Could An Encryption Backdoor Tied To The NSA Have Let In Foreign Spies?

A Congressional committee is probing the origin and impact of a Juniper Networks firewall security hole on government systems.

Could An Encryption Backdoor Tied To The NSA Have Let In Foreign Spies?
[Photo: Flickr users Håkan Dahlström, Christiaan Colen]

A Congressional committee has begun to investigate the potential impact of a Juniper Networks firewall security flaw discovered in December on government systems–even as some researchers suggest the hole may be the unintended consequence of a National Security Agency backdoor into the systems.


The House Oversight Committee has asked 24 federal agencies to explain whether they used any systems running Juniper’s ScreenOS, the operating system with the vulnerabilities, and whether they’ve installed Juniper’s patch or taken other steps to protect their systems.

“The federal government has yet to determine which agencies are using the affected software or if any agencies have used the patch to close the backdoor,” wrote Rep. Will Hurd, R-Tex., in an op-ed published in the Wall Street Journal and on the committee’s website last week. “Without a complete inventory of compromised systems, lawmakers are unable to determine what adversaries stole or could have stolen.”

Hurd is the chairman of the IT Subcommittee on Oversight and Government Reform and a member of the House Homeland Security Committee.

Juniper announced in December it had discovered “unauthorized code” introducing vulnerabilities into its Netscreen firewalls, potentially foreign hackers trying to secretly decrypt VPN traffic through the firewalls. The company said last month that its investigation into the origin of the code is still underway, and a spokesperson declined to comment further Tuesday.

Since the security flaw was discovered, researchers have suggested it could be the work of the NSA or another spy agency, or the unintended consequence of a backdoor placed by the NSA. The firewalls encrypt VPN traffic using randomized keys generated by an algorithm called Dual_EC_DRBG, which was developed by the National Institute of Standards and Technology with the help of the NSA. Reports in 2013, based on materials leaked by Edward Snowden, suggested the agency had inserted a backdoor into the algorithm, letting it predict random numbers generated by the routine and thus decode messages the keys are used to encrypt.

Juniper has said that it uses different values of a particular mathematical parameter, known as Q, than that recommended in the NSA-influenced standard, making it immune to that particular attack, according to a December blog post by Matthew Green, an assistant professor of Computer Science at Johns Hopkins University. Researchers have found that eavesdroppers with control over the value of Q can potentially break codes based on keys generated by the algorithm, Green wrote.


And part of the effect of Juniper’s patch was apparently to revert the value of Q to one used in previous versions of the firewall software, implying that the unauthorized code may have changed the parameter’s value to a vulnerable one, Green wrote. But even the newly restored, previous value of Q could be of concern to Juniper’s customers, he said at the time, since it was unclear how it had been chosen.

Since then, Juniper has pledged to replace the Dual_EC algorithm altogether with one used in other software that it’s determined is not vulnerable.

The uncertainty around the origin of the vulnerability seems to highlight the risks of the kind of security backdoors some politicians and law enforcement officials have said are necessary to enable government surveillance of encrypted communication. Security researchers and privacy advocates have long argued that it’s effectively impossible to build a backdoor letting government officials eavesdrop without jeopardizing the privacy of everyday users and businesses.

So far, the Obama administration has declined to take steps to require makers of encryption software to install such backdoors, and companies from consumer device makers like Apple to commercial networking suppliers like Cisco have adamantly declined to insert them voluntarily. And the Juniper flaw, regardless of the details, shows that such backdoors are “extremely dangerous,” Hurd wrote.

“There is no way to create a backdoor that is not vulnerable to this kind of breach,” he wrote. “Encryption is essential to our national security and economy; we should be focused on strengthening it not weakening it.”


About the author

Steven Melendez is an independent journalist living in New Orleans.