Snowden leaks point to cryptography backdoors

September 6, 2013 // 10:02 a.m.

Tags: #cryptography #edward-snowden #encryption #gchq #insecurity #nsa #open-source #privacy #security #the-guardian

The latest leak from whistleblower Edward Snowden's cache of classified material suggests that the US National Security Agency (NSA) and UK Government Communications Headquarters (GCHQ) have been working with software and hardware developers to insert weaknesses and backdoors into cryptographic products.

Cryptography is the art of scrambling information such that, in an ideal world, it appears as nothing more than random noise to anybody but the intended recipient. It's used in everything from military communications systems to web browsers, and protects secrets as important as nuclear missile codes to your credit card details and banking passwords. Cryptographic encryption is also used commercially, in digital rights management (DRM) systems like High-bandwidth Digital Content Protection (HDCP) as a means of attempting to curb piracy.

Sadly, the latest leak from Snowden's files suggests that many encryption systems provide little more than the illusion of security thanks to backdoors inserted into their code by the NSA and GCHQ under projects dubbed Bullrun and Edgehill - two famous battles from American and English civil wars, offering a worrying insight into the mindset of those who authorised such programmes, confirmed by the official designation of users of these packages as 'adversaries' - even if they're just sending private emails, or doing their shopping online.

According to details published by the Guardian last night, which GCHQ and NSA officials had asked remain secret, Bullrun and Edgehill are long-running projects by the NSA and the GCHQ respectively to cripple the efficacy of commercial encryption products in order to further their efforts at total information capture.

The NSA's Bullrun programme, Snowden's files claim, enjoys a budget in the hundreds of millions of dollars - ten times higher than the previously-leaked Prism information capture system - and operates at Top Secret and above levels of classification. The reason for such secrecy: the programme is claimed to 'leverage sensitive, co-operative relationships with specific industry partners' to insert back door access or other weaknesses into commercial security and cryptography products.

The revelation has privacy advocates and security experts up in arms, but such things have long been rumoured: the NSA was accused of inserting a backdoor into Microsoft's Windows operating system which gave it full and unrestricted access to users' files, even when encrypted - a claim that Microsoft has denied for years.

Snowden's leak also tells of efforts, under the unlikely codename Project Cheesy Name, to identify potentially weak Secure Socket Layer (SSL) certificates for brute-force cracking attempts - which, if successful, would allow the NSA to run servers that pretend to belong to the owner of the certificate, or decrypt in real-time any captured traffic destined for the real servers.

In a separate feature for the Guardian, security expert Bruce Schneier offers advice for protecting yourself against such all-encompassing spying: use of encryption, even if weakened; use of anonymising services such as Tor; automatic suspicion of any closed-source commercial packages, especially those from larger US-based companies; and the use of public-domain, source-based encryption systems.

Even the use of open-source software packages - into which it would be extremely difficult for the NSA to plant a backdoor, thanks to the public having full and transparent access to the source code - may not offer complete protection, however: leaked details surrounding Bullrun suggest that the NSA uses a network of supercomputers to perform brute-force attacks against encrypted data to which it does not have a master key. Protection against this type of attack comes from the user: passwords must be long enough and complex enough to not fall to such an attack, and when given the option of key length - measured in bits - the longest supported by the software should be chosen, even at the cost of performance.

One thing is clear from the leak, however: commercial security software which does not provide the complete source code is, clearly, not to be trusted.