route to encrypt enterprise data has its own potential pitfalls

When Unisys CISO John Frymier came in to work on Friday, Sept. 6, the phones were ringing, and continued to ring all day. Customers were panicking over the news headlines of the day before. The NSA had cracked Internet encryption. The NSA was listening in to everything. European customers were especially concerned, he says.

Fortunately, many of the headlines had been unnecessarily alarmist.

"The earlier types of encryption, with 64 bits or less, the NSA has figured out how to brute force decrypt at least some of that traffic," he says. "But the more modern, strong encryption, with 128 or 256 encryption units, they can't decrypt that. And it bothers them no end"

Customers can still trust it, he says.

To continue reading, please begin the free registration process or sign in to your Insider account by entering your email address:
Recommended
Join the discussion
Be the first to comment on this article. Our Commenting Policies