John Gilmore On How The NSA Sabotaged A Key Security Standard
from the betrayal-of-trust dept
In Bruce Schneier’s uplifting call to fix the Internet in the wake of key technologies being subverted by the US government, one of the things he asks engineers to do is to come forward with detailed information about how the NSA did that:
We need to know how exactly how the NSA and other agencies are subverting routers, switches, the internet backbone, encryption technologies and cloud systems. I already have five stories from people like you, and I’ve just started collecting. I want 50. There’s safety in numbers, and this form of civil disobedience is the moral thing to do.
Although not directly answering that call, EFF co-founder John Gilmore has written a fascinating short post about what he noticed happening on an IETF standards committee drawing up the important IPsec standard:
NSA employees participated throughout, and occupied leadership roles in the committee and among the editors of the documents
…
Every once in a while, someone not an NSA employee, but who had longstanding ties to NSA, would make a suggestion that reduced privacy or security, but which seemed to make sense when viewed by people who didn’t know much about crypto.
…
The resulting standard was incredibly complicated — so complex that every real cryptographer who tried to analyze it threw up their hands and said, “We can’t even begin to evaluate its security unless you simplify it radically”.
Needless to say, it was never simplified. Gilmore also reports what happened elsewhere:
In other circumstances I also found situations where NSA employees explicitly lied to standards committees, such as that for cellphone encryption, telling them that if they merely debated an actually-secure protocol, they would be violating the export control laws unless they excluded all foreigners from the room (in an international standards committee!).
Of course, this remains at the anecdotal level. But if Schneier gets his 50 NSA stories, we should start to have a much clearer picture of what the agency has been up to — and how to stop it happening in the future.
Follow me @glynmoody on Twitter or identi.ca, and on Google+
Filed Under: backdoors, encryption, ietf, john gilmore, nsa, sabotage, standards, surveillance
Comments on “John Gilmore On How The NSA Sabotaged A Key Security Standard”
There is a simple solution to the problem:
Kill them and take their stuff. ‘Tis the Olde Viking way, and it seems apropos now.
No sarcasm today
I’m very concerned here. It now looks like we have to totally rebuild the entire security scheme for the internet. This means SSL certificates, VPNs, appliances, everything! This will be a long and difficult task because surely the new security model will have to be vetted by experts and where will these experts come from? Not from the NSA. Even the most rudimentary building block such as a random number generator will need to be touched. Since we all know by now the NSA turned even a random number generator into a back door, making all encryption techniques breakable with ease.
As memos noted, citizens are the enemy here. So I say we MUST prevent all government agencies from influencing the design of any security infrastructure. They are immediately ineligible and suspect. The design must be elegant, simple to understand by a reasonable person with security knowledge. The source open so flaws can be detected and fixed. The design needs to be such that current technology would take years to brute force an attack. We don’t want to rely on OEM libraries since they are also suspect. That is no using standard or certified libraries, since certification means endorsed by the enemy. All appliances such as switches and routers, telephony, etc. all need the firmware re-written.
Unfortunately we won’t be told what encryption is safe, so we must assume none of it is. Further, we need to adopt an update strategy every few years and change the basic algorithm, even if it is strong, merely to ensure the current method has not been compromised.
Re: No sarcasm today
Unfortunately, right after they get excluded from the process as security risks, they’ll go to Congress and get it make illegal to exclude them. And then the US will become a third world country as far as tech development is concerned.
Re: Re: No sarcasm today
And that’s if we’re lucky. If we’re not, it will be a secret court issuing a secret injunction against excluding secret agents and nobody will know they’re breaking the law even after people start disappearing into secret jails where national security trumps the right to due process.
Re: No sarcasm today
Please, it is not that complex. Run two levels of encryption, one that is trusted like we do now for web sites, and another underneath that is public-private key generated at both ends. It does not matter if they have hacked the routers, switches or even have the root certificates for the entire internet at that point all they get is noise.
http://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange
http://en.wikipedia.org/wiki/Public-key_cryptography
Re: Re: No sarcasm today
Most implementations of DH are compromised at the moment. Only the ones using elliptical curve algorithms are even in the running for secure.
i hope this can be sorted out pretty quickly, or there will be no room left in the prisons to take all the criminals the NSA have made out of ordinary people. perhaps a roll reversal is in order?
Of FFS..
So all the bullshit I went through to get my IPsec tunnels between different vendors working was just so the NSA could have an extra complex standard to slip vulnerabilities into.
Talk about backwards engineering.
Re: Of FFS..
It’s worse, considering the crackers now know where to look in secure standards to break into, not just small enterprises, but big ones….y’know, like banks.
Good job, NSA!
Next relevations in (redacted)
Therefore by using only metadata we can now realize that also DNSSEC has been compromised by DOJ and DOD.
Great job guys and gals…
Security starts a home
there is no point in discussing encryption until the question of un-authorized programming is settled
i don’t think there is any point in discussing un-authorized programming unless we are using open-source software ( I’m using Linux/Mint )
i tend to agree with Snowden — nothing wrong with encryption that we have — e.g. GnuPG — implemented properly
he means on a secure host, and don’t use “123456” for you password
the existing x.509 and CA structure is a mess: you are trusting everything your browser sends you — and everything that mess has signed for
the First Thing a computer user should do is generate his key pair . once that’s done he is in a position to vet and sign certificates . he won’t need to do many of these — just those that need to be secured — e.g. NewEgg, Amazon, Credit Union, TurboTax, — anyplace money is involved. you don’t need https on a blog site. but you DO need GnuPG on your e/mail
Thunderbird/ENIGMAIL is one solution.