Forgot your password?
typodupeerror
Security Encryption United Kingdom

UK Cryptographers Call For UK and US To Out Weakened Products 105

Posted by Unknown Lamer
from the instead-they-disappear dept.
Trailrunner7 writes "A group of cryptographers in the UK has published a letter that calls on authorities in that country and the United States to conduct an investigation to determine which security products, protocols and standards have been deliberately weakened by the countries' intelligence services. The letter, signed by a number of researchers from the University of Bristol and other universities, said that the NSA and British GCHQ 'have been acting against the interests of the public that they are meant to serve.' The appeal comes a couple of weeks after leaked documents from the NSA and its UK counterpart, Government Communications Headquarters, showed that the two agencies have been collaborating on projects that give them the ability to subvert encryption protocols and also have been working with unnamed security vendors to insert backdoors into hardware and software products."
This discussion has been archived. No new comments can be posted.

UK Cryptographers Call For UK and US To Out Weakened Products

Comments Filter:
  • by Anonymous Coward on Tuesday September 17, 2013 @02:10AM (#44870589)

    Let's start with these as they are of great importance and often fall behind with updates.

    Google search:

    cisco routers backdoor
    cisco routers rootkit

    • by Anonymous Coward

      What makes you think non-proprietary routers or routers that come with source code aren't backdoored? Plenty of complexity to hide the malware in, plus the possibility of compromised hardware. There is quite a bit of firmware code in for example a Gobi 3G modem that your open source kernel can't do much about but send USB urbs to. It sometimes crashes and does weird things, and needs to be power cycled from time to times. I'm sure that there are other pieces of hardware in many routers that aren't yet revie

      • "A group of cryptographers in the UK has published a letter that calls on authorities in that country and the United States to conduct an investigation to determine which security products, protocols and standards have been deliberately weakened by the countries' intelligence services

        You seriously think this plan will work ?

        I'm afraid not.

        It's as if there is still conscience left in the governments of the two countries.

        If there was any conscience to start with, the government wouldn't have allowed their spooks to spy on their own people, in the first place.

        It's also like asking a thief to confess to which items he has stolen.

        It's like trusting the th

      • What makes you think non-proprietary routers or routers that come with source code aren't backdoored?

        To each problems it own tool.

        Planting backdoors (i.e.: definitely malicious code) is easier in a definitely closed environment, were very few people can see the code, and the one which understand it can easily by hushed by orders of top management.

        In opensource software, that is a little bit more complicated, because the code is open and a lot more people are reading it. Hidden malicious stuff will get discovered eventually. The only variation is the amount of time until discovery. And again all it takes is

    • by rvw (755107)

      Let's start with these as they are of great importance and often fall behind with updates.

      Even if these routers have updates available, when will they be applied? Looking at myself - I can't remember if I have ever checked for an update for my current router, which is three years old. Once I installed dd-wrt on a router, but did I ever install an update? I believe not. If I forgot about this, and don't do this on a regular basis, how about the people nextdoor, colleagues, family who don't know that a router is a computer in itself and can be updated?

    • ...when you factor in the chinese backdoor that are here too, it's starting to be a bid crowded inside.

      BTW: Speaking of China, maybe that's where to start asking question -
      The UK cryptographer should ask the FSB and MSS to out products which got weakened by UK and US.

      Very probably the russian and the chinese have knowledge about them too (In theory FSB and MSS are also intelligence agencies, so they should have done they own investigation and perhaps uncovered a few while doing their own security assessment

  • by Anonymous Coward

    yeah,right.... they're going to give up the gold just like that!...

    • by Anonymous Coward

      what's more the boffins at Bristol think they care about "the public interest." Reality check, blokes.

      • Re:hahhaha (Score:5, Insightful)

        by F.Ultra (1673484) on Tuesday September 17, 2013 @02:57AM (#44870751)
        No they think that the _should_ care about the public interest since that is why we have them. If they do not serve the public interest we should abolish them.
        • Re: (Score:2, Informative)

          by murdocj (543661)

          And part of "the public interest" is tracking down the people who want to drop off a truck bomb at the shopping center I'm going to be at. And part of tracking those people down is monitoring their communications.

          • Re:hahhaha (Score:4, Insightful)

            by Anonymous Coward on Tuesday September 17, 2013 @06:56AM (#44871575)

            How many truck bombs have been set off in your town? And if you think the long string of successful non-explosive days is thanks to the alphabet soup agencies, I have a lovely truck bomb preventing rock here I'd be willing to part with for a few thousand dollars.

          • Re:hahhaha (Score:4, Insightful)

            by ultranova (717540) on Tuesday September 17, 2013 @11:39AM (#44874267)

            And part of "the public interest" is tracking down the people who want to drop off a truck bomb at the shopping center I'm going to be at. And part of tracking those people down is monitoring their communications.

