We thought we won the Crypto Wars, the fight to make strong encryption accessible to all, in the 1990s.1 We were wrong. Last month, Reuters broke news about a deal struck between the popular computer security firm RSA and the National Security Agency. RSA reportedly accepted $10 million from NSA to make Dual_EC_DRBG—an intentionally weakened random number generator—the default in its widely used BSAFE encryption toolkit.
RSA encryption tools are an industry standard used by large tech companies and individuals alike, to protect hundreds of millions of people by encrypting our daily online interactions. We trust RSA’s encryption every time we rely on the security of our communications, including our email, financial and e-commerce transactions, medical and legal records, web searches, airplane traffic communications, text messages, and phone calls. Without trustworthy encryption, safe business transactions are impossible and speech is chilled.
The allegation of the $10 million RSA/NSA deal compounded with leaks earlier in the year about NSA’s efforts to sabotage global cryptography has lead some speakers to withdraw from the 2014 RSA Conference in San Francisco, which attracts some 25,000 attendees each year. Nine speakers have canceled their coveted slots and many have chosen to speak instead at TrustyCon, an alternative conference started this year to provide a platform for speakers who protest RSA and NSA's long-standing collaboration.
At the same time and around the corner from the RSA Conference in San Francisco, TrustyCon is a “Trustworthy Technology Conference” organized by DEF CON, EFF, and iSEC Partners. All proceeds from TrustyCon will be donated to the Electronic Frontier Foundation to support our work against illegal and unethical government surveillance all over the world.
A Shortlist of Rockstars
Those who abandoned their speaking gig at the RSA conference are a shortlist of rockstars in the world of Internet security, including privacy lawyer and EFF Special Counsel Marcia Hoffman; Chris Soghoian, a principle technologist at the ACLU's Speech, Privacy and Technology Project; and Jeff Moss, founder of DEF CON. The idea behind the alternative event is to underline the importance of “the technical, legal and ethical underpinnings of a stronger social contract between users and technology.”
Chief security researcher at F-Secure Mikko Hyppönen wrote an open letter to RSA explaining his reasons for speaking at TrustyCon instead. “I don't really expect your multibillion dollar company or your multimillion dollar conference to suffer as a result of your deals with the NSA,” wrote Hyppönen. He also noted the NSA's over-broad targeting of non-Americans: “I'm a foreigner. And I'm withdrawing my support from your event.”
RSA issued a statement in response to the allegations of NSA collaboration, without actually denying the core of the allegations. RSA allegedly accepted NSA cash to make the NSA-influenced flawed random bit generator the default in their popular encryption products back in 2004. In 2007 researchers from Microsoft demonstrated how dangerously easy it is to break Dual_EC_DRBG. But even after that demonstration, RSA never made a move to change the default generator in BSAFE. Here's an excerpt from RSA's non-denial issued two days after the Reuters report:
“Recent press coverage has asserted that RSA entered into a "secret contract" with the NSA to incorporate a known flawed random number generator into its BSAFE encryption libraries. We categorically deny this allegation.
We have worked with the NSA, both as a vendor and an active member of the security community. We have never kept this relationship a secret and in fact have openly publicized it. Our explicit goal has always been to strengthen commercial and government security.”
Even if RSA didn't “know” that the encryption standard offered by NSA was intentionally flawed, that does not negate the fact that the weakness was revealed in 2007, never fixed, and remained the default. Nor does RSA deny that there was a $10 million deal. Besides, if their goal is to “strengthen commercial and government security,” the company can easily argue that collaboration with NSA is part of an overall effort to strengthen government security, eclipsing commercial security needs in the process.
The Next Crypto Wars
The revelation of RSA's collaboration with the NSA is not the first disclosure to show that the agency has started a new and unwelcome chapter in the Crypto Wars. In September 2013, the public learned about one of the NSA's most closely guarded secret programs, codenamed BULLRUN. That program began after government attempts to compromise encryption lost in the courts, Congress, and in public opinion; NSA's solution was to bypass democratic mechanisms and undermine our infrastructure anyway. With a mix of tactics that include the infiltrating and coercing of security companies to include weaknesses in their products, NSA's efforts focused on breaking Secure Sockets Layer and Virtual Private Networks, standards that users worldwide trust and depend on to ensure that their messages and transactions make it to the intended recipient and that recipient alone—not the NSA.
Taken together, these reports make clear that this next chapter of the Crypto Wars will be about ensuring that our services and technology are worthy of our trust. That's a goal that TrustyCon and EFF share.
We are heartened and honored, then, that proceeds from TrustyCon will be donated to EFF, and we support all users as we continue to fight the NSA in our two court cases, through opposition to terrible legislation, in the development of freedom-enhancing software, and around the world in the promotion of the 13 International Principles on the Application of Human Rights to Communications Surveillance.
EFF will be at TrustyCon and hope to see many of you there. In the meantime, take a moment to speak out. All three branches of the U.S. government have sharply criticized NSA mass spying. It is crucial that we all demonstrate our outrage right now. Here's how:
- Use and promote the use of open source encryption, like HTTPS Everywhere, to provide secure channels over insecure networks: https://www.eff.org/https-everywhere
- Oppose Sen. Feinstein's fake fix that aims to codify into law some of the worst aspects of NSA spying: https://eff.org/fakefix
- Support the 13 Principles and help pressure policymakers around the world to reject overly broad mass surveillance: https://necessaryandproportionate.org/take-action/eff
- 1. In the 1990s EFF led the fight to protect users’ ability to have strong, uncompromised encryption. In collaboration with leading academics, industry trade associations, and politicians from all over the world, we defeated President Clinton’s “Clipper Chip”—a proposal to compel companies to give the government backdoor keys into commercial encryption technologies. We also defeated export regulations that effectively prevented the development and distribution of strong encryption—encryption free from deliberate weaknesses or backdoors.