Tuesday, 10 September 2013

Bullrun: The NSA Backdoor Anti-Encryption Bug Program That Breaks Most Encryption on the Internet

Astonishing and explosive news emerged yesterday yet again from the Snowden files. This is a whopper that is much bigger than PRISM.  As reported in the Guardian, the New York Times, and ProPublica, the NSA has the ability to decrypt most of anything that is on the internet.  They have done this not through cracking encryption mathematically, but by secretly using influence and billions of dollars to insert backdoors designed to preserve their ability to eavesdrop.  A not-so random number here, a little snippet of code there, and the exploiting of privileged access to keys – it’s pretty stunning news.  The program started in 2000, pre-9-11 times when encryption tools really started to spread on the web.  Since that time they have been secretly working to undermine most encryption technology.
The ability to crack high-level encryption is something that has been a pretty significant legend in the infosec community.  To be honest for years now it has been an intellectual or intuitive assumption that this was a likelihood.  What has been revealed here is how the NSA used influence to get backdoors and subvert the very notion of privacy technology.  We’ve been had.
Encryption backdoors are everywhere
The N.S.A. hacked into target computers to snare messages before they were encrypted. And the agency used its influence as the world’s most experienced code maker to covertly introduce weaknesses into the encryption standards followed by hardware and software developers around the world.
“For the past decade, N.S.A. has led an aggressive, multipronged effort to break widely used Internet encryption technologies,” said a 2010 memo describing a briefing about N.S.A. accomplishments for employees of its British counterpart, Government Communications Headquarters, or GCHQ. “Cryptanalytic capabilities are now coming online. Vast amounts of encrypted Internet data which have up till now been discarded are now exploitable.”
VPN’s, SSL – p0wned
Some of the agency’s most intensive efforts have focused on the encryption in universal use in the United States, including Secure Sockets Layer, or SSL, virtual private networks, or VPNs, and the protection used on fourth generation, or 4G, smartphones. Many Americans, often without realizing it, rely on such protection every time they send an e-mail, buy something online, consult with colleagues via their company’s computer network, or use a phone or a tablet on a 4G network.
Acting with impunity
Paul Kocher, a leading cryptographer who helped design the SSL protocol, recalled how the N.S.A. lost the heated national debate in the 1990s about inserting into all encryption a government back door called the Clipper Chip.
“And they went and did it anyway, without telling anyone,” Mr. Kocher said. He said he understood the agency’s mission but was concerned about the danger of allowing it unbridled access to private information.
Paid to make products “Exploitable”
According to an intelligence budget document leaked by Mr. Snowden, the N.S.A. spends more than $250 million a year on its Sigint Enabling Project, which “actively engages the U.S. and foreign IT industries to covertly influence and/or overtly leverage their commercial products’ designs” to make them “exploitable.” Sigint is the abbreviation for signals intelligence, the technical term for electronic eavesdropping.
By this year, the Sigint Enabling Project had found ways inside some of the encryption chips that scramble information for businesses and governments, either by working with chipmakers to insert back doors or by surreptitiously exploiting existing security flaws, according to the documents. The agency also expected to gain full unencrypted access to an unnamed major Internet phone call and text service; to a Middle Eastern Internet service; and to the communications of three foreign governments.
In one case, after the government learned that a foreign intelligence target had ordered new computer hardware, the American manufacturer agreed to insert a back door into the product before it was shipped, someone familiar with the request told The Times.
From the NSA budget:
The 2013 N.S.A. budget request highlights “partnerships with major telecommunications carriers to shape the global network to benefit other collection accesses” — that is, to allow more eavesdropping.
Because strong encryption can be so effective, classified N.S.A. documents make clear, the agency’s success depends on working with Internet companies — by getting their voluntary collaboration, forcing their cooperation with court orders or surreptitiously stealing their encryption keys or altering their software or hardware.
Tough but legal tactics
It is also reported that some strong-arm legal maneuvering took place in the agency’s endeavors with Microsoft:
At Microsoft, as The Guardian has reported, the N.S.A. worked with company officials to get pre-encryption access to Microsoft’s most popular services, including Outlook e-mail, Skype Internet phone calls and chats, and SkyDrive, the company’s cloud storage service.
Microsoft asserted that it had merely complied with “lawful demands” of the government, and in some cases, the collaboration was clearly coerced. Executives who refuse to comply with secret court orders can face fines or jail time.
The Encryption Master Key Box
Apparently the NSA also has a master key box with some of the keys legally acquired, and some not so legally acquired (hacked):
N.S.A. documents show that the agency maintains an internal database of encryption keys for specific commercial products, called a Key Provisioning Service, which can automatically decode many messages. If the necessary key is not in the collection, a request goes to the separate Key Recovery Service, which tries to obtain it. 
