back to article Vint Cerf wanted to make internet secure from the start, but secrecy prevented it

The NSA acted as a barrier to the rollout of encryption as standard from the very inception of the internet back in the mid 1970s. Youtube Video Engineers had wanted to add a network encryption layer as part of the original specifications for TCP/IP. Whitfield Diffie and Martin Hellman had published a paper on public key …

COMMENTS

This topic is closed for new posts.
  1. John Smith 19 Gold badge
    Unhappy

    Ironic given the ARPANET was designed to allow USG contractors to do secret work

    on remote computers their home institutions could not afford (EG the Cray 1 single and Illiac IV multi processors).

    The sort of thing you might think the USG would want to keep secret from other countries.

    So effectively an NSA contract muzzles researchers from even suggesting that such security might have been a good idea from day one.

    Thanks for that Vince.

  2. Roo

    Why do we care about Stewart Baker's opinion ?

    From his 'profile': "Former government official now practicing law"

    That didn't inspire confidence, and as it turns out his blog post was wishful thinking and ignorance masquerading as utter tripe.

    1. Michael Wojcik Silver badge

      Re: Why do we care about Stewart Baker's opinion ?

      It's useful for purposes of historical research and the like to know how people like Baker construct justifications for the NSA's actions. Just because we might disagree with Baker's assessment, or even believe it disingenuous, we shouldn't treat it as irrelevant.

      (For the record, I disagree with Baker, and I'm agnostic on the disingenuous question. I'm sufficiently cynical that I have no problem believing either alternative - that he sincerely believes the NSA is in the right, or that he's just practicing PR. And I think that's a moderately interesting but not terribly important question.)

  3. NoneSuch Silver badge

    It isn't too late.

    Adding an encrypted V2.0 TCP-IP stack is perfectly doable, just like adding IPv6 support. Get an RFP going... Get Linus Torvalds and his crew to build it into the Linux kernel, THEN watch Linux usage skyrocket. When people start dumping Apple and MS gear for Linux, it won't be long until the rest follow suit.

    The only thing required is will. Oh, and keeping things of US servers.

    1. M Gale

      Re: It isn't too late.

      Use Linux!

      It has some weird crypto that only works on Linux!

      That'll work.

      1. Anonymous Coward
        Anonymous Coward

        Re: It isn't too late.

        Maybe not, but perhaps, "It's the only chance you'll have of a reasonable expectation of Internet privacy. Otherwise, Big Brother's watching you." might have a better result.

    2. Anonymous Coward
      Anonymous Coward

      Re: It isn't too late.

      You mean IPSec? Already in there. It isn't used for normal internet traffic even though both Linux and Windows support it (and OS X and probably iOS and Android) so why would a proprietary Linux only stack ever be used for anything more than secure git checkins?

    3. Daniel B.

      Re: It isn't too late.

      Adding an encrypted V2.0 TCP-IP stack is perfectly doable, just like adding IPv6 support.

      We already have it, it's called IPSec and its available in IPv4 and IPv6 flavors. It is kind of a problem with IPv4 thanks to horrible things like NAT and the fact that moving around means your IP is always changing… but theoretically IPv6 should simplify a lot of things and thus IPSec over IPv6 is easier to pull off.

      But server-to-server comms can be secured via IPSec...

  4. The Man Who Fell To Earth Silver badge
    Boffin

    Irrelevant

    Even if one agrees with the statement that "... Edward Snowden is "under the thumb" of the Russians and that his revelations about NSA spying tactics are assisting authoritarian government, including the government of Syria...", it is irrelevant.

    Just because a revelation of lawbreaking by the NSA may help "the bad guys" does not mean that letting the lawbreaking continue is not creating worse damage to the people the NSA are supposed to be working for.

    1. Anonymous Coward 101

      Re: Irrelevant

      Who does the US government want to win in Syria? The Syrian government, or the mob they are fighting?

      1. ShadowedOne

        Re: Irrelevant

        I would imagine it depends on which side is willing to be the US Government's bitch.

      2. dogged

        Re: Irrelevant

        The rebels because Assad's in Putin's pocket.

