Search Blog Posts

Sunday, June 23, 2013

Rivero Challenges NSA Spy Encryption & How the NSA & Microsoft are Spy Partnering


Rivero challenges the NSA

The NSA justifies its surveillance of all our computer and phone data with the claim they need it to detect and track terrorists. Obviously the Boston Bombing proves this is an epic fail, even given the admission by the FBI that they did in fact have recorded phone calls for the Tsarnaev brothers to listen to.

I maintain that the NSA spying is wholly about controlling the American people, looting their business secrets for cronies, and has no impact on real terrorists (as opposed to fake acting a theater role to sell us a war) because real terrorists and drug criminals have known all along that public communications are open to monitoring.

This brings us to the issue of encryption to protect our privacy. 

The NSA loves to be able to read your encrypted traffic, and they are able to do so because Americans are tricked into using code systems where the NSA knows the method (or has a back door). 

To decode a message is a two step process. First, the method of the encryption must be determined. Then the specific key for the message must be found. Of the two, the first step is by far the hardest. 

The German ENIGMA machine
For example, the allies did not break the German Enigma code until they succeeded in capturing an actual machine from the German submarine U-559. 

After the method was known, the British cryptographers at Bletchley Park were able to "brute force" the keys to various German messages using an early mechanical computer nicknamed the "bombe" for its constant ticking sound while working. 

Use of this machine, based in part on theoretical work by Alan Turing, allowed the Enigma messages to be read. And here is where the story gets interesting! 

Following the end of the war, the United States and Britain made presents of captured German Enigma machines to friendly governments ... but never mentioned that the messages encoded on those machines were readable by the US and Britain! 

In the 1990s, a scandal erupted with a company in Europe called Crypto AG. Numerous information breaches had raised the suspicion that the machines were compromised by intelligence agencies, including the NSA. although Crypto AG's management strongly denied the allegations, James Bamford in his book "The Puzzle Palace" confirmed the story that the NSA had paid the head of Crypto AG a sizable sum of money to add a back door to their systems.

So the NSA/CIA/FBI faced a problem. Strong encryption was proving difficult to get around at the level of the law abiding citizens. Because finding the keys to messages was comparatively easy once the method was known, the NSA pressured the US Government to mandate that all citizens use a standard encryption system, one where the method was already known to the NSA, to make it easier to read messages from private US citizens. 

The first such effort was the DES, the Data Encryption Standard. Mandated into use as a standard in 1976. Critics pointed out several aspects of the standard that seemed intended to weaken the code to make it easier for the NSA to read, in particular the manner in which the NSA pressured IBM, the developer of DES, into limiting the maximum size of encryption keys. Suspicions of a "back door" were heightened with the discovery of a block of code in the header labeled the "work reduction packet" which contained the encryption key, re-encrypted using a key presumably only the NSA had. As personal computers gained in computation power, DES was eventually seen as insecure due to the limited key length and those users not mandated by the government to use it, started to search for other means of securing their messages from prying eyes. 

So, in 1993, the NSA announced a new encryption system for the masses, the Clipper Chip. The intention was for all US citizens to be forced to use this form of encryption, which allowed the government to have the encryption keys in an "escrow" system. The public were told that the keys would be split into two halves, and two different agencies would hold the halves, requiring a long process to retrieve the key halves in the event of a legitimate investigation. 

What the public was not told was that the NSA only needed one half of the key, and could derive the other half using their already vast array of computers.

Then, in 1994, Matt Blaze published a paper exposing the fact that the clipper chip included in all messages a packet identified as LEAF, which stood for "Law Enforcement Access Field." Like the DES "work reduction packet", LEAF contained the encryption key used to encode the message, to make the message readable by the government. As a result of these exposures, the public rejected Clipper, and by 1996 the government stopped trying to force it on the public.

Then in 1999, Microsoft issued Service Pack 5 for Windows NT 4.0, which had a standard encryption system built in, but neglected to strip out the symbol table information for their standard cryptographic module, ADVAPI.DLL. When software experts examined the symbol table, they discovered than in addition to the Microsoft encryption key, a second key existed that was labeled _NSAKEY.

This second key would allow anyone using it full access to the Microsoft encryption system, able to read messages encrypted with the Microsoft encryption system at will, and worse, bypass Windows security to access the machine remotely. Dr. Nicko van Someren later found a similar extra key in Windows 2000. Microsoft denies these keys are for the use of the NSA, but given the NSA/CIA's long history of solving cryptographic challenges by compromising the encryption itself, there is room to doubt.

None of these government systems to read your private messages have anything to do with crime. Real criminals, whether drug lords or spies, know better than to use any encryption system where the method is known to the enemy, even if there are no back doors, "work reduction packets", or LEAF. The goal of DES, Clipper, NSAKEY is to reserve to the government the ability to read the messages of ordinary Americans any time they wish to.

However, the NSA is able to read your messages only if they have that method. If you come up with your own method, even if it is not particularly strong, and here is where my challenge comes in.

Over the weekend I dusted off my C programming skills (rather embarrassing how much I have forgotten) and wrote an encryption system of my own design. I encoded a secret message to my evil co-conspirators using this system. HERE IS THE ENCRYPTED MESSAGE. It took me about 4 hours to come up with this (including time going back and re-reading old C manuals).

On July 4th (the day my evil plan unfolds) I will publish the entire system, code and all, with the original cleartext, and the keyfile. Obviously at that point the code system will be useless, since the NSA will then have the method. But the whole point of this exercise is to prove that those real criminals and real terrorists wishing to evade the NSA will be able to do so, and rather easily. 

If between now and July 4th the NSA does not publish the cleartext for this message, than this will prove my theory that real criminals and terrorists are able to evade the NSA and the NSA spy program is actually intended to keep watch on law-abiding citizens. 

Unlike the Shakespeare quote I hid in an image at my website, you get no clues about this message. There is no "work reduction packet" or LEAF to help them along! I created this on an old obsolete computer with no net connection which is now back in the closet gathering dust.

Let's see if the NSA is really as good as they want you to think they are.