How keys are acquired is shrouded in secrecy, but independent cryptographers say many are probably collected by hacking into companies’ computer servers, where they are stored. To keep such methods secret, the N.S.A. shares decrypted messages with other agencies only if the keys could have been acquired through legal means. “Approval to release to non-Sigint agencies,” a GCHQ document says, “will depend on there being a proven non-Sigint method of acquiring keys.”
No computer is beyond target or reach
They can also hack your system without you knowing:
The NSA also devotes considerable resources to attacking endpoint computers. This kind of thing is done by its TAO – Tailored Access Operations – group. TAO has a menu of exploits it can serve up against your computer – whether you’re running Windows, Mac OS, Linux, iOS, or something else – and a variety of tricks to get them on to your computer. Your anti-virus software won’t detect them, and you’d have trouble finding them even if you knew where to look. These are hacker tools designed by hackers with an essentially unlimited budget. What I took away from reading the Snowden documents was that if the NSA wants in to your computer, it’s in. Period.
You’re going to hear a whole lot about this.  It has a whole lot of people pretty rustled.  Even stuff that is open source can be safely assumed to be compromised.  Many feel that their own government is acting without the consent of the governed.  There are many things to consider here.  First off, it is pretty logical to assume the NSA isn’t alone in developing such capabilities.  It is also revealing how the agency has forced or hacked its way into these positions.  So exactly how far does this go, who is holding the keys to these backdoors, what if it gets out?  The NSA has crafted a set of God keys to pretty much everyone on the internet by hook or by crook.  Apparently there are many more leaks to come so prepare yourselves.
Let’s paint a picture here.  If these reports are true, the NSA can definitely target individuals if they come up on the radar and merit attention.  As we have described here repeatedly that through analytics and forensic means if you haven’t risen to that threshold of attention, you’re safe in the massive space of digital noise.   Keep in mind however that the NSA sees counter-terrorism, protecting critical cyber-infrastructure and counter-intelligence as their primary mission.  The information that is being leaked helps compromise those objectives, to say the least, but there is at least a perceivable benefit from it.   That’s the great controversy here and there’s more to come.  What you thought was private, probably isn’t – plain and simple.
Bruce Schneier, security blogger made the following statement:
Government and industry have betrayed the internet, and us.
By subverting the internet at every level to make it a vast, multi-layered and robust surveillance platform, the NSA has undermined a fundamental social contract. The companies that build and manage our internet infrastructure, the companies that create and sell us our hardware and software, or the companies that host our data: we can no longer trust them to be ethical internet stewards.
This is not the internet the world needs, or the internet its creators envisioned. We need to take it back.
And by we, I mean the engineering community.
Schneier adds some advice:
The NSA has turned the fabric of the internet into a vast surveillance platform, but they are not magical. They’re limited by the same economic realities as the rest of us, and our best defense is to make surveillance of us as expensive as possible.
With all this in mind, I have five pieces of advice:
1) Hide in the network. Implement hidden services. Use Tor to anonymize yourself. Yes, the NSA targets Tor users, but it’s work for them. The less obvious you are, the safer you are.
2) Encrypt your communications. Use TLS. Use IPsec. Again, while it’s true that the NSA targets encrypted connections – and it may have explicit exploits against these protocols – you’re much better protected than if you communicate in the clear.
3) Assume that while your computer can be compromised, it would take work and risk on the part of the NSA – so it probably isn’t. If you have something really important, use an air gap. Since I started working with the Snowden documents, I bought a new computer that has never been connected to the internet. If I want to transfer a file, I encrypt the file on the secure computer and walk it over to my internet computer, using a USB stick. To decrypt something, I reverse the process. This might not be bulletproof, but it’s pretty good.
4) Be suspicious of commercial encryption software, especially from large vendors. My guess is that most encryption products from large US companies have NSA-friendly back doors, and many foreign ones probably do as well. It’s prudent to assume that foreign products also have foreign-installed backdoors. Closed-source software is easier for the NSA to backdoor than open-source software. Systems relying on master secrets are vulnerable to the NSA, through either legal or more clandestine means.
5) Try to use public-domain encryption that has to be compatible with other implementations. For example, it’s harder for the NSA to backdoor TLS than BitLocker, because any vendor’s TLS has to be compatible with every other vendor’s TLS, while BitLocker only has to be compatible with itself, giving the NSA a lot more freedom to make changes. And because BitLocker is proprietary, it’s far less likely those changes will be discovered. Prefer symmetric cryptography over public-key cryptography. Prefer conventional discrete-log-based systems over elliptic-curve systems; the latter have constants that the NSA influences when they can.

No comments:

Post a Comment