

A Brief History of NSA Backdoors - EthanHeilman
http://ethanheilman.tumblr.com/post/70646748808/a-brief-history-of-nsa-backdoors

======
bsirkia
Great summary.

"The NSA was deeply concerned with the public adoption by Americans of
cryptography that they couldn’t break".

Kind of a crazy concept, the agency tasked with our security can't let our own
personal security be too high.

~~~
gaius
Quite. Assuming that SELinux is secure[1] the NSA's mission should have been
to get it as widely adopted as possible, say. Same with GCHQ, it's #1 priority
should have been securing the systems of the UK, both public and private
sector.

[1] Open source doesn't help here, if the flaw is in the algorithm or the
seeds of it.

~~~
jordigh
> Open source doesn't help here, if the flaw is in the algorithm or the seeds
> of it.

Don't be so cynical about the intelligence of the smart cow. The smart cows
were able to figure out that the elliptic curve proposed by NIST was
backdoored by the NSA because it was basically choosing public keys to which
the NSA had the private keys. The smart cows actually figured this out a long
time ago, way before the Snowden leaks. So far, free access to the source has
enabled us to find the holes.

------
EthanHeilman
Added Actel backdoor.

------
bmelton
> The US and the UK had broken Enigma but had kept this fact secret so that
> countries would use these broken ciphers.

Does this even count as a 'backdoor'? As much fault as I find with NSA's
actions, I think of backdoors as the most malicious form of tradecraft. To me,
a backdoor is something that has been specifically designed to allow the NSA,
and likely _only_ the NSA, entry, despite it being otherwise secure.

I'm not a crypto guy, so perhaps I'm just looking at this naively, but I think
'broken' and 'backdoor' are two entirely different classes of things.

~~~
EthanHeilman
If you sell someone a cipher you can break but you don't tell them that you
have that capability I would classify that as a backdoor.

If you break the cipher after you sold it to them that might not be a
backdoor.

~~~
bmelton
But (at least as I understand it) they were being sold out of Germany, and not
by either the UK or US.

~~~
icegreentea
Read the footnote. Copied here:

"The British government insisted upon this silence because it has given the
thousands of Enigma machines that it had gathered up after the end of the war
to its former colonies as they gained independence and needed secure systems
of communication." p 979 The Codebreakers by David Kahn ↩

~~~
bmelton
That does indeed settle the matter. Thanks for the clarification.

