A US Navy Cryptanalytic Bombe, via National Security Agency
Edward Snowden said back in June that strong encryption is the best defense against the NSA’s dragnet online surveillance. Then he went ahead and leaked details about covert agency operations to crack all the encryption codes on the web. It seems the current state of cryptology is an ongoing game of cat and mouse between crypto-advocates and codebreakers in the government. But what if the cat is actually a spy playing for the mouse’s team?
Some people in the security community are becoming increasingly paranoid that’s the case. The suspicion’s been causing quite a rift inside the Crypto Forum Research Group, a team of experts working to develop cryptographic standards for the Internet Research Task Force, the engineers that build the infrastructure of the web. The CFRG is co-chaired by an NSA agent, and some members want him out.
Videos by VICE
Last month group member Trevor Perrin wrote an official request that the agent, Kevin Igoe, be ousted. But in a response Sunday, IRTF chair Lars Eggert refused to give the agent the boot, arguing that just because Igoe works for the NSA doesn’t mean he’s trying to sabotage the group’s work.
Eggert had sensible reasons for the unpopular decision: 1. Co-chairs don’t really have much influence over the standards the task force chooses to implement. 2. If the NSA really wanted to get its hands on their encryption research, it could do so pretty easily without having to plant a spy in the group. 3. The accuser seemingly had some personal beef that fueled his attempt to oust the agent.
Finally, Eggert argued that it’d be crazy to exclude any NSA employee just for being an employee. Once you go there, where do you draw the line? Do you start blocking anyone affiliated with any group affiliated with the NSA? That rules out a lot of people, especially in Washington, a town full of delicately and politically-charged interconnected groups.
But, the accusation that the NSA is trying to undermine online privacy protections isn’t at all far-fetched. Obviously the government wants to be able to break any encryption code to spy on web communications. It came right out and asked to put backdoors in crypto standards back in the 90s, and when it was shot down did it secretly instead, under the classified-but-Snowden-leaked Bullrun operation.
Bullrun revealed that intelligence agency’s supercomputers can crack most of the web’s current encryption. Then last week, new leaked documents revealed the agency is working on building a quantum computer that would allow it to crack basically any encryption code ever written.
That still doesn’t mean Igoe is a nefarious government spy simply posing as a cryptography expert with good intentions. The agency has, naturally, worked closely with experts to develop cryptography standards for a long time; it has just as much interest in securing sensitive data (namely, its own.) But ever since the bombshell revelations rocked the public, the groups developing security standards have been under the gun.
Reports this fall, also from Snowden’s cache, suggested that the NSA had written backdoor access into one of the protocols for the National Institute for Standards of Technology. Now Igoe is being accused of indirectly doing the same thing. In a letter, Perrin pointed out that he championed a system called Dragonfly that was full of security holes and highly criticized. “One wonders whether the NSA is happy to preside over this sort of sloppy crypto design,” he wrote.
At the end of the day it’s easy to view the whole saga as a petty argument between two cryptographic engineers and side effect of an overzealous NSA backlash. Maybe it is. But either way it’s an interesting reminder of just how deeply the nation distrusts the government agency that’s supposed to be keeping it secure. The real issue, Perrin pointed out in his disappointed response to the decision not to oust the agent, is about perception: Having an NSA emplooyee overseeing the encryption project could send a message to the public their online privacy is dead in the ground.
More
From VICE
-
Rick Friedman/Corbis via Getty Images -
Margaret Norton/NBCU Photo Bank/NBCUniversal via Getty Images -
WWE via Getty Images -
Lexie Moreland/WWD via Getty Images