        Which, to be fair, is a pretty safe place to be.

        1. Anonymous Coward
          Anonymous Coward

          Re: Irrelevant

          I figure neither. Let them blow each other to bits, then pick up the pieces.

          1. Tom 13

            Re: then pick up the pieces.

            Two problems with that thinking:

            1. They'll never finish blowing each other up. So there's never an easy chance to come in and pick up the pieces.

            2. In the interim it tends to bread militarized terrorists. Which is exactly the sort of thing the civilized world doesn't want.

            Like I said above, that it may be the least bad option doesn't make it a good one.

      3. zb

        Re: Irrelevant

        I think they are happy with the current deadlock

      4. Anonymous Coward
        Anonymous Coward

        Re: Irrelevant

        Anonymous Coward 101: "Who does the US government want to win in Syria? The Syrian government, or the mob they are fighting?"

        Who'll ever give them the oil at the cheapest price.

      5. Tom 13

        Re: want to win in Syria?

        Truthfully?

        Probably neither. As far as most of the people calling the shots are concerned the best outcome is if they just keep kicking the crap out of each other.

        Best theoretical outcome is a representative democracy with fixed rights along the lines of life, liberty and the pursuit of happiness including ownership of private property. But doing that requires more heavy lifting than anyone is willing to do. Frankly, the US is the only country that's successfully pulled it off twice (runner up goes to you Brits who almost pulled it off in India). Even then it wasn't alone but as the lead (Germany and Japan). With Germany and Japan we had better raw materials from which to start. Syria would be an even longer, harder slog and therefore won't happen.

        Sadly, given the best theoretical answer won't happen, the powers that be may be the least bad option. Which still doesn't make it good.

    2. Captain DaFt

      Re: Irrelevant

      It's just standard diversion, and poorly done!

      World: "Why are you behaving so illegally and hurting everybody's business?"

      NSA: "Hey, the guy that told you the truth about us is a lousy rat, so there!"

    3. Tom 13

      Re: Irrelevant

      Not irrelevant. Actually very important. It means that even though the agency has overstepped and needs to be reigned in, they aren't the demon you make them out to be. Because Snowden IS under the thumb of an authoritarian regime that just overthrew a democratic government in YOUR backyard. And given the whole lot of you are dependent on natural gas from the despotic government, you're abandoning them just like the Vichy French.

      The truth is, Baker and Appelbaum have equally valid points and you have to find a way to address BOTH of them if your intent is to protect a representative, civilized society.

  5. Justin Stringfellow

    also

    Similar topic, Diffie and Hellman talk about NSA interference in their work in this recent documentary, which is worth a listen:

    http://www.bbc.co.uk/programmes/p01w7jzc

  6. frank ly

    Snowden should be careful

    " ...his revelations about NSA spying tactics are assisting authoritarian government, ..."

    The CIA don't like people muscling-in on their patch.

  7. tom dial Silver badge

    After reading the Baker/Applebaum/etc. twitter stuff ...

    I conclude the twitter is a really bad way to have a meaningful conversation.

    Baker went a bit over the top in the original blog post, but is not alone in that. The "well known fact" that Dual_EC_DRBG has a back door to which NSA has the key might be true, but it also might not be, as far as I have seen reported. Frequent repetition of a statement, by any number of people, does not increase the likelihood that it is true. We know:

    the algorithm was developed with NSA technical help (but the details are publicly known)

    for any instantiation there is an undisclosed number that could be used by one who knows it to find the internal state and therefore be able to predict future values (a patent was issued for that)

    the constants that describe an instance of the DBRG could be produced in a way that discloses the secret number that provides a back door

    It is thought to be computationally infeasible to find out the secret number using the public ones that describe a particular instance of the DBRG

    the source of the constants specified in the NIST description is unknown and might have been the NSA

    These facts establish that the NSA might have compromised Dual_EC_DRBG, but they do not alone establish that they did so in fact. They have been known for about 7 years to those interested in cryptography.

