Yes, The NSA Has Always Hated Encryption

from the like-kryptonite-to-spies dept

With the latest reports of the feds (both the NSA and the FBI) trying to get tech companies to cough up master encryption keys, Matt Novak of the awesome PaleoFuture blog (now a part of Gizmodo) notes that the NSA has a long history of hating civilians who use encription. While many of us lived through the crypto wars of the 90s, in which PGP was branded a weapon, and it was supposedly illegal to export it, Novak goes even further back to when the NSA flipped out about some of the early research on civilian cryptography in the 1970s:

As Jay Stowsky at UC-Berkeley notes in his 2003 paper "Secrets or Shields to Share?" the intelligence community fought tooth and nail against the private development of cryptography for computers. When the NSA got wind of the research developments at IBM, Stanford and MIT in the 1970s they scrambled to block publication of their early studies. When that didn't work, the NSA sought to work with the civilian research community to develop the encryption. As Stowsky writes, "the agency struck a deal with IBM to develop a data encryption standard (DES) for commercial applications in return for full pre-publication review and right to regulate the length, and therefore the strength of the crypto algorithm."

Naturally, in the Watergate era, many researchers assumed that if the U.S. government was helping to develop the locks that they would surely give themselves the keys, effectively negating the purpose of the encryption. Unlike IBM, the researchers at Stanford and MIT didn't go along with the standard and developed their own encryption algorithms. Their findings were published (again, against the wishes of the NSA) in the late 1970s after courts found that researchers have the right to publish on the topic of cryptography even if it makes the government uncomfortable. According to Stowsky, the NSA retaliated by trying to block further research funding that Stanford and MIT were receiving through the National Science Foundation.

Of course, imagine an internet without the kind of encryption we have today. While it still doesn't go nearly far enough it is one of the few things that really can significantly protect some aspects of privacy. Not only that, but it's really been key to many of the things that we now take for granted online, including e-commerce and online money transactions. Of course, if the NSA had had its way, we might not have that today -- or at least it wouldn't be nearly as trustworthy, meaning there would be a lot less of it.

Think about that every time the NSA or FBI wants master keys, backdoors or weaker encryption. They hype up the FUD about how they need this to stop extraordinarily low probability events like terrorist attacks, but allowing that technology creates tremendous innovations and benefits. When we do a basic cost-benefit analysis, the NSA is going to lose, but they'll try to scare the crap out of people so they don't even get a chance to realize what they're giving up.


Reader Comments (rss)

(Flattened / Threaded)

  1. This comment has been flagged by the community. Click here to show it
     
    identicon
    out_of_the_blue, Jul 30th, 2013 @ 3:41pm

    Why, it's getting so can't even trust Microsoft!

    Verdeckte Updates: Windows-Hintertür gefährdet Internetverschlüsselung

    http://www.spiegel.de/netzwelt/web/windows-hintertuer-gefaehrdet-ssl-vers chluesselung-a-913825.html

    Believe basically says that Microsoft has compromised SSL.


    Take a loopy tour of Techdirt.com! You always end up same place!
    http://techdirt.com/
    When you think surveillance, think Google!

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Anonymous Coward, Jul 30th, 2013 @ 4:00pm

    In the MMORPG reallife tech tree, encryption comes in the root of a lot of things.

    Without it, you wouldn't be able to do banking online, have virtual offices, telemedicine, privacy, private conversations, secure cars, secure medical equipment and implants.

    Although terrorism and in general extremism of any kind(e.g.: religious, nationalistic, racial, etc) can and from time to time causes loss of life, if compared to what tech enables and how much lifes it saves and secure, there is just no contest to the benefits it brings against the bad it could cause and mostly is because most people are not after others, most people just want to live their lifes in peace.

     

    reply to this | link to this | view in thread ]

  3.  
    icon
    John Fenderson (profile), Jul 30th, 2013 @ 4:30pm

    Re: Why, it's getting so can't even trust Microsoft!

    It doesn't say Microsoft has compromised SSL. It says that Microsoft has included functionality that allows them to change the root CA without you noticing (which could allow them to compromise SSL). It's a fine, but important, distinction.

    Of course, if your concern is spying, it has been known for over a decade that you should be avoiding Windows. Microsoft loves putting in backdoors for the NSA and other spy organizations.

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Mike, Jul 30th, 2013 @ 8:10pm

    Blah, they can probably decrypt it all... they just want to make you think it's secure so people think they're safe and continue to communicate online.

     

    reply to this | link to this | view in thread ]

  5.  
    icon
    G Thompson (profile), Jul 30th, 2013 @ 9:32pm

    Re: Why, it's getting so can't even trust Microsoft!

    Again... why has this comment been flagged...

    It's either a reportable comment based on community (Techdirt) guidelines and mores or ISN'T..

    Guess what? If this comment above by OOTB is reportable by breaching/skirting those unwritten guidelines then every single comment over the last few years should be too..

    And the tagline that OOTB puts at the end? So freakin what.. It's rhetorical opinion and basically some stories on TD have been loopy. That's what makes the place great

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Anonymous Coward, Jul 30th, 2013 @ 10:51pm

    Re: Re: Why, it's getting so can't even trust Microsoft!

    Its been flagged because the arbitrary number of people that are required to flag the comment has been reached. If you instead mean why have these people flagged this comment, it is not the content of the comment but rather the commentator. Imaging these hypothetically unwritten guidelines, I imagine there would be a clause in there to attempt to post on topic and contribute to the discussion at hand, a clause that OOTB would have breached an excessive number of times with his rants, to the point that the community don't believe he's worth giving another chance.

    While I don't really agree with the sentiment of flagging the comments just cause its OOTB, I can see where the desire for it comes from.

