Details Reveal Crypto Standard Controlled By NSA; And How Canada Helped

from the international-cooperation dept

After the revelations of how the NSA basically authored a crypto standard surreptitiously with obligatory backdoors, plenty of people started exploring exactly which standard it was -- and called on the various reporters with access to Snowden's documents to come clean, mainly to protect people who were now using insecure crypto. Buried in a blog post that focuses more on the NIST's non-response to the news, the NY Times finally revealed both what standard it was, the Dual EC DRBG standard, and how Canadian intelligence basically was the cover, helping to hide the NSA's efforts:
But internal memos leaked by a former N.S.A. contractor, Edward Snowden, suggest that the N.S.A. generated one of the random number generators used in a 2006 N.I.S.T. standard — called the Dual EC DRBG standard — which contains a back door for the N.S.A. In publishing the standard, N.I.S.T. acknowledged “contributions” from N.S.A., but not primary authorship.

Internal N.S.A. memos describe how the agency subsequently worked behind the scenes to push the same standard on the International Organization for Standardization. “The road to developing this standard was smooth once the journey began,” one memo noted. “However, beginning the journey was a challenge in finesse.”

At the time, Canada’s Communications Security Establishment ran the standards process for the international organization, but classified documents describe how ultimately the N.S.A. seized control. “After some behind-the-scenes finessing with the head of the Canadian national delegation and with C.S.E., the stage was set for N.S.A. to submit a rewrite of the draft,” the memo notes. “Eventually, N.S.A. became the sole editor.”
That same article notes that people inside NIST "feel betrayed by their colleagues at the NSA," but I wonder if NIST will ever be able to regain any real sense of trust with the crypto community.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Anonymous Coward, Sep 11th, 2013 @ 3:59pm

    I hope not. Better start fresh with a new international body with ZERO influence from governments.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Anonymous Coward, Sep 11th, 2013 @ 4:17pm

    This raises a seriously disturbing question

    We're now looking at an existence proof that the NSA has deliberately interfered with a cryptographic standards/development process in order to weaken/backdoor it.

    NSA personnel (and ex-NSA personnel) have been involved in US-based crypto in government, industry and academic for decades. They've been part of the work done on the math, the standards, the software, the hardware, the procedures, everything.

    Should we conclude that they've only done this once?

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, Sep 11th, 2013 @ 4:19pm

    Re:

    nah, open source is the only bet. no closed room shit, all out in the open and count on China/Russia/USA to point out all the weaknesses they dont want the enemy to exploit.

     

    reply to this | link to this | view in thread ]

  4.  
    icon
    Brent Ashley (profile), Sep 11th, 2013 @ 4:23pm

    My detailed Canadian perspective on this

    Sorry.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Anonymous Coward, Sep 11th, 2013 @ 4:35pm

    It's all right there in the name, hidden in plain sight.
    EC DRBG = Evil Canadian DiRtBaGs.

    (Of course, the C could also stand for Corrupt.)

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Anonymous, Sep 11th, 2013 @ 4:36pm

    Re:

    That was me, Anonymous, who posted that BTW.

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Me, Sep 11th, 2013 @ 4:46pm

    Even open source isn't completely safe if the NSA is running the show (in the sense it might take much longer than it otherwise would for the duplicity to be uncovered). The answer is at a minimum to blackball NSA personnel and alumni.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    PRMan, Sep 11th, 2013 @ 5:02pm

    Re: This raises a seriously disturbing question

    I wondered that very thing the first time I heard that AES was approved by the NSA.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    PRMan, Sep 11th, 2013 @ 5:02pm

    Re: My detailed Canadian perspective on this

    You mean, "Sow-ry".

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Anonymous Coward, Sep 11th, 2013 @ 5:23pm

    Canada

    Been saying for years: Canada is evil.

    But nobody will listen. Even their healthcare is sinister.

     

    reply to this | link to this | view in thread ]

  11.  
    icon
    OldMugwump (profile), Sep 11th, 2013 @ 5:30pm

    Re: Blackball NSA personnel and alumni

    No, don't blackball them. They'll just go undercover.

    The real lesson is to trust no one.

    You must assume everyone is cheating and trying to slip a fast one by. Because some of them are, and you'll never know which ones.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Anonymous, Sep 11th, 2013 @ 5:57pm

    Re: Re: Blackball NSA personnel and alumni

    Why should we trust you? Oh wait, you already said we shouldn't. But if we are to trust you, then we can't trust you, so how...oh great, I can see I won't be getting any sleep tonight...

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Anonymous Coward, Sep 11th, 2013 @ 6:29pm

    As more is revealed, there are probably other standards that they've had their fingers in. There will be fallout for all the revelations that have come from the Snowden releases.

    US corporations are going to pay a heavy price for this co-operation voluntary or involuntary before it is all over with. Every release reveals more things that need to be looked into.

