FBI accused of planting backdoor in OpenBSD IPSEC stack [UPDATE 12-22-10]

FBI accused of planting backdoor in OpenBSD IPSEC stack

arstechnica.com

In an e-mail sent to BSD project leader Theo de Raadt, former NETSEC CTO Gregory Perry has claimed that NETSEC developers helped the FBI plant "a number of backdoors" in the OpenBSD cryptographic framework approximately a decade ago.

Perry says that his nondisclosure agreement with the FBI has expired, allowing him to finally bring the issue to the attention of OpenBSD developers.

(visit the link for the full news article)


Related News Links:
www.theregister.co.uk
blog.scottlowe.org

Here is an interesting and timely bit of news; although many may find it somewhat irrelevant considering the current state of the world, the global climate, economy, and general social chaos….

It appears that the US Federal Bureau of Investigations may have been engaging in conduct unbecoming of their self-propagated “White Knight” image. It also shows how disingenuous the political world can be when dealing with the people they represent.

For your amusement, I am using two sources of reporting for this OP, because I found that each report – on the same subject – seemed noteworthy in the manner it brought forth this breaking story.

Set the “way back” machine to some 10 years ago, when all the days were sunny, people were trustworthy, and happiness was running amok in the US.

Allegations that the FBI may have smuggled back doors or weaknesses into openBSD's cryptography have created uproar in the security community.

The opening volley of the Register article, seems most crisp and clear, no?

In an e-mail sent to BSD project leader Theo de Raadt, former NETSEC CTO Gregory Perry has claimed that NETSEC developers helped the FBI plant "a number of backdoors" in the OpenBSD cryptographic framework approximately a decade ago.

ARS Tecnica give us more data in its opening line, but couches it in techno-jargon that may be confusing to some. It also assumes that its readers are familiar with NETSEC… an acronym used to abbreviate the term “Network Security” and is a collective identity for all those professionals and experts who make it their business to be at the cutting edge of the subject.

ARS Tecnica continues….

Perry says that his nondisclosure agreement with the FBI has expired, allowing him to finally bring the issue to the attention of OpenBSD developers. Perry also suggests that knowledge of the FBI's backdoors played a role in DARPA's decision to withdraw millions of dollars of grant funding from OpenBSD in 2003.

The Register seems to amplify the tale….

Former government contractor Gregory Perry, who helped develop the OpenBSD crypto framework a decade ago, claims that contractors were paid to insert backdoors into OpenBSD's IPSec stack around 10 years ago. Perry recently warned the openBSD's Theo de Raadt of the development, years after the event, via an email that de Raadt has published in the spirit of openness.
Perry said he had waited until his ten year NDA with the FBI had expired before coming forward with the claims, which remain unsupported by secondary sources. If true the allegations mean that would have an easy way to tap into supposedly secure VPN links and other technologies based on OpenBSD's crypto stack.

Ah… but what is OpenBSD? The OpenBSD project produces a FREE, multi-platform 4.4BSD-based UNIX-like operating system… efforts emphasize portability, standardization, correctness, proactive security and integrated cryptography. In other words, a free community developed operating system which allows for use on many different kinds of systems.

It is among the hallmarks of ‘public’ (read non-corporate) enterprises… in the spirit of the internet, which started out ostensibly the same way (although the military likes to claim it was their baby; the truth is it was a collegiate-level research project which served immediate communications and subsequently computational needs).

"I wanted to make you aware of the fact that the FBI implemented a number of backdoors and side channel key leaking mechanisms into the OCF, for the express purpose of monitoring the site to site VPN encryption system implemented by EOUSA, the parent organization to the FBI," wrote Perry. "This is also probably the reason why you lost your DARPA funding, they more than likely caught wind of the fact that those backdoors were present and didn't want to create any derivative products based upon the same."

When the Defense Department became aware of the backdoors, they simply pulled all their developmental funding from the project, rather than openly identify the flaw. Clearly the EOUSA (Executive Office for United States Attorneys) mandated the FBI to work to insert the backdoors into the system, intended for privacy encryption.

This seems to indicate that the insertion of the backdoors was classified at the Justice Department level, who apparently had the common sense to let the Defense Department know of the engineered inadequacies of the cryptographic subsystem.
ARS Tecnica continues…

The e-mail became public when de Raadt forwarded it to the OpenBSD mailing list on Tuesday, with the intention of encouraging concerned parties to conduct code audits. To avoid entanglement in the alleged conspiracy, de Raadt says that he won't be pursuing the matter himself. Several developers have begun the process of auditing the OpenBSD IPSEC stack in order to determine if Perry's claims are true.

But our friends at the Register go a bit further…

De Raadt said he had published Perry's email so that those who use potentially affected code can carry out an audit, as well as offering the opportunity for those named in the email to come forward and give their version of events.
In his email, Perry alleges that virtualisation guru Scott Lowe is on the FBI payroll, suggesting this may be behind his recent advocacy of OpenBSD at a technology for VPN and firewall installation in virtualised environments. Lowe denies the charge, saying he never worked for the Feds.

A named accomplice is alleged? Scott Lowe…

Mr. Lowe’s blog flatly denies the association….

blog.scottlowe.org...

Let’s get right to the point and set the record straight: I am not, nor have I ever been, affiliated with or employed by the FBI or any other government agency.

