June 15, 2014

Certicom fingered in conspiracy to insert back door in standards -- DUAL_EC patents!

In what is now a long running saga, we have more news on the DUAL_EC backdoor injected into the standards processes. In a rather unusual twist, it appears that Certicom's Dan Brown and Scott Vanstone attempted to patent the backdoor in Dual EC in or around January of 2005. From Tanja Lange & DJB:

... It has therefore been identified by the applicant that this method potentially possesses a trapdoor, whereby standardizers or implementers of the algorithm may possess a piece of information with which they can use a single output and an instantiation of the RNG to determine all future states and output of the RNG, thereby completely compromising its security.

The provisional patent application also describes ideas of how to make random numbers available to "trusted law enforcement agents" or other "escrow administrators".

This appears to be before ANSI/NIST finished standardising DUAL_EC as a RNG, that is, during the process. **

Obviously one question arises -- is this a conspiracy between Certicom, NSA and NIST to push out a backdoor? Or is this just the normal incompetent-in-hindsight operations of the military-industrial-standards complex?

It's an important if conspiratorial question because we want to document the modus operandi of a spook intervention into a standards process. We'll have to wait for more facts; the participants will simply deny. One curious fact, the NSA recommended *against* a secrecy order for the patent.

What I'm more curious about today is Certicom's actions. What is the benefit to society and their customers in patenting a backdoor? How can they benefit in a way that aligns the interests of the Internet with the interests of their customers?

Or is this impossible to reconcile? If Certicom is patenting backdoors, the only plausible way I can think of this is that it intends to wield backdoors. Which means spying and hacking. Certicom is now engaged in the business of spying on ... customers? Foreign governments?

In contrast, I would have said that Certicom's responsibility as a participant in Internet security is to declare and damn an exploit, not bury it in a submarine patent.

If so, what idiot in Certicom's board put it on the path of becoming the Crypto AG of the 21st century?

If so, Certicom is now on the international blacklist of shame. Until questions are answered, do no business with them. Certicom have breached the sacred trust of trade -- to operate in the interests of their customers.

** Edited to remove this statement: What is also curious is that Dan Brown is highly active in the IETF working groups for crypto, adding weight to the claim that the IETF security area is corrupted. Dan Brown is a name I've only seen in relationship to IETF WGs, but Stephen Farrell contends he is not activein IETF WGs.

Posted by iang at June 15, 2014 08:13 AM | TrackBack

> "What is the benefit to society and their customers in patenting a backdoor?"

- To the firm, climbing the US DoD ladder, a bit higher.
- To customers, paying the firm for being abused, as usual.

This reflects how far the system has gone away from serving the needs of its users, for the benefit of the merchants and their shareholders.

These things happen when (a) impunity is granted and (b) the only reward is money.

Posted by: Vern at June 23, 2014 10:46 AM
Post a comment

Remember personal info?

Hit preview to see your comment as it would be displayed.