Details Reveal Crypto Standard Controlled By NSA; And How Canada Helped

from the international-cooperation dept

After the revelations of how the NSA basically authored a crypto standard surreptitiously with obligatory backdoors, plenty of people started exploring exactly which standard it was -- and called on the various reporters with access to Snowden's documents to come clean, mainly to protect people who were now using insecure crypto. Buried in a blog post that focuses more on the NIST's non-response to the news, the NY Times finally revealed both what standard it was, the Dual EC DRBG standard, and how Canadian intelligence basically was the cover, helping to hide the NSA's efforts:
But internal memos leaked by a former N.S.A. contractor, Edward Snowden, suggest that the N.S.A. generated one of the random number generators used in a 2006 N.I.S.T. standard — called the Dual EC DRBG standard — which contains a back door for the N.S.A. In publishing the standard, N.I.S.T. acknowledged “contributions” from N.S.A., but not primary authorship.

Internal N.S.A. memos describe how the agency subsequently worked behind the scenes to push the same standard on the International Organization for Standardization. “The road to developing this standard was smooth once the journey began,” one memo noted. “However, beginning the journey was a challenge in finesse.”

At the time, Canada’s Communications Security Establishment ran the standards process for the international organization, but classified documents describe how ultimately the N.S.A. seized control. “After some behind-the-scenes finessing with the head of the Canadian national delegation and with C.S.E., the stage was set for N.S.A. to submit a rewrite of the draft,” the memo notes. “Eventually, N.S.A. became the sole editor.”
That same article notes that people inside NIST "feel betrayed by their colleagues at the NSA," but I wonder if NIST will ever be able to regain any real sense of trust with the crypto community.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: backdoors, canada, cyrpto, dual ec drbg, encryption, nist, nsa, nsa surveillance


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 11 Sep 2013 @ 3:59pm

    I hope not. Better start fresh with a new international body with ZERO influence from governments.

    link to this | view in thread ]

  2. identicon
    Anonymous Coward, 11 Sep 2013 @ 4:17pm

    This raises a seriously disturbing question

    We're now looking at an existence proof that the NSA has deliberately interfered with a cryptographic standards/development process in order to weaken/backdoor it.

    NSA personnel (and ex-NSA personnel) have been involved in US-based crypto in government, industry and academic for decades. They've been part of the work done on the math, the standards, the software, the hardware, the procedures, everything.

    Should we conclude that they've only done this once?

    link to this | view in thread ]

  3. identicon
    Anonymous Coward, 11 Sep 2013 @ 4:19pm

    Re:

    nah, open source is the only bet. no closed room shit, all out in the open and count on China/Russia/USA to point out all the weaknesses they dont want the enemy to exploit.

    link to this | view in thread ]

  4. icon
    Brent Ashley (profile), 11 Sep 2013 @ 4:23pm

    My detailed Canadian perspective on this

    Sorry.

    link to this | view in thread ]

  5. identicon
    Anonymous Coward, 11 Sep 2013 @ 4:35pm

    It's all right there in the name, hidden in plain sight.
    EC DRBG = Evil Canadian DiRtBaGs.

    (Of course, the C could also stand for Corrupt.)

    link to this | view in thread ]

  6. identicon
    Anonymous, 11 Sep 2013 @ 4:36pm

    Re:

    That was me, Anonymous, who posted that BTW.

    link to this | view in thread ]

  7. identicon
    Me, 11 Sep 2013 @ 4:46pm

    Even open source isn't completely safe if the NSA is running the show (in the sense it might take much longer than it otherwise would for the duplicity to be uncovered). The answer is at a minimum to blackball NSA personnel and alumni.

    link to this | view in thread ]

  8. identicon
    PRMan, 11 Sep 2013 @ 5:02pm

    Re: This raises a seriously disturbing question

    I wondered that very thing the first time I heard that AES was approved by the NSA.

    link to this | view in thread ]

  9. identicon
    PRMan, 11 Sep 2013 @ 5:02pm

    Re: My detailed Canadian perspective on this

    You mean, "Sow-ry".

    link to this | view in thread ]

  10. identicon
    Anonymous Coward, 11 Sep 2013 @ 5:23pm

    Canada

    Been saying for years: Canada is evil.

    But nobody will listen. Even their healthcare is sinister.

    link to this | view in thread ]

  11. icon
    OldMugwump (profile), 11 Sep 2013 @ 5:30pm

    Re: Blackball NSA personnel and alumni

    No, don't blackball them. They'll just go undercover.

    The real lesson is to trust no one.

    You must assume everyone is cheating and trying to slip a fast one by. Because some of them are, and you'll never know which ones.

    link to this | view in thread ]

  12. identicon
    Anonymous, 11 Sep 2013 @ 5:57pm

    Re: Re: Blackball NSA personnel and alumni

    Why should we trust you? Oh wait, you already said we shouldn't. But if we are to trust you, then we can't trust you, so how...oh great, I can see I won't be getting any sleep tonight...

    link to this | view in thread ]

  13. identicon
    Anonymous Coward, 11 Sep 2013 @ 6:29pm

    As more is revealed, there are probably other standards that they've had their fingers in. There will be fallout for all the revelations that have come from the Snowden releases.

