Slashdot Mirror
NSA Backdoors In Open Source and Open Standards: What Are the Odds?
New submitter quarrelinastraw writes "For years, users have conjectured that the NSA may have placed backdoors in security projects such as SELinux and in cryptography standards such as AES. However, I have yet to have seen a serious scientific analysis of this question, as discussions rarely get beyond general paranoia facing off against a general belief that government incompetence plus public scrutiny make backdoors unlikely. In light of the recent NSA revelations about the PRISM surveillance program, and that Microsoft tells the NSA about bugs before fixing them, how concerned should we be? And if there is reason for concern, what steps should we take individually or as a community?" Read more below for some of the background that inspires these questions.
quarrelinastraw "History seems relevant here, so to seed the discussion I'll point out the following for those who may not be familiar. The NSA opposed giving the public access to strong cryptography in the '90s because it feared cryptography would interfere with wiretaps. They proposed a key escrow program so that they would have everybody's encryption keys. They developed a cryptography chipset called the "clipper chip" that gave a backdoor to law enforcement and which is still used in the US government. Prior to this, in the 1970s, NSA tried to change the cryptography standard DES (the precursor to AES) to reduce keylength effectively making the standard weaker against brute force attacks of the sort the NSA would have used.
Since the late '90s, the NSA appears to have stopped its opposition to public cryptography and instead (appears to be) actively encouraging its development and strengthening. The NSA released the first version of SELinux in 2000, 4 years after they canceled the clipper chip program due to the public's lack of interest. It is possible that the NSA simply gave up on their fight against public access to cryptography, but it is also possible that they simply moved their resources into social engineering — getting the public to voluntarily install backdoors that are inadvertently endorsed by security experts because they appear in GPLed code. Is this pure fantasy? Or is there something to worry about here?"
Since the late '90s, the NSA appears to have stopped its opposition to public cryptography and instead (appears to be) actively encouraging its development and strengthening. The NSA released the first version of SELinux in 2000, 4 years after they canceled the clipper chip program due to the public's lack of interest. It is possible that the NSA simply gave up on their fight against public access to cryptography, but it is also possible that they simply moved their resources into social engineering — getting the public to voluntarily install backdoors that are inadvertently endorsed by security experts because they appear in GPLed code. Is this pure fantasy? Or is there something to worry about here?"
Reflections on Trusting Trust (PDF alert). Required reading for anyone with interest on that very topic. Written by Ken Thompson, in fact.
I can attest to the lack of backdoors in SELinux. I am the SELinux maintainer. I'm the guy responsible for it.
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/MAINTAINERS#n7166
I work for Red Hat. Not for the NSA. SELinux code does not go from me through the NSA, it actually goes the other way around. The NSA asks me to put code in the Linux kernel and I pass it to Linus. I have reviewed each and every line at one point or another.
The NSA may have some magic backdoor somewhere in the Linux kernel, but I'll stake my name that it isn't in the SELinux code.
GP wrote: and no, there isn't a magical NSA backdoor in Windows either, get over it conspiracy fanboys
You are forgetting something. A pretty BIG BACK DOOR into windows that has been known and confirmed for some time now.
“...the result of having the secret key inside your Windows operating system “is that it is tremendously easier for the NSA to load unauthorized security services on all copies of Microsoft Windows, and once these security services are loaded, they can effectively compromise your entire operating system“. The NSA key is contained inside all versions of Windows from Windows 95 OSR2 onwards”
It's always interesting to see what (some of the best attempts at) intentional code obfuscation can look like:
http://www.ioccc.org/
This is often quoted as an example of NSA's supposed superiority in cryptography but that happened back in the '70s when there were hardly any cryptographers or computers in the world.
The knowledge gap between the NSA and independent cryptographers has closed a lot since then.
No sig today...
Much more relevant to this discussion is the underhanded C contest where backdoors much be introduced in innocuous-looking C code. There's an art to it.
Non-Linux Penguins ?
You're probably thinking of DES rather than AES with regards NSA provided s-boxes. IIRC said s-boxes in DES were changed by the NSA with no real explanation. Some years later when differential cryptanalysis was discovered in the non-secret world it turned out that the change actually hardened DES against such an attack - so in this case the NSA created a stronger algorithm. See wikipedia.
Let me add a few datapoints here, as a reminder...
1) The AES competition was launched in part because DES and 3DES were cracked by EFF using FPGA-based brute-force decryption machine. Source :
https://en.wikipedia.org/wiki/EFF_DES_cracker
https://w2.eff.org/Privacy/Crypto/Crypto_misc/DESCracker/HTML/19980716_eff_des_faq.html
As a reminder, DES was THE standard crypto algorithm, vetted and approved by NSA. It could be cracked by EFF only because of Moore's Law and some serious budget and effort.
2) Public-key cryptography was invented separately at GCHQ (UK NSA) and NSA itself, several years *before* Diffie-Hellmann. Source:
https://en.wikipedia.org/wiki/Public-key_cryptography#History
So, yes, these people (NSA/GCHQ) are very good at what they do. They have had at least 10 years of head-start, since cryptography was considered for many years just a branch of mathematics in academic circles. These guys work on nothing but crypto and digital/analog communications, year in, year out. Do not underestimate them.
3) One of the first electronic computers, was delivered to the NSA in the 1950s. NSA later suggested improvements to the company that built it. The first Cray supercomputers were delivered straight to NSA. Again, that was in the 1950s, when most computer companies (IBM comes to mind) were still struggling to define what a computer was good for. Source:
http://www.nsa.gov/public_info/_files/cryptologic_quarterly/digitalcomputer_industry.pdf
http://www.physics.csbsju.edu/370/mathematica/m1_eniac.pdf
4) The NSA and GCHQ have a long history of backdoors. They love these things, as they make their life so much easier. Read on Venona, Enigma, Ivy Bells: all of these were made possible by intercepting/copying one-time pads, selling "unbreakable" German encryption machines and tapping undersea Russian cables. And I am willing to bet these are just a small fraction of what these people have done over the years. Source:
https://en.wikipedia.org/wiki/Venona_project
https://en.wikipedia.org/wiki/Enigma_machine
https://en.wikipedia.org/wiki/Operation_Ivy_Bells
Again, this is just a small fraction of what NSA and GCHQ have done over the years. So, yes, suspecting backdoors in open-source software is... shall we say... only natural.
If I was paid to be a professional paranoid, I would be taking a very long hard look at my computers and telecom equipment right now.
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
You'd never know the official langauge of the country was English.
That's probably because it's not....
The US, on principle, never adopted an official language in the way most other countries do.