    Now we also find out that the NSA provided funding to RSA, and that RSA included Dual_EC_DRBG in the bsafe toolkit. I am not aware that the contract has been published, but it is assumed widely to be a government purchase of action to distribute a compromised cryptographic toolkit. That begs the question of whether Dual_EC_DRBG actually is compromised, which depends critically on a fact that we do not seem to know: whether NSA knows the secret numbers that would compromise it.

    And that appears to have been Baker's point.

    1. Michael Wojcik Silver badge

      Re: After reading the Baker/Applebaum/etc. twitter stuff ...

      You omit at least two important details:

      - Dual_EC_DRBG is a lousy algorithm - poor performance and no known benefits - and that was recognized when it was originally published. That makes publication and use more suspicious.

      - FIPS 800-90A includes instructions on picking different points for Dual_EC_DRBG, which would close any back door. RSA refrained from doing so.

      We needn't conclude that RSA made Dual_EC_DRBG the default CPRNG for BSAFE due to pressure or incentives from the NSA; but if they didn't, then they're guilty of insufficient technical review and poor security practice. The weaknesses in and suspicions about Dual_EC_DRBG have been well-known for years, and so there's no excuse for making it the default CPRNG, with the default points, in a library. It's either malice or incompetence.

  8. Anonymous Coward
    Anonymous Coward

    who's calling who authoritarian?

    "[Snowden's] revelations about NSA spying tactics are assisting authoritarian government"

    ^^ seems to me he's undermining authoritarian government in Washington DC.

    1. John Smith 19 Gold badge
      Unhappy

      @tnovelli

      "seems to me he's undermining authoritarian government in Washington DC."

      Well why do you think they are so angry at him?

  9. Don Jefe

    Costs

    It's not that I'm casting doubt on Mr. Cerf's assessment, but I have no doubt there's a lot of simplification taking place when discussing the lack of security built into the Internet and its infrastructure. Secure communications inside the US have always been the redheaded stepchild of information security, before 'information security' was a thing.

    In the early 80's I did my post grad internship at a company that made and serviced harbor control equipment. I spent seven months at Naval Station Norfolk as a result and it was so common for 'secure' Naval transmissions to bleed over into commercial transmissions there was a little dance everybody did so we could say that environmental condition kept is from paying any attention to what was said. By 'everybody', I mean everybody. The Navy liaisons, the harbor master and his staff, even the unionized teamsters and longshoremen, it was ridiculous to the point of hilarity, and it was deadly serious ship to the Navy guys. I don't know why they even bothered to come ask what we had heard and what we understood, but they did. Nobody was going to say 'Hey, yeah, I heard the announcement that President Reagan was actually already aboard, and the flotilla was just for show'. That's what we heard, but you don't go volunteering that. It was all the time too, not a rare thing. When the long deployment submarines were coming back in it got even more serious, 'Commies' were everywhere then you know, but that didn't stop anyone from broadcasting the entire production to every radio within a 100 miles or so. Although it had been 'proven' that your children's elementary school teacher or your family doctor could be a Commie, the godless bastards apparently didn't get into the maritime or logistics careers.

    Same with federal law enforcement communications. The Navy (hilariously) brought off shore radio jamming equipment to Waco, Texas after it became evident the wackos were listening to radio communications. The Navy did that because those guys still practice semaphore, no shit. I still wonder how many times 'set the fuckers on fire' was danced out before confirmation was reached. Eric Rudolph is a major figure of study for military 'insurgent warfare suppression' and asymmetric warfare students and all kinds of shit was talked about how he was a super soldier and was using the US military's tactics against itself. Nope. He had a radio. A $400 Honeywell radio from Montgomery Fucking Ward. When the radio failed he lost his information source so he got caught in the dumpster looking for dinner.

    DEA, CIA, FBI, Postal Inspection Service, Freight Railroad Police all the way down to Mayberry RFD had their comms blasted out to anyone with $75 and a fetish for procedural etiquette, or a drug operation, could listen to. Look at the biggest expense category of the post 9/11 'homeland security' grants. It was radio systems for local police departments that didn't broadcast on 'secure channels' any CB radio or police scanner could pick up.