    The NSA has no real place to hide anymore in the sense of just how deep they've been into gaining access to near everything.

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Anonymous Coward, Sep 11th, 2013 @ 8:23pm

    Re: Re: My detailed Canadian perspective on this

    We have ways of making you pronounce the letter "o."

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Lawrence D'Oliveiro, Sep 11th, 2013 @ 11:53pm

    No Big Surprise

    If this was NSA’s best attempt to subvert public security standards, it’s been a complete failure. It was obvious to experts in the field that there was something fishy about Dual EC DRBG from the beginning. With new developments in encryption, it’s very much a case of “worthless until proven worthy”: nobody takes a new idea seriously until it has survived multiple serious hammerings. And this one never quite made it beyond the worthless stage.

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    Lawrence D'Oliveiro, Sep 11th, 2013 @ 11:56pm

    Re: Even open source isn't completely safe if the NSA is running the show

    We have an old saying in Open Source: “many eyes make all bugs shallow”. This whole Dual EC DRBG debacle never got trusted to the point where it could do much damage, simply because there are too many smart people outside the NSA nowadays, who will find holes no matter how cunningly hidden.

    For example, look at the SELinux mandatory access control system built into the Linux kernel. It was primarily written by the NSA. Do we trust it? Yes, because the simple mention of those three letters “NSA” was already enough to attract a whole lot of extra scrutiny and suspicion.

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    Anonymous Coward, Sep 12th, 2013 @ 1:45am

    Re: Canada

    Blame Canada, blame Canada. They are not a real country anyway.

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    Anonymous Coward, Sep 12th, 2013 @ 3:00am

    Re: Re: Even open source isn't completely safe if the NSA is running the show

    really? who did the 'whole lot of extra scrutiny and suspicion' - not the NSA plant i hope?

     

    reply to this | link to this | view in thread ]

  19.  
    icon
    Ninja (profile), Sep 12th, 2013 @ 4:58am

    In the end maybe it's a good thing that all this shit has happened and hit the fan. Think about it for a while. You have a Govt espionage agency involved in crafting encryption standards. It's bound to be abused at some point even though that agency actually helps at first. That's why everything must be designed thinking of abuse because times change, people in charge change and at some point there will be abuse. I suspect this will spill over a myriad of stuff that really needs to be decentralized and taken away from the US (and any central country for the matter) such as ICANN and the likes.

    It's time we start adopting standards that are crafted, discussed in the open and enabled by everyone and nobody at the same time. Because that's what the Internet is, open and for all.

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Crusty the Ex-Clown, Sep 12th, 2013 @ 5:47am

    EC DRBG

    I'm sure it's been said before, but isn't the kludginess of EC DRBG in and of itself a red flag? It's as if they wanted it to be suspect and thus avoided in favor of another encryption which didn't appear to be compromised but, in fact, was. "Pay no attention to the man behind the curtain," and all that. I simply assume we're being herded towards their "preferred" solution.

    What are the odds that NSA had a role in the design of Bitcoin?

     

    reply to this | link to this | view in thread ]

  21.  
    icon
    Laroquod (profile), Sep 12th, 2013 @ 7:06am

    So let me get this straight. Canada, which recently passed a new copyright law OUTLAWING the public from cracking DRM encryption for ANY purpose on penalty of IMPRISONMENT -- at the direct behest (according to leaked docs) OF the U.S. governemt -- has been secretly cracking the public's encryption FOR the U.S. government.

    Maybe Canadians should just put DRM on all their online communications -- maybe then finally some spooks would go to jail. (Sorry, I was briefly indulging in the old school fantasy that the laws in a democracy apply to everyone. Forgive me naivete but I am, after all, over 40...)

     

    reply to this | link to this | view in thread ]

  22.  
    identicon
    Anonymous Coward, Sep 12th, 2013 @ 8:23am

    Re:

    zero influence from governments? good luck with that.

     

    reply to this | link to this | view in thread ]

  23.  
    icon
    Hephaestus (profile), Sep 12th, 2013 @ 7:33pm

    Weird thought.

    I think making it illegal to break encryption was a way for the NSA to prevent people from finding the flaws that they themselves created.

    Perhaps we should remove that law from the books.

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    Anonymous Coward, Sep 12th, 2013 @ 10:26pm

    I read the NIST statement. It didn't reassure me in the least. I'm sure it didn't reassure 99% of the other countries in the world either.

    The NSA "finessed" their way to the destruction of not only their own credibility, but also the credibility of NIST.

    Guess that's what happens when you're ball and chained to an organization such as the NSA.

     

    reply to this | link to this | view in thread ]

  25.  
    identicon
    Rafael Nunes, Dec 24th, 2013 @ 4:54am

    It's like Dan Brown's Digital Fortress.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This