Slashdot Mirror

← Back to Stories (view on slashdot.org)

TCP/IP Might Have Been Secure From the Start If Not For the NSA

Posted by Soulskill on from the another-lash-for-the-whipping-boy dept.

chicksdaddy writes: "The pervasiveness of the NSA's spying operation has turned it into a kind of bugaboo — the monster lurking behind every locked networking closet and the invisible hand behind every flawed crypto implementation. Those inclined to don the tinfoil cap won't be reassured by Vint Cerf's offhand observation in a Google Hangout on Wednesday that, back in the mid 1970s, the world's favorite intelligence agency may have also stood in the way of stronger network layer security being a part of the original specification for TCP/IP. (Video with time code.) Researchers at the time were working on just such a lightweight cryptosystem. On Stanford's campus, Cerf noted that Whit Diffie and Martin Hellman had researched and published a paper that described the functioning of a public key cryptography system. But they didn't yet have the algorithms to make it practical. (Ron Rivest, Adi Shamir and Leonard Adleman published the RSA algorithm in 1977). As it turns out, however, Cerf did have access to some really bleeding edge cryptographic technology back then that might have been used to implement strong, protocol-level security into the earliest specifications of TCP/IP. Why weren't they used? The crypto tools were part of a classified NSA project he was working on at Stanford in the mid 1970s to build a secure, classified Internet. 'At the time I couldn't share that with my friends,' Cerf said."

5 of 149 comments (clear)

  1. In a way its a good thing it didn't happen by Viol8 · · Score: 5, Insightful

    It would be utterly obsolete by now and would just be a legacy function that would have to be supported for legacy apps and would be a security swiss cheese. TCP is better off just being a pure transport later protocol with modern crypto layered on top.

  2. IPX by Anonymous Coward · · Score: 5, Insightful

    If TCP/IP had included crypto, we'd all be using IPX now days...

    The reason TCP/IP proliferated was because it was light-weight and easy to implement. Crypto would have killed that.

    1. Re:IPX by Ralph+Wiggam · · Score: 5, Funny

      Don't bring a basic grasp of history and networking into this. We're being mad at the NSA.

  3. Misleading article. by jcochran · · Score: 5, Insightful

    Rather misleading article and slant there. It implies that the NSA deliberately took action to make TCP/IP insecure. However, in reality, the NSA merely didn't contribute their classified work towards the specification of TCP/IP. And frankly, that's a good idea. The overhead of encryption at that time would have been too much. Additionally, cryptography only gets better with time, so whatever algorithm that would have been selected would have long since been obsolete. And due to backwards compatibility, would still have to be implemented. After all, things like routers and such are a tad more difficult to update than programs.

  4. Re:Flamebait by Anonymous Coward · · Score: 5, Informative

    It also at the time would be been considered a state secret. Until the late 90s publishing any of a huge number of crypto tools to the international community was illegal. So even if he had permission to publish this research to the US, it couldn't be given out internationally. That's not the "NSA"s decision, that's was much higher up than them.