            1) You know some particular person is planning to bomb a shopping center. You don't need bugged encryption protocols, you can simply get a warrant to keep them under surveillance until you have enough evidence to arrest them.

            2) You know there's a plan to bomb the shopping center, but don't know who's involved. Fortunately truck bombs need lots of materials, such as fertilizer, so start asking local sellers. And as a last resort you could simply stop and search every truck that approaches the center - you have probable cause, after all.

            3) You don't know anything, but have a gnawing suspicion that some unspecified bad guy might be planning an attack against an unspecified shopping center for unspecified reason at unspecified date. Thus, you want the right and ability to open random letters on the off chance that these shadowy figures are discussing their evil plans on them. In this case, have you considered getting psychiatric help? Because it sure sounds like classic paranoia to me.

      • Re:hahhaha (Score:5, Interesting)

        by TheRaven64 (641858) on Tuesday September 17, 2013 @03:56AM (#44870977) Journal
        The problem is that the NSA and GCHQ have dual mandates. They are responsible for both ensuring their respective countries are not vulnerable to attacks and for ensuring that they have techniques for attacking others. This means that when they discover a vulnerability in a piece of widely deployed software, they have conflicting requirements. If they publish it, then the systems that they're defending will be safer because it will be fixed, but if they don't publish it then the systems that they're attacking will remain vulnerable. This gets even worse when they start introducing intentional back doors (given how many Russian spies there were in these institutions during the Cold War, it's pretty much expected that there will be some Chinese spies in there now, so those back doors are almost certainly not secret).
        • Splitting these organizations into separate parts, each with a different mission could fix that, but effective oversight would be required.
          • by Ash-Fox (726320)

            They do have separate parts. One is to protect the United Kingdom, the other is to protect the United States.,

          • Effective oversight IS required. Whether they are split up, remain as they are, or dissolved. Since even if they go away, there are going to be government agencies and private investigators who are going to continue to try and get away with this crap.

            This is not a genie that can be tricked into going back into the bottle.

        • The problem is that the NSA and GCHQ have dual mandates. They are responsible for both ensuring their respective countries are not vulnerable to attacks and for ensuring that they have techniques for attacking others.

          I read a science fiction story a year ago (Daemon) that had the absolute best idea of very specific crypto usage, and I _really think_ the current NSA and such have always been implementing that.

          They assume that "We're [the NSA] Number One" and everybody else is either behind or way, WAY behind. So: they weaken the initial crypto magic number standards just enough so that they can still manage to break it. #2 will eventually figure it out (or 13 can just ask 1600) and the #3 guys could just ask nicely [theguardian.com],

    • I agree, only tokens untill wikileaks or some other expose the docs, and then the politians will make excuses.

      Too much work already and this is probably a lot bigger than anyone thinks.
      • by Anonymous Coward

        -1 for douche-bag font.

        And because people posting from typewriters don't have much to offer on cryptography in electronics, despite bugs having been placed in typewriters in the past.

  • Unlikely (Score:5, Insightful)

    by AmiMoJo (196126) * <{ten.3dlrow} {ta} {ojom}> on Tuesday September 17, 2013 @02:22AM (#44870629) Homepage

    Does anyone really expect these criminal organizations, headed by the kind of people who set up a Star Trek style command bridge, are going to do the right thing? The only way to deal with these scum is to shut them down and start from scratch.

    • acting against the interests of the public that they are meant to serve.

      Your right although the organizations are not being treated like criminals by the powers that be, more like rewarded as an owner rewards a guard dog. We the public are the enemy/being treated like we are all criminal "terrorists" so they are defiantly not operating in our interests - surely this is obvious at this point, or are the researchers just being polite?

    • by Xemu (50595)

      Does anyone really expect these criminal organizations, headed by the kind of people who set up a Star Trek style command bridge, are going to do the right thing?

      Sure. The Star Trek bridge seems to indicate that it's an organisation headed by a trekkie, so I think there is a pretty good chance they are geeks and will do the "right thing". I would be more worried if they had built a replica of the White House and was an organisation headed by politicans or lawyers.

      The only way to deal with these scum is to

  • Likely outcome (Score:5, Insightful)

    by return 42 (459012) on Tuesday September 17, 2013 @02:27AM (#44870643)

    I suspect the agencies will make a great show of reluctance, then reveal what they did to some protocols and algorithms -- those where the backdoors are most likely to be noticed, or have already been found, such as Dual_EC_DRBG. The crown jewels, those least likely to be noticed, will remain secret. Nothing to see here folks, move along.

