Because the government is a major consumer of crypto
products, government entities create or approve most of the encryption
standards used in the industry. One of
the key ingredients of crypto technology are random number generators. Getting random numbers from a computer is a
very tricky problem, so the U.S.
government actually publishes random number algorithms created by computer
scientists and government agencies. This
year, the government produced a new standard, which may soon be integrated into
crypto software worldwide. Three of the
four algorithms in the standard are based on industry standards, but one comes
from the National Security Agency. The
NSA’s algorithm is more complex and slower than the others, so many people
wondered why the NSA pushed to have it included.
In a recent CRYPTO 2007 conference, some computer scientists
discovered that the algorithm has a possible backdoor key, which allows the
numbers it generates to be predicted.
While we don’t know whether the NSA has the key, we can be sure that either
it has the key or it released a dangerously broken standard. (Now that the vulnerability is known, vendors
are unlikely to use it, so the NSA wouldn’t have knowingly released a faulty
standard unless it had the key.)
A paranoid person might wonder if having failed to force broken
crypto on us at the hardware level, the government has some kind of nefarious
plan to sneak one in. Simply requiring
that the standard be used by government contractors might be sufficient to get
it adopted by the industry due to its market share. People take much more care in selecting and
testing encryption algorithms than random number generators.
Reassuring answers on this issue are not likely to be forthcoming,
so here are some rules of thumb:
- Real security requires evaluating the whole process, not
just a good encryption algorithm.
- Don’t trust a security solution just because it is widely used or
- Don’t trust a security solution that is isn’t open to peer