2 October 2013
Cost and Responsibility for Snowden's Breaches
Via cypherpunks list.
Date: October 1, 2013 9:28:07 AM PDT
From: "Jonathan S. Shapiro" <shap[at]eros-os.org>
Subject: Cost and Responsibility for Snowden's Breaches
[Via Dave Farber's IP]
The press has lately been recirculating stories about the dollar damages
of the Snowden disclosures. The repudiation of key cryptography standards
- the ones that underly our electronic currency exchanges and clearinghouses,
and are present in an overwhelming number of products - may in the end cost
billions of dollars of damage. Some of the press would have us believe that
all of this is Snowden's fault. Better, some feel, to focus attention on
the messenger and protect the perpetrator. Or even if not better, easier.
It sells more papers to focus on a "David vs. Goliath" story than to examine
whether Goliath was actually a Philistine.
In compromising these cryptography standards, NSA's alleged goal was to read
the electronic communications of terrorists, arms dealers, and other savory
characters. In a world of open cryptography standards, the only way to do
that was to compromise *everybody*. That includes ordinary citizens, businesses,
governments (ours and others), armed forces command and control, domestic
and global financial systems, and so on. This goes beyond privacy. Cryptography
sits under all of our most essential electronic communications. Focusing
on Snowden has people asking "How safe are my secrets from the NSA?" when
a more pertinent question might be "Is my bank still safe from the eastern
block mafia and the terrorist of the month?"
Banks for the most part don't operate by storing dollar bills; they operate
electronically. Then there is the power delivery infrastructure, or... the
list goes on. *That* is what NSA compromised. And when you understand that,
it becomes clear that the damage to *us* was far worse than any cost to the
terrorists. In fact, the damage is proportional to your dependence on electronic
That's bad. Because it means that people inside our government, at the direction
of government officials, sworn to protect and defend the constitution and
the country, actively conspired to undermine every segment of the United
States along with our key allies. While the run-of-the-mill staff may not
have understood this, the more senior people at NSA knew what they were doing.
They were certainly told by people on the outside often enough. Frankly,
I think some of them should hang. And I mean that literally. These decisions
by NSA weren't made by extremist muslims. They were made by people from Harvard,
Yale, and Princeton (and elsewhere) right here in America.
But there is something worse. In a certain sense, the NSA's primary mission
is the discovery of secrets. Being in the secret breaking business, one of
the things they know very well is that the best way to break a secret is
to get someone to tell you what it is. And there is *always* someone who
will tell you, either out of conviction or out of fear of compromise. There
was never a question whether the fact that NSA compromised every first world
and second world country would leak. The only questions were *who* would
leak it and *how soon*. It happened to be Snowden, but if not for Snowden
it would have been somebody else.
So setting aside the technical damage, there is the fact that the U.S. Government
is now known - and more importantly, believed - to have compromised ourselves
and our allies. We need to ask what the consequences are of that. Here are
some questions that suggest themselves:
1. Cryptography is clearly too important to entrust to the government. Who
can we trust?
2. Fragmentation seems likely. Does that help or hinder us?
3. Do the issues differ for communications cryptography vs. long-term storage
cryptography? Given that communications is recorded and stored forever, I
4. Can our allies ever again trust an American-originated crypto system?
Software system? Can we trust one from them?
5. Can our allies ever again afford to trust an American manufacturer of
communications equipment, given that every one of the major players seems
to have gotten in bed with NSA when pressured to do so by the U.S. Government?
6. What *other* compromised technologies have been promulgated through
government-influenced standards and/or back room strong arm tactics?
One thing seems clear: we must now choose between the credibility of American
technology businesses and the continuation of export controls on cryptography
and computer security technology. The controls are ineffective for their
alleged purpose; there are too many ways to circumvent them. The main use
of these laws has been to allow government pressure to be brought to bear
on vendors who won't "play ball" with U.S. Government objectives. As long
as the big players in the U.S. computing and networking industries can be
be backdoored by their government (take that either way), only a fool would
buy from them. If the goal is to destroy the American technology industry,
this strategy is even better than software patents. As long as those laws
remain on the books, the American tech sector has a credibility problem.
A second thing seems clear: we need to move to openly *developed* standards
for critical systems, not just open *standards*. And not just openly developed
standards, but standards whose "theory of operation" is explained and critically
examined by the public. No more unexplained magic tables of numbers. We need
fully open public review, and public reference implementations as part of
the standardization process.
A third thing seems clear: fixing the cryptography doesn't solve the problem.
Even with back doors, the best place to break crypto is at the insecure end
points. We need to develop information management methods (e.g. "zero knowledge"
methods, but also others) and software architectures that let us limit the
scope of damage when it occurs. The operating systems - and consequently
the applications - that we are using today simply weren't designed for this.
Fortunately, the hardware environment has converged enough that we can do
a lot better than we have in the past. There will never be perfect security,
but we can largely eliminate the exponential advantage that is currently
enjoyed by the attacker.
Jonathan S. Shapiro