    NSA and GCHG couldn't care less about the public interest. They have a mandate to spy on as much as possible on the off chance that it may prevent some terrorist act. They will continue to do so in any way they can unless the legislative bodies or courts in their respective nations rein them in. This seems moderately likely in the US, quite unlikely in the UK.

    • by loustic (1577303)
      Why would you ask the government to do it? They were caught red handed in the first place!
    • Re:Likely outcome (Score:5, Insightful)

      by FriendlyLurker (50431) on Tuesday September 17, 2013 @03:31AM (#44870867)

      on the off chance that it may prevent some terrorist act. .

      Oh, that must mean those terrorist organizations like Occupy Wall Street [motherjones.com], - or any other community based activist group trying to agitate for improved conditions for the people. Must be why we are treated as the enemy.

      • by easyTree (1042254)

        Duh. *They* are in a tower-block and we are the zombie horde climbing the walls. What would *you* do to maintain the relative positions?

        • by Anonymous Coward

          Play re-runs of popular football(soccer) matches on large screens whilst playing the anti-sound to 'brains......' over the speakers?

      • by jhol13 (1087781)

        ... incorrect moderation, sorry

      • by tlhIngan (30335)

        Oh, that must mean those terrorist organizations like Occupy Wall Street, - or any other community based activist group trying to agitate for improved conditions for the people. Must be why we are treated as the enemy.

        OWS scared bankers and traders - the people with money. Those people called their senators and reps and action got taken.

        OWS terrorized those with money (i.e., power) therefore the OWS guys get branded as terrorists.

        Remember, the victor writes the history books.

        Proles like you and me? No money

    • Re:Likely outcome (Score:4, Insightful)

      by mrspoonsi (2955715) on Tuesday September 17, 2013 @03:47AM (#44870927)
      It needs more people to be outraged by it, to what lengths are people willing to accept this kind of intrusion? If these spy agencies shipped all domestic post to a 3rd country, where it was opened, photocopied, stored then sent on its way, people would be doing a Bastille style take down, yet somehow because these letters (email) are electronic, and it does not need a huge complex of Stasi officers doing the actual work, then it is OK for most of the people?

      Well I say to those people, your liberty is gone, a form of government is in place which is open to internal corruption / blackmail, there is a massive abuse of power going on. Information is power, and the next President, well the NSA, FBI, etc might just have a file on said future president, all his little secrets, so the President is in their pocket so to speak.

      Remember, for a true democracy, government needs to be transparent.
    • Re: (Score:2, Interesting)

      by Anonymous Coward

      What makes you believe spying on everybody, including politicians and military, are about preventing terrorism? The Information Dominance (look it up), is for just that: Dominance. By an unaccountable entity.

    • Re:Likely outcome (Score:5, Interesting)

      by Walterk (124748) <`dublet' `at' `acm.org'> on Tuesday September 17, 2013 @04:21AM (#44871061) Homepage Journal

      Interesting you raise the point about the "mandate to spy on as much as possible on the off chance that it may prevent some terrorist act".

      There is a very interesting article on the BBC blogs indicating just how useless MI5 has been at any sort of intelligence gathering, even the sort that's been painfully obvious over it's entire existence. It's opening gambit: "Maybe the real state secret is that spies aren't very good at their jobs and don't know very much about the world".

      http://www.bbc.co.uk/blogs/adamcurtis/posts/BUGGER [bbc.co.uk]

    • Re:Likely outcome (Score:4, Insightful)

      by AmiMoJo (196126) * <{ten.3dlrow} {ta} {ojom}> on Tuesday September 17, 2013 @06:31AM (#44871469) Homepage

      We have to assume everything up to this point is compromised and start pretty much from scratch. Replace AES with TwoFish, re-design all the lower level protocols, increase all key lengths, remove any ability to downgrade security and mercilessly cut off clients that don't upgrade when an issue is found.

      The whole trusted certificate system has to be replaced as well, which is going to be hard.

      • by Gr8Apes (679165)
        What makes you think TwoFish is any better? Or that the lower level protocols you will create will be any better? We have source for many of these. There are other ways of making things secure.
      • by Dan Ost (415913)

        We have to assume everything up to this point is compromised and start pretty much from scratch. Replace AES with TwoFish, re-design all the lower level protocols, increase all key lengths, remove any ability to downgrade security and mercilessly cut off clients that don't upgrade when an issue is found.

        I don't think any of that is strictly necessary. Verify the math and inspect the implementations, but there's no need to throw it all away. Some amount of paranoia is justified, but throwing it all away goes too far.

        The whole trusted certificate system has to be replaced as well, which is going to be hard.

        I agree there are serious issues with the current system, but I am at a loss to come up with what would replace it.

