Google Is Deploying New Encryption Between Data Centers to Counter the NSA

The latest reveals that the NSA regularly bypasses encryption are troubling

  Google plans to improve the encryption between its data centers
Google already uses some of the best encryption on the internet and announced plans to upgrade that encryption ahead of the Edward Snowden leaks.

Google already uses some of the best encryption on the internet and announced plans to upgrade that encryption ahead of the Edward Snowden leaks.

Now though, after it has been revealed that the NSA has ways of breaking, weakening or at least bypassing online encryption, the company has vowed to improve its standard encryption methods even further and implement the changes ahead of schedule.

A few months back, Google announced that it would be bumping up the encryption of its SSL certificates to 2048 bits from the current 1024. These will be 1024 times harder to break via brute force compared to the old ones since difficulty increases exponentially with each bit added to a key.

Google is also one of the few if not the only big player to use different keys for each user session. So even if one key is compromised, the attacker would only have access to the data encrypted during one session. These keys change roughly once a day, at most.

But Google is also bumping up the encryption between its data centers, as it told the Washington Post.

Since the company has data centers around the world, most of the traffic to and from Google flows through the connections between these data centers. Anything to improve the encryption of that connection makes it harder for anyone to break into this main data flow.

That said, all of this only serves to protect data from broad attacks and attempts at interception. If the NSA comes to Google with a legal request for user data, the company has to comply.

So, you won't be any more protected by all the encryption in the world if the NSA is targeting you. But all Google users should be more protected against dragnet methods that sweep up all traffic. And you can take some steps yourself to better protect your data.

Comments