    Are you a jihadi who wants to know what commercial aircraft are flying in your your area and the lady at the ticket counter isn't helping? Pop on in to the public terminal that every airfield in the US has sitting out for you to check traffic, weather and martyrdom opportunities when filing a flight plan. Need a boxcar full of highly enriched uranium sent fresh from Y-12? No need to bother CSX, just look up closing times for sidings along the rail line route.

    My point is, that things that have been around a lot longer than the Internet and deal with real deal, no bullshit dangerous stuff are 'secure' in the sense that a locked cigar humidor or locked gun cabinet with a glass door is secure, or a Jeep with a soft top is secure.

    To think that the Internet was 'almost' secure in its initial form is like saying Neil Armstrong almost established a colony on the Moon. The DMCA was signed into law with a smirk and the knowledge of Congress that this Internet thing was just a bunch of shit but hot damn! Those contributions from the entertainment industry sure do make buying cocaine and hookers a lot easier.

    I'm sure there were discussions about 'perfect' scenarios and 'unlimited funding' talks over beers like occur within any group of like minded people working towards a common goal (here where I work, we talk about solutions to problems one would experience trying to turn absurdly long things on a metal lathe of colossal size). We could do it, or at least we believe we know the best way to go about doing it, but that doesn't mean we're almost about to do it except (reason). There are about 53 million reasons why we aren't about to do it, cost being a really big factor, just like costs of secure information have, historically, never really been very high on the pork payout checklist.

    Until this century secure communications and information security inside the US was generally viewed about the same way big banks view financial regulations. Inconvenient, and if you can't abuse the system for your own gain, completely useless. Deliberately confusing jargon and the use of arcane contextual indication systems (security through obscurity) were greatly favored by our cultural heros. George Washington, Thomas Jefferson, Benjamin Franklin and Theodore Roosevelt all favored hiding valuable information in plain sight through the use of clever systems of occulting meaning behind a facade of seemingly unrelated information. They wrote about it, forced it into the daily operations of government and it has remained at the core of our international and military culture.

    That's begun to change, somewhat, but only since 9/11. Computers have changed the level of cleverness available to the 'unlettered man' (or very lettered terrorist :). But four decades ago? No. The locked gun cabinet with the glass door was considered more than adequate. I'm glad for the change, but we're a long, long way from having information security be anything more than a checkbox on the same form that has things like 'citizens right to privacy', 'justice' and 'rule of law' on it. In the 1970's they didn't even have the forms yet.

  10. Anonymous Coward
    Anonymous Coward

    Spelling

    "Baker's blog post provoked a feisty exchange with regular sparing partner Jacob Appelbaum"

    Do you mean sparring perchance?

    (Yes I know about the corrections mailto: link, thank you.)

    1. Don Jefe

      Re: Spelling

      Maybe they had a joint panhandling operation. You know, kind of a two shift, 'spare some change' kind of thing. Possibly a mime duet or some sort of performance art piece focusing on the often ignored interplay between an organ grinder and his monkey.

  11. Anonymous Coward
    Anonymous Coward

    Basically...

    "Baker responded that Edward Snowden is "under the thumb" of the Russians and that his revelations about NSA spying tactics are assisting authoritarian government, including the government of Syria."

    ...the tired old Reds under the bed '50s paranoia manipulation strategy whereby nothing is wrong or immoral or amoral if it is anti-Commie. Does that old chestnut still work? It was kind of understandable back then, given all the speed that lot used to apparently drop. Blues on the bedside cabinet more like. Wonder how much Charlie Baker's able to put away. He'll certainly have the contacts.

  12. Anonymous Coward
    Anonymous Coward

    NSA not undermining net security?

    "Former NSA general counsel Stewart Baker, a lawyer rather than a cryptographer, argues that suggestions that his former employer is undermining net security are wide of the mark last weekend."

    --

    'For half a century, Crypto AG, a Swiss company located in Zug, has sold to more than 100 countries the encryption machines their officials rely upon to exchange their most sensitive economic, diplomatic and military messages ..

    A decade after the end of WWII, the NSA, also known as No Such Agency, had rigged the Crypto AG machines in various ways according to the targeted countries`

    1. Anonymous Coward
      Anonymous Coward

      Re: NSA not undermining net security?

