Re: Alleged backdoor in OpenBSD's IPSEC implementation.

[Ben <sixtwelveohtwo () gmail com>]

On Wed, Dec 15, 2010 at 9:00 AM, Stefan Fouant <
sfouant () shortestpathfirst net> wrote:

> > -----Original Message-----
> > From: mikea [mailto:mikea () mikea ath cx]
> > Sent: Wednesday, December 15, 2010 8:28 AM
> > To: nanog () nanog org
> > Subject: Re: Alleged backdoor in OpenBSD's IPSEC implementation.
> >
> > > Someone is confusing FBI with NSA, methinks. And yes, if this is
> > > the kind of thing not talked about, "NDA"s expire when you do. But
> > > seriously ... this would seem to be the kind of code that Smart
> > People
> > > should be doing security audits on Just Because.
> > >
> > > So rustle up a couple of PostDocs, and give them an idea for a
> > Thesis,
> > > and yer set.
> >
> > More to the point, I think it wouldn't be an NDA, but a security
> > classification on the knowledge of the backdoors, and probably one not
> > subject to automatic downgrading.
>
> Please pardon my ignorance on the matter as I am not involved in any way
> with Open Source development, but it stands to reason that anything of this
> sort would have been scrutinized by the many developers involved with
> OpenBSD and surely would have been discovered at some point.  And to
> further
> that point, is this not something that can be verified now if this code is
> still in the public domain?  Or is writing a crypto stack such an esoteric
> task that only a relegated few can possibly decipher the inner workings?
>
> Not that I don't love a good government conspiracy theory, and yes I do
> believe there are a fair amount of backdoors in most code (including that
> of
> many private and publicly held corporations)... but open source?  Just
> seems
> unlikely to me based on my limited understanding...
>
> Stefan

Stefan,

   I wouldn't want to debate whether or not this specific theoretical "back
door" exists (since it seems to be less than marginally credible at this
point,) but it is more plausible than you might think.

   I believe that most of us a fairly static situation that we think of when
we hear "back door" as it pertains to technology and software. This,
however, is an alleged "back door" (though perhaps describing it as a
weakness is less likely to elicit tin-foil-hat-type predictions) in the
crypto. There are tons of brilliant developers in the open source *and*
commercial community that could spot a back door in the *code* in a
heartbeat. The alleged weakness here, however, is far more likely to be a
mathematical weakness in the actual crypo algorithms which wouldn't stand
out to most developers - even the top-end folks.

   Ultimately, it will probably come down to crypto-nerds and mathematicians
to verify the algorithms that were used rather than just putting great
programming eyes on the code. Such things have happened before, though with
much less fanfare to the general community. For example:
http://www.schneier.com/blog/archives/2007/11/the_strange_sto.html

// Ben S.