NSA proof products: protective or a profit motive?

Encryption may be effective against spying if the implementation is good, but not every vendor that is selling peace of mind is actually delivering


Security varies by quality © Royalty-Free/CORBIS
We live in a post-Snowden reality. Revelations about NSA spying have prompted a broader use of encryption in the marketplace with a surge of new security products that promise to keep our business and digital lives private. They may not all be effective.

Marketers are responsive to consumer fears. Potassium iodide tablets were flying off the proverbial shelves after the 9/11 attacks, and gold coin peddlers exploited uncertainty in the wake of the great recession. Data security concerns are a comparable case (though arguably much more legitimate).

Multiple “secure” smartphones (1,2,3) and cloud services have already come to the rescue. Some U.S. companies are also frantically responding to slumping sales. We’re not here to challenge the veracity of their products, but can examine the wider issue of whether encryption is truly a cure-all. It depends - not every house is built equally well; implementations aren't either.

We spoke with some of the world’s leading cryptographers to learn their opinions on whether products promising anonymity are marketing snake oil or truly protective against government experts that have spent decades at thwarting security regimens.

Chuck Easttom; author, consultant, and computer science expert:

“The issue is not one of who is ahead, NSA or private industry. Frankly, cryptology is based on math, and the math is open to anyone who cares to study it. 

For example, the recent revelation that the NSA had put a cryptographic backdoor in a specific random number generator was not news to the cryptology community. As early as 2006 a paper had been written on the topic by researchers who studied that random number generator and concluded that it was certainly possible that there was a cryptographic backdoor. 

The problem lies in the security community. Very few people in the security community really know cryptology. I routinely speak to groups of security professionals (people with 10+ years experience, graduate degrees, multiple certifications, etc.) and it usually takes less than 3 minutes to find significant areas of cryptology they are completely ignorant of. Simply put the answer lies in more security professionals, software engineers, etc. having a working knowledge of cryptology.

Now, at some point newer methodologies will be needed, but for now AES 256 bit encryption for hard drives, or RSA 4096 bit encryption for online communications is more than sufficient…if it is implemented correctly.  But, I routinely find new examples of improperly implemented cryptology. And that is related to my first point: too few security professionals really have a good working knowledge of cryptology.”

Bruce Schneier; cryptographer, privacy expert and writer:

“I think the most important Snowden revelation is that encryption works. I wrote this [guide for staying secure].” Schneier cautioned to be on the look out for nonsense marketing, noting that no one “in the field” is really calling for new forms of encryption.

Ross Anderson; Cambridge University's head of Cryptography:

“The Snowden revelations confirm what experienced cryptographers have strongly suspected all along. They don't have any special wizardry; they can't make quantum computing work better than university labs can; and systems such as Tor that are implemented carefully using well-known cryptographic primitives keep them out.

 They have also confirmed what security engineers have long known; namely that the NSA and the other agencies put a lot of effort into compromising actual systems by getting at the vendors. Perhaps their biggest secret coup ever was the purchase of Crypto AG, a Swiss firm that supplies many non-aligned governments; they bought this from the founder Boris Hagelin in the 1950s and were discovered only in the 1990s. That gave them access to the traffic of perhaps 100 governments' diplomatic and military traffic for forty years. 

More recently they used export controls to bully security companies into implementing cryptography with short keylengths or deliberate backdoors. The Snowden papers added much more to our knowledge of this; some $250m a year seems to have been spent on compromising crypto and security standards, and products.   

In short, the problem isn't the cryptography. We know how to do that. It's whether you can trust the engineers who implement it. In general the vendors cannot produce robust products, since they would not be allowed to export them. If your company needs to protect information from state actors, you need to employ people who know what they're doing and you'll probably end up putting together much of what you need from free software products. If you don't have the technical and managerial self-confidence to do that, you are meat in the market.”

Charles Rackoff; cryptologist and professor:

“I'm afraid I don't know what security cell phones, etc. are currently using. I would doubt that the NSA is ahead of the rest of us in terms of breaking stuff (such as AES, etc.) that is generally regarded as secure (but I don't know if phones are using stuff that is generally regarded as secure -- this is just my personal ignorance). Most of what I've read about NSA "breaking" stuff is not about mathematical/scientific advances, but completely different: cooperation from vendors, secretly inserting hardware and software in places, etc.”

Phillip Rogaway; UC Davis professor and cryptography researcher:

“We really don't know where the NSA is in terms of cryptanalytic capabilities. The Snowden-related revelations have only concerned approaches to circumvent the cryptography -- ways to go around it, one might say, not ways to directly break it.  None of us outsiders know what the NSA can break. 

But, like most cryptographers, I believe that good-quality cryptography cannot be directly broken by the NSA, or by anyone else.  I believe that that is why the NSA is driven to go around it. Almost certainly, there is no other cost-effective choice -- especially when the government wants to make available everything, not just targeted communications. 

As for particular vendor products, it is one of the problems with the personal-security-products marketplace that it can be difficult or impossible to distinguish well-executed cryptography from snake oil. I'm sure there's no shortage of snake oil. But high-quality tools are also available. Some of them are open-source and free. 

With good tools, I think usability is the issue, not effectiveness. While many cool and exotic ideas in cryptography have come into existence in recent years, it's not these that are needed to help people get back a bit of privacy. The most useful tools are probably things like ToR, PGP, and OTR, none of which realize anything new or exotic. 

Yet more important than trying to get most people to use such tools -- which is not going to happen -- is to work our way back, as a people, to a world where surveillance is not routinized. Right now you really need to assume that every single email, phone call, credit-card transaction, web-site visit, or change of physical location (if you carry a cell phone) is going to be recorded within intelligence-agency databases, machine scrutinized, and maintained for an indefinite period of time. That's not a world consistent with free expression or democratic values.”

(image credit: CT.gov)

This post was originally published on Smartplanet.com