      It's gotten to the point where no vendor hip to the NSA's power will even start building products without checking in with Fort Meade first. This includes even that supposed ruler of the software universe, Microsoft Corp. "It's inevitable that you design products with specific [encryption] algorithms and key lengths in mind," said Ira Rubenstein, Microsoft attorney and a top lieutenant to Bill Gates. By his own account, Rubenstein acts as a "filter" between the NSA and Microsoft's design teams in Redmond, Wash. "Any time that you're developing a new product, you will be working closely with the NSA," he noted.

      http://edition.cnn.com/TECH/computing/9807/27/security.idg/

  13. Graham Marsden
    Big Brother

    "Snowden's revelations...

    "...about NSA spying tactics are assisting authoritarian government..."

    ... which isn't ours.

    FTFY.

  14. Yes Me Silver badge

    Not to contradict Vint, but...

    I don't doubt a word Vint says, but re: "practical reality had to wait until Ron Rivest, Adi Shamir and Leonard Adleman published the RSA algorithm in 1977."

    That ignores the fact that real practical reality had to wait until the RSA patent expired in September 2000. It was pretty much impossible to deploy public key crypto on an unlimited scale until then.

    (Also, BTW, the actual *existence* of the NSA was surely top secret until about 1975, and little known until The Puzzle Palace was published in 1982?)

    1. jake Silver badge

      Re: Not to contradict Vint, but...

      To say nothing of the fact that the network which eventually became what we now call "The Internet" was designed as a research network to research networking. It was designed SPECIFICALLY to be transparent. As Cerf knows very well.

      Cerf writes: "I worked with the National Security Agency on the design of a secured version of the internet but we used classified security technology at the time and I couldn't share that with my colleagues."

      That's MilNet. Trust me, in the early days .mil had nothing to do with TehIntraWebTubes. Other than sharing various bits of technology, of course. The two were air-gapped. Still are, so far as I know (and sincerely hope!).

      Cerf goes on to say: "If I could start over again I would have introduced a lot more strong authentication and cryptography into the system."

      Note the "If I could start over". He's not talking about what was going on back then, he's talking about what is going on today. Hindsight is 20/20. Nobody, and I mean NOBODY worried about security outside of simple login/password pairs into individual systems until the Morris Worm in 1988. Security just wasn't an issue until systems started crashing.

      A host is a host from coast to coast

      And no one will talk to a host that's close

      Unless the host (that isn't close)

      is busy, hung or dead.

      -- David Lesher

      1. John Smith 19 Gold badge
        Boffin

        Re: Not to contradict Vint, but...

        "A host is a host from coast to coast

        And no one will talk to a host that's close

        Unless the host (that isn't close)

        is busy, hung or dead.

        -- David Lesher"

        Isn't that an old radio amateur repeater joke?

        Possibly the first long range network

      2. Anonymous Coward
        Anonymous Coward

        Re: MILNet

        Are you sure? I'm sure that dockmaster.navy.mil was accessable from sun1.cc.usm.edu back in the 1980s. I'm sure I've got a screenshot of the login banner somewhere.

        Unless you're talking about the 1970's.

      3. Anonymous Coward
        Anonymous Coward

        Re: Not to contradict Vint, but...

        That's MilNet. Trust me, in the early days .mil had nothing to do with TehIntraWebTubes. Other than sharing various bits of technology, of course. The two were air-gapped. Still are, so far as I know (and sincerely hope!).

        If only. I was at the Dayton Defense Megacenter, on Wright-Patterson AFB, in the mid-1990s, helping install some software on several of their HP-UX servers. This was for a major DoD logistics application, handling everything from tanks to toilet paper. "These things are on the public Internet?" I asked. "Oh, yeah." "What do you use for a firewall?" "Nothing. They're not in the public DNS, so we figure they're pretty safe."

        (Oh, and regarding dockmaster: it was certainly on the public Internet in the 1990s. Come to think of it, Stoll claims it was publicly accessible in The Cuckoo's Egg, which was first published in 1989.)

This topic is closed for new posts.

Other stories you might like