Futile Work
  • Home
  • News
    • Articles Of Interest
    • Numbers In The News
    • Life and Humanity
    • Quotes
    • Futile Updates
  • Curio
    • The Wonder of Lasers
    • Japan 2011 Psyop
    • Know Your Rights
    • Masonic Symbols and the LDS Temple
    • The Nun's Story
    • Special Edition
    • Explosion On The Launch Pad
  • Archive
    • Dave McGowan
    • Document Archive
    • Multi Media
    • Time For A Laugh
  • Blog

Articles of Interest

How far did the NSA go to weaken cryptography standards?

9/11/2013

 
nws.club/R2U
It started with an almost throwaway line in The Guardian's bombshell NSA cryptography story. After pages of shocking revelations, the article revealed one secret document showing that the NSA had "worked covertly to get its own version of a draft security standard issued by the US National Institute of Standards and Technology approved for worldwide use in 2006. 'Eventually, NSA became the sole editor,' the document states."

The National Institute of Standards and Technology is usually seen as an impartial judge of standards, so this was potentially catastrophic. This week, NIST denied the allegations, saying they would never "deliberately weaken a cryptographic standard," but the damage was done. Had the NSA been poisoning the well of cryptography?

The articles don't name specific programs as a concession to law enforcement, but the program was widely assumed to be a standard called the DUAL_EC_DRBG, which many have suspected of being an NSA plant for years. The algorithm works as a random number generator, but if it doesn’t work as advertised, it could easily serve as a backdoor codebreak for a third party like the NSA. (Most encryption schemes rely on random numbers to foil code-breakers, but if the NSA can guess the "random" string, it makes the code much easier to crack.) Early suspicions were also raised by two Microsoft engineers, John Kelsey and Niels Ferguson, which is consistent with the New York Times' description of the plant. If it's true, it's both good and bad news: the NSA really did get a bad standard approved by one of the most important boards in cryptography, but it probably didn't do them any good.

Unlike earlier leaks, this one comes with a lot of caveats — starting with the fact that DUAL_EC_DRBG was never widely adopted. When it was approved, it was included among three other standards, all of which were faster and more effective, so the NSA's choice was never a favorite. "I can tell you as a crypto professional, I took one look at it and said, that's gonna be slow, and then forgot about it," says Silent Circle CTO John Callas, who was working on cybersecurity for Apple at the time. When larger concerns were aired, a year after the fact, it was more important to NSA watchers than cryptography pros. For the most part, the standard had already been dropped. As Callas put it, "If the NSA had $250 billion for cryptography backdoors and the best they could do was Dual_EC, then we have nothing to fear from them."

It's also unlikely that NIST's own working group was compromised by any NSA covert action. Miles Smid was on the NIST working group that approved the standard and has since moved on to private contracting. He says any NSA involvement was fully disclosed, and happened before the group ever convened. "I don't recall that there was anything shadowy having to do with it," Smid recalls. "NIST is part of the government and so is the NSA. The NSA has submitted candidate algorithms in the past, and NIST treats them like any other submissions."

According to Smid, when NIST saw the standard had already been approved by a banking-industry trade group, they bundled it with the other recommendations and moved on. More importantly, the NSA's involvement in the standard was clear from the beginning. The two groups are known for working closely together and, as today’s statement pointed out, NIST is required by statute to consult with the NSA, which is still the government’s authority in all things crypto. DUAL_EC_DRBG was known from the start to have been coauthored by the NSA, and what The Guardian described as "working covertly" may have simply been the NSA openly lobbying for their in-house standard.

It's still unclear just how alarmed the crypto world should be. On some level, the community's safeguards worked: a bad standard was identified early and kept out of products. NIST may not have caught the problem, but the bad standard also didn't spread very far beyond the organization. With enough eyes on the problem and enough skepticism, a faulty random-number generator was never going to get very far.

But at the same time, the problem is much bigger than a single bad standard. Because of Snowden, we now have confirmation that the NSA purposefully spread a bad algorithm, which calls into question much more than just a single program. NSA algorithms are the basis for lots of products, many of which guard sensitive government information. There's no reason to doubt any particular one, but after this latest leak, they'll all be called into question. If NSA standards can't be trusted, many of the tools of modern cryptography will have to be rewritten. The biggest problem is that cryptographers don’t yet know how widespread the issue really is.


http://www.theverge.com/2013/9/11/4718694/how-far-did-the-nsa-go-to-weaken-cryptography-standards

jump to top | return to articles home

Comments are closed.
    Articles Home

    RSS Feed

    Archives

    March 2021
    January 2021
    November 2020
    June 2020
    November 2019
    October 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    August 2017
    July 2017
    April 2017
    March 2017
    December 2016
    October 2016
    September 2016
    June 2016
    May 2016
    April 2016
    March 2016
    February 2016
    December 2015
    October 2015
    August 2015
    July 2015
    June 2015
    May 2015
    April 2015
    March 2015
    February 2015
    January 2015
    December 2014
    November 2014
    October 2014
    September 2014
    August 2014
    June 2014
    May 2014
    April 2014
    February 2014
    January 2014
    November 2013
    October 2013
    September 2013
    August 2013
    July 2013
    June 2013
    May 2013
    April 2013
    March 2013
    February 2013
    January 2013
    December 2012
    November 2012
    October 2012
    September 2012
    May 2012
    December 2011
    November 2011
    October 2011
    September 2011
    July 2011
    May 2010
    April 2010
    May 2006
    December 2004
    October 2003
    June 2002
    September 2001
    February 2001
    February 1998

New Here?

Updates
About

Miscellany

​Contact
Disclaimer

Search

  • Home
  • News
    • Articles Of Interest
    • Numbers In The News
    • Life and Humanity
    • Quotes
    • Futile Updates
  • Curio
    • The Wonder of Lasers
    • Japan 2011 Psyop
    • Know Your Rights
    • Masonic Symbols and the LDS Temple
    • The Nun's Story
    • Special Edition
    • Explosion On The Launch Pad
  • Archive
    • Dave McGowan
    • Document Archive
    • Multi Media
    • Time For A Laugh
  • Blog