MARK McARDLE I TECH TALK
Internet privacy concerns just keep growing.
IN FEBRUARY, I attended the annual RSA Security Conference in San Francisco. It’s a conference I’ve attended for many years, dating back to the mid-1990s when I was working at a startup fighting government policy regarding the use of strong encryption.
Strong encryption is what keeps the bad guys out of your business. It allows privacy in communication and storage. I believed then, and believe now, that without tools like encryption, we cannot have a useful Internet. But these tools do prove problematic to law enforcement. And that’s the heart of the conflict.
I’ve written previously about the initial impact the disclosures of former National Security Agency contractor Edward Snowden have made over the past year. To say the plot has thickened is an understatement.
New top secret National Security Agency material continues to be disclosed, and it has shone a bright light on the breadth and depth of the American (and by close connection, Canadian) Internet surveillance efforts.
In a story containing no shortage of controversy, one particular storyline has raised what I believe is something that may have a large and concerning effect. It is the alleged lengths the National Security Agency will go to in order to access digital communications. And according to a report in the U.K. newspaper The Guardian, this desire includes compromising through “covert influence” or other means the very cryptographic and security products we use every day.
If you stop and think about any broadly used system, whether it’s economic, cultural or digital, the underlying foundation of the system relies on trust. When you use a bank to store your savings, you are trusting that the bank is reliable, well managed and that when you need your money, it will be there. The same type of trust exists when you turn on your tap and pour yourself a glass of water. You trust that the underlying infrastructure that delivers your water is secure.
We have seen what happens when this basic trust is violated. There is a run on the banks. We nearly saw this in the economic banking crisis of 2008. And in Walkerton, we had a water tragedy.
When it comes to secure digital communications, the Internet infrastructure must be one we trust. We currently buy lots of things over the Internet, collaborate with business partners and do all kinds of banking. We have developed, over time, a trust that these things work securely. All of this is being put at risk by some very narrow thinking on the part of the National Security Agency.
It has been disclosed that the National Security Agency has weakened encryption products that were broadly used and, even after the disclosure, may still be in use. RSA, part of technology giant EMC, has been a pioneer in encryption and security products. In the early days, it helped create the infrastructure through its encryption toolkit, called BSAFE.
Perhaps some background on how this technology works can help explain the problem. One of the most important parts of any encryption system is the Random
Number Generator. This is because random numbers are used in lots of critical places in encryption. Things like encryption key generation. Keys must be kept secret and must be very hard to guess. Computers aren’t very good at randomness, so algorithms have been developed to draw randomness from different sources, and then mix these inputs in clever ways to come up with a stream of random numbers. But if you can predict any of the randomness, you can weaken the encryption. This is what has allegedly happened with one of the algorithms in the RSA’s BSAFE toolkit, called Dual_EC_DRNG. This algorithm was approved by the National Institute of Standards and Technology, the U.S. agency that sets federal standards for things like encryption, and works closely with the National Security Agency. Cryptographers have demonstrated how this algorithm can potentially be defeated, and the pressure was on RSA to do something. Shortly after the Snowden disclosures stated that the National Security Agency had weakened some encryption software, RSA sent a communication to their customers strongly recommending they cease using Dual_EC_DRNG. What does this really mean? Well, every company using BSAFE and this algorithm now questions the security of their communications and data. Adversaries (government or otherwise) who have access to this encrypted data may be able to decrypt it. This is the problem with putting a back door in any security system: You are assuming you are the only one who will know about it, and how to use it. And it is a fundamental betrayal by the National Security Agency.
As Edward Snowden put it, this agency is “setting fire to the future of the Internet.”
What can we trust? If I want to secure my laptop by using full disk encryption, which vendor do I use? How do I know it hasn’t been co-opted by the National Security Agency and weakened? If we start question- ing the security of our communications, we will use this medium much less. This has the terrible implication of less communication in a time when we need more, and potentially killing the usefulness of the Internet as a platform for our economies.
I hope the policy makers in Washington and Ottawa are thinking through the implications of their decisions to “capture everything, at any cost.”
As citizens, we need to understand these issues, and speak up. Our federal government needs to hear from us that it isn’t acceptable to surveil everything we do online, and it’s even less acceptable to weaken the security we all rely on.
Mark McArdle worked at a major Internet security company in Silicon Valley before returning to Waterloo Region, and has been involved in several privacy and security groups, including Canada’s Federal Privacy Commissioner’s External Advisory Panel. He welcomes readers’ comments at mark@gadgetfan.ca.