Ethan Heilman • A Brief History of NSA Backdoors.
In response to the recent revelations about the NSA backdooring RSA libraries I’ve compiled a brief, incomplete, history of NSA backdoors. Help me make it better by emailing corrections and additions to ethan.r.heilman@gmail.com.
Update: added Actel backdoor, Update 2: There is a hackernews thread for discussion. Update 3: Added Newly discovered postal inception backdoor installation.
1946-1970, The Ultra Secret: After WW2, the British Empire sold captured German Enigma cipher machines to many allied countries and former colonies1. The US and the UK had broken Enigma but had kept this fact secret so that countries would use these broken ciphers. To clarify: the British sold machines they knew they could break to allied nations, then the US and the UK spied on those countries for nearly 30 years exploiting the weaknesses in those machines.
1957 - Present, The Boris Project: In 1957 William Friedman of the NSA met with his old friend Boris Hagelin. The purpose of their meeting was to begin “the Boris Project”, in which Crypto AG ciphers would be weakened and backdoored so that the NSA could listen to NATO communications (there is some evidence that suggests that the Boris Project predates this meeting). The meeting was first made public in the biography of Friedman, “The Man Who Broke Purple” 2. Further details were made public with the publication of the “The Puzzle Palace” including letters showing Friedman’s concern about direction of the project3. From interviews with ex-employers we know that the addition of backdoors to Crypto AG ciphers occurred no later, and possibility earlier, than the 1970’s and likely continues to the present day4. These backdoors included covert channels that allowed full key reconstruction5.
