Yes, it seems like the mystery has been solved.
We are aware of the United States National Security Agency (NSA) powers to break almost unbreakable encryption used on the Internet and intercept nearly Trillions of Internet connections – thanks to the revelations made by whistleblower Edward Snowden in 2013.
However, what we are not aware of is exactly how did the NSA apparently intercept VPN connections, and decrypt SSH and HTTPS, allowing the agency to read hundreds of Millions of personal, private emails from persons around the globe.
Now, computer scientists Alex Halderman and Nadia Heninger have presented a paper at the ACM Conference on Computer and Communications Security that advances the most plausible theory as to how the NSA broke some of the most widespread encryption used on the Internet.
According to the paper, the NSA has exploited common implementations of the Diffie-Hellman key exchange algorithm – a common means of exchanging cryptographic keys over untrusted channels – to decrypt a large number of HTTPS, SSH, and VPN connections.
Diffie-Hellman – the encryption used for HTTPS, SSH, and VPNs – helps users communicate by swapping cryptographic keys and running them through an algorithm that nobody else knows except the sender and receiver.