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Anonymous Coward, Jul 31st, 2013 @ 12:22am

    Re:

    And what happens when the Government is the terrorists?

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous Coward, Jul 31st, 2013 @ 2:40am

    Re: Re:

    Depends how strong that government' military is, in this instance, US Armed drones overflying independent nations in mid-east raining down surprise attacks, No Declared War, very definition of terrorism, only a fellow with a forked tougne, would define it otherwise

     

    reply to this | link to this | view in thread ]

  9.  
    icon
    Ninja (profile), Jul 31st, 2013 @ 4:48am

    Amusingly by promoting and engaging in mass surveillance they are making people push for encryption standards and strengths that are much harder to crack. That along with anonymizing alternatives will breed very fertile grounds for criminals to work with very few hassles.

    Why instead not do the very basic, narrowly focused investigative work in the first place? No encryption tool can prevent such work from uncovering the truth.

     

    reply to this | link to this | view in thread ]

  10.  
    icon
    Josh in CharlotteNC (profile), Jul 31st, 2013 @ 6:37am

    Re: Re: Re: Why, it's getting so can't even trust Microsoft!

    ootb is has admitted that the only reason he posts is to disrupt the discussion. Something that arguing over whether his comment should be hidden in every post achieves remarkably well. And yes, I'm now adding to the disruption.

     

    reply to this | link to this | view in thread ]

  11.  
    icon
    Josh in CharlotteNC (profile), Jul 31st, 2013 @ 6:47am

    Re:

    Barring the mythical and non-existant quantum computers or a serious breakthrough in factoring mind bogglingly large numbers, brute forcing a modern encryption scheme is not possible. What the NSA (or other people breaking encryption systems like DRM) rely on to break encryption schemes are flaws in how keys are managed or generated, attacks that depend on knowing what parts of the message already are, and other flaws that turn what is supposed to be a completely random encrypted message into something that is predictable instead of random.

     

    reply to this | link to this | view in thread ]

  12.  
    icon
    Hephaestus (profile), Jul 31st, 2013 @ 6:54am

    "They hype up the FUD about how they need this to stop extraordinarily low probability events like terrorist attacks"

    Over a ~thirty year period (1982 to 2012) these are the likelihoods of you dying of something other than terrorism.

    heart disease 17,600 times
    medical error 5,882 times
    car accident 1048 times
    falling 404 times
    drown 87 times
    railway accident 13 times
    accidental suffocation in bed 12 times
    choke to death on your own vomit 9 times
    killed by a police officer 8 times
    accidental electrocution 8 times
    hot weather 6 times

    And my favorite

    Death by lightning strike 1 times

     

    reply to this | link to this | view in thread ]

  13.  
    icon
    art guerrilla (profile), Jul 31st, 2013 @ 7:23am

    Re: Re: Re: Why, it's getting so can't even trust Microsoft!

    you will not find anyone against censorship more than i am; HOWEVER, OOTB has EARNED his auto-reporting over many, many, many slimy posts... i don't agree with it, but he has no one to blame but himself for pissing off a large portion of the community repeatedly...

    his signal to noise ratio is not worth the effort...

    (oh, and i *do* call this a *form* of censorship, albeit about as inoffensive as can be imagined...)

    i like the commenting/reporting system at slashdot, which not only downgrades the obvious trolls, but generally 'rates' the comments in a semi-fair manner, such that ALL the fluff (whether trollish, off-topic, repetitive, or simply stupid) can be 'hidden' if that is how you set your level of surfing slashdot...

    art guerrilla
    aka ann archy
    eof

     

    reply to this | link to this | view in thread ]

  14.  
    icon
    Nicholas Weaver (profile), Jul 31st, 2013 @ 7:41am

    The strange thing is, DES was NOT weakened by the NSA!

    A strange coda to the story however. DES was NOT weakened by the NSA. The design's subtle tweaks by the NSA ended up being used to counter differential cryptanalysis, and although the key length was somewhat short, it was still uncrackable at the time of development (now its crackable in a day or less).

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Anonymous Coward, Jul 31st, 2013 @ 8:03am

    Re: Re: Re: Re: Why, it's getting so can't even trust Microsoft!

    ootb is not censored, anyone wanting to read his comments are perfectly capable of clicking the link to see them.

    He is free to say what he wants, he is not free to force us all to read it.

     

    reply to this | link to this | view in thread ]

  16.  
    icon
    Uriel-238 (profile), Jul 31st, 2013 @ 10:15am

    Poor encryption costs lives.

    When I read Why, it's getting so can't even trust Microsoft! I read it as sarcastic. Microsoft's never had secure encryption as a top priority.

    PFS, people. It's the new condom.

    This just reminds me that our communications should be securely encrypted long before we have need for it (say, engaging in subject matters that might be regarded as seditionary.)

    Interestingly, we're closing in on the 100th anniversary of the Zimmerman Telegram.

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    Anonymous Coward, Jul 31st, 2013 @ 1:59pm

    One benefit of the gov't restricting key lengths to 40 bits for any exported system: very weak encryption on DVD's.

     

    reply to this | link to this | view in thread ]

  18.  
    icon
    yaga (profile), Jul 31st, 2013 @ 6:46pm

    Why is encryption spelled with an "i" in the third sentence? Or am I imagining that?

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Anonymous Coward, Aug 1st, 2013 @ 1:21pm

    Goverments hate Bitcoin.

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Anonymous Coward, Aug 1st, 2013 @ 1:21pm

    Re:

    Governments

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    Anonymous Coward, Aug 1st, 2013 @ 1:21pm

    Re: Re: Why, it's getting so can't even trust Microsoft!

    Linux FTW :)

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This