        • by AmiMoJo (196126) *

          The problem is that the NSA knows things about cryptography that we don't. In that sense they may have chosen AES over TwoFish because AES is more secure, but with the recent revelations it seems more likely that it was chosen because AES is weaker and/or they were able to modify it in such a way that they have a backdoor.

  • by Anonymous Coward

    GSM standard was weakened from 128 to 64, at the time at an explicit NSA request during the standard creation.
    Even the NSA themselves talk about strenghtening the security of a GSM signal:
    http://www.nsa.gov/ia/_files/Mobility_Capability_Pkg_Vers_1_2.pdf

    • by Quila (201335)

      At least the French admitted they wanted GSM encryption weak so they could break it.

  • by c0lo (1497653) on Tuesday September 17, 2013 @03:17AM (#44870823)

    conduct an investigation to determine which security products, protocols and standards have been deliberately weakened by the countries' intelligence services

    I couldn't care less which are the ones that were weakened deliberately or by honest mistake. I'd feel much better if I'd know which algos/constants are still safe and/or what can be done with the algos/constant-sets that are under doubt.

    Also, a simpler alternative to an unnecessary complicated IPSEC spec would be good (on the line of "as simple as possible, but no simpler") - though I expect this would be an engineering job rather than a pure crypto one.

    • by drinkypoo (153816)

      a simpler alternative to an unnecessary complicated IPSEC spec

      What is it about IPSEC that you find unnecessarily complicated?

      • by c0lo (1497653)
        I'll let others speak, as they do it better [schneier.com].

        Our main criticism of IPsec is its complexity. IPsec contains too many options and too much flexibility; there are often several ways of doing the same or similar things. This is a typical committee effect. Committees are notorious for adding features, options, and additional flexibility to satisfy various factions within the committee. As we all know, this additional complexity and bloat is seriously detrimental to a normal (functional) standard. However, it has a devastating effect on a security standard.

        (my emphasis).

        • by drinkypoo (153816)

          The problem is that while there is overlap, the functions are still not identical. All traffic is intended to be in transport mode, tunnel mode is there only to replace unencrypted tunnels. And AH was created to provide auth without encryption explicitly, not just using a null cipher which was intended for testing, not actual use.

        • Some of that is the IKEv1 design issue. You had an exponentially increasing combination of hashes, authentication methods and encryption methods. Which has been fixed in IKEv2 where you only offer "suites" to the client, plus a bunch of other improvements [blogspot.com].
  • by wonkey_monkey (2592601) on Tuesday September 17, 2013 @03:41AM (#44870913) Homepage

    A group of cryptographers

    I believe the correct term is a crib.

  • After WWII German enigma & lorenz machines were being sold to other nations as uncrackable. It was the forerunner to GCHQ, Bletchley Park which cracked them during the war and then buried all evidence of it.

  • by Anonymous Coward

    ackcray isthay ouyay insensitiveway odclay!

  • if there is one brand of router that has been compromised, it's Cisco. why? simple, they are super popular and the NSA doesn't play nice. Cisco owns Linksys, so a huge amount of routers in people's homes have a backdoor just waiting to be used.

  • by Anonymous Coward

    Did you ever thought of asking a burglar what he has taken from your house? and trusting his answer?

    • Particularly when the burglar looks less like brilliant master thief Lara Croft and more like a big hairy dude with a hammer.

  • 250 mil per year buys you a lot of backdoors.

  • The cryptographer doth protest too much.

    PGP released mid 90's was pulled back and off the Internet for 6+ mo. Then re-launched with a wink and a nod for general consumption.

  • by mspohr (589790)

    It is naive to believe that "the authorities" would conduct any kind of real investigation and release any real information on back doors. This is the proverbial fox guarding the hen house problem.
    It would be much more effective to has a "backleaks" type web site where the programmers and managers who are aware of these back doors could silently post about compromised software. Then, the accused software could be investigated (easier if open source).
    There are probably many people who know about compromised

  • The NSA has an interest in strong encryption as much as they do in subverting encryption. Take as an example the work they did with (read "for") IBM on DES.

    "It took the academic community two decades to figure out that the NSA 'tweaks' actually improved the security of DES." -Bruce Schneier

    http://en.wikipedia.org/wiki/Data_Encryption_Standard#NSA.27s_involvement_in_the_design [wikipedia.org]

  • Al queda, etc. aren't that tech savvy, compared to, say, the DoD. To the extent they communicate electronically, they're doing so via "off the shelf" civilian-accessible means. NSA and GCHQ aren't stupid. they haven't compromised garden variety technologies to the point they're vulnerable to garden variety criminals. No nerd with a Beowulf cluster will crack it. That said, the spooks aren't slumming with Beowulf clusters either. And they're not going to do anything to enhance the security of such civilian t

The biggest mistake you can make is to believe that you are working for someone else.

Working...