    US corporations are going to pay a heavy price for this co-operation voluntary or involuntary before it is all over with. Every release reveals more things that need to be looked into.

    The NSA has no real place to hide anymore in the sense of just how deep they've been into gaining access to near everything.

    link to this | view in thread ]

  14. identicon
    Anonymous Coward, 11 Sep 2013 @ 8:23pm

    Re: Re: My detailed Canadian perspective on this

    We have ways of making you pronounce the letter "o."

    link to this | view in thread ]

  15. identicon
    Lawrence D'Oliveiro, 11 Sep 2013 @ 11:53pm

    No Big Surprise

    If this was NSA’s best attempt to subvert public security standards, it’s been a complete failure. It was obvious to experts in the field that there was something fishy about Dual EC DRBG from the beginning. With new developments in encryption, it’s very much a case of “worthless until proven worthy”: nobody takes a new idea seriously until it has survived multiple serious hammerings. And this one never quite made it beyond the worthless stage.

    link to this | view in thread ]

  16. identicon
    Lawrence D'Oliveiro, 11 Sep 2013 @ 11:56pm

    Re: Even open source isn't completely safe if the NSA is running the show

    We have an old saying in Open Source: “many eyes make all bugs shallow”. This whole Dual EC DRBG debacle never got trusted to the point where it could do much damage, simply because there are too many smart people outside the NSA nowadays, who will find holes no matter how cunningly hidden.

    For example, look at the SELinux mandatory access control system built into the Linux kernel. It was primarily written by the NSA. Do we trust it? Yes, because the simple mention of those three letters “NSA” was already enough to attract a whole lot of extra scrutiny and suspicion.

    link to this | view in thread ]

  17. identicon
    Anonymous Coward, 12 Sep 2013 @ 1:45am

    Re: Canada

    Blame Canada, blame Canada. They are not a real country anyway.

    link to this | view in thread ]

  18. identicon
    Anonymous Coward, 12 Sep 2013 @ 3:00am

    Re: Re: Even open source isn't completely safe if the NSA is running the show

    really? who did the 'whole lot of extra scrutiny and suspicion' - not the NSA plant i hope?

    link to this | view in thread ]

  19. icon
    Ninja (profile), 12 Sep 2013 @ 4:58am

    In the end maybe it's a good thing that all this shit has happened and hit the fan. Think about it for a while. You have a Govt espionage agency involved in crafting encryption standards. It's bound to be abused at some point even though that agency actually helps at first. That's why everything must be designed thinking of abuse because times change, people in charge change and at some point there will be abuse. I suspect this will spill over a myriad of stuff that really needs to be decentralized and taken away from the US (and any central country for the matter) such as ICANN and the likes.

    It's time we start adopting standards that are crafted, discussed in the open and enabled by everyone and nobody at the same time. Because that's what the Internet is, open and for all.

    link to this | view in thread ]

  20. identicon
    Crusty the Ex-Clown, 12 Sep 2013 @ 5:47am

    EC DRBG

    I'm sure it's been said before, but isn't the kludginess of EC DRBG in and of itself a red flag? It's as if they wanted it to be suspect and thus avoided in favor of another encryption which didn't appear to be compromised but, in fact, was. "Pay no attention to the man behind the curtain," and all that. I simply assume we're being herded towards their "preferred" solution.

    What are the odds that NSA had a role in the design of Bitcoin?

    link to this | view in thread ]

  21. icon
    Laroquod (profile), 12 Sep 2013 @ 7:06am

    So let me get this straight. Canada, which recently passed a new copyright law OUTLAWING the public from cracking DRM encryption for ANY purpose on penalty of IMPRISONMENT -- at the direct behest (according to leaked docs) OF the U.S. governemt -- has been secretly cracking the public's encryption FOR the U.S. government.

    Maybe Canadians should just put DRM on all their online communications -- maybe then finally some spooks would go to jail. (Sorry, I was briefly indulging in the old school fantasy that the laws in a democracy apply to everyone. Forgive me naivete but I am, after all, over 40...)

    link to this | view in thread ]

  22. identicon
    Anonymous Coward, 12 Sep 2013 @ 8:23am

    Re:

    zero influence from governments? good luck with that.

    link to this | view in thread ]

  23. icon
    Hephaestus (profile), 12 Sep 2013 @ 7:33pm

    Weird thought.

    I think making it illegal to break encryption was a way for the NSA to prevent people from finding the flaws that they themselves created.

    Perhaps we should remove that law from the books.

    link to this | view in thread ]

  24. identicon
    Anonymous Coward, 12 Sep 2013 @ 10:26pm

    I read the NIST statement. It didn't reassure me in the least. I'm sure it didn't reassure 99% of the other countries in the world either.

    The NSA "finessed" their way to the destruction of not only their own credibility, but also the credibility of NIST.

    Guess that's what happens when you're ball and chained to an organization such as the NSA.

    link to this | view in thread ]

  25. identicon
    Rafael Nunes, 24 Dec 2013 @ 4:54am

    It's like Dan Brown's Digital Fortress.

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.