That’s why I was surprised when word surfaced that I had been implicated in some sort of conspiracy regarding a plan to place secret backdoors into an OpenBSD cryptographic framework, and that my recent advocacy of OpenBSD was based on my alleged involvement with the FBI.

I don’t know where the person who started this rumor got his information, but he is sadly mistaken regarding my involvement. Perhaps the other Scott Lowe is involved; I don’t know.

“the other Scott Lowe”?

According to the blog …

The other Scott Lowe writes for TechRepublic.com, and currently works for either Elmira College or Westminster College; I’m not sure which. (I’ve seen both; I think it’s Westminster.)

It’s like a soap opera!

But… back to the main story….

ARS closes:

The prospect of a federal government agency paying open source developers to inject surveillance-friendly holes in operating systems is also deeply troubling. It's possible that similar backdoors could potentially exist on other software platforms. It's still too early to know if the claims are true, but the OpenBSD community is determined to find out if they are.

The Register reports:

In an email exchange with reporter Robert McMillan, Perry said that attempts to plant backdoors in open source code were made by the Clinton administration to "counter to their supposed relaxation of the Department of Commerce encryption export regulations".

Perry's allegations are being taken seriously even though they don't come alongside anything substantial by way of evidence. Whether true or not, the charge of an OpenBSD backdoor has spawned a debate.

OK, this is the OP direction, if you will.

Allegation: Our governmental agencies have engaged in direct sabotage of the development a secure system in the public domain. The Justice Department has had some low-level former FBI agent state it was not so. They were just testing, or experimenting with the idea.

The Clinton administration made political concessions regarding exporting the code which might offer encryption technologies it deemed shouldn’t be shared with some foreign states. They relaxed the code, but only after the code was sabotaged by their federal police.

… These are the people obsessed with keeping their secrets … but wanting full access to ours.

Food for thought.

arstechnica.com
(visit the link for the full news article)

And the NSA had a hand in developing Windows 7 - Surprise Surprise.....

As I understood some modern applications may still use this. If there's any list of compromised software I'd love to see that. Also I could be dead wrong too so correct me if that's the case

Thank you for your OP. I find this to not be suprising one bit. Unfortunately, the Authorities have gone nuts with being paranoid that they have to keep close eyes on everyones computer. Shouldn't we be calling them the tinfoil hatters?

If spying on my computer makes them feel better about themselves, well have fun. I know I'm not paranoid, but I'm glad to see we now know who is.

reply to post by Maxmars


This is the fruits of the Patriot Act. Didn't that take only a month or so to sign that in after 9-11. Without our consent or knowledge, out of the ploy of National Security. Put the pieces together and you have allocation as simple as cameras on every street corner starting with school intersections (first of course), to big brother in the neighborhoods. All privately owned and operated and now with the data storage capacity to spy at a click of a button. Past and present. All done to protect us.

I’ve been using OpenBSD for several years now and I have nothing but good things to say about it.

For those that aren’t aware, the people behind the project are extremely concerned with security, which, if indeed such a backdoor exists in the code, and has managed to survive for over a decade, it means that it’s very elaborate. And we’re talking about an open source project here, one can only imagine how many more things go unnoticed in close source software.

Regarding the question of a previous poster, the people behind OpenBSD are the same that developed, for example, OpenSSH, which is included in practically every modern iteration or version of UNIX/Linux operating systems and the ssh daemon used by default in many, if not all, those systems.

If the backdoor exists in OpenBSD, and as I’ve stated, has managed to survive after all this time, who knows exactly how many other projects and systems are compromised as well; either by the sharing of code or by having been directly compromised by the same people that, allegedly, compromised OpenBSD? Because if there was/is an active effort by some government agency or operatives to compromise an operating system like OpenBSD it would be foolish and naive to think they wouldn’t at least try to compromise other systems as well.

Having said all that, knowing the philosophy of the people behind the OpenBSD project, I’m very skeptical and I find it hard to believe that such a backdoor exists, and I remain unpersuaded by the (lack of) evidence presented so far, but I certainly wouldn’t rule the possibility out.

reply to post by PsykoOps


This compromises the system as whole. IPSEC is part of kernel. If some company use OpenBSD as VPN router, whole company network may be compromised. This is real nightmare.

And they warn us for using pirated software because of the big bad virrii in them hahaha

I never bought a single piece of software in my life apart from some MMO pay2play games and im proud of it. It's totally out of control and they have their fingers in anything. In World of Warcraft for example you now have to agree to Blizzard logging all chat and that it can be subject to "scrutiny" (thank god i dont play this anymore)

Why pay for stuff that's only gonna be used against you anyway..

Jackatmntn has a thread on this topic in General Conspiracies: www.abovetopsecret.com...


Good contributions and additional sources there.... also, those sources got a 'no comment' response from the FBI... whereas our sources included the vague and nondescript "former agent" comment.... check it out!

ALSO - additional update on the matter here: www.osnews.com...

UPDATE

Link 1: cryptome.org...

Link 2: mickey.lucifier.net...

Man oh man, how about a round of applause for the FBI and their Intelligence community associates.....

Their entanglement in this "non-Wikileaks" leak is the stuff of future legend.

From Link 1 we see a more robust set of allegations emerging:

By the way, anybody want to elaborate how Theo de Raadt has been hiding 2 donations accounts from Canadian Tax Revenue Services for years now?

(Paypal and the German account IBAN: DE91 7007 0024 0338 1779 00
BIC: DEUT DE DBMUC
Name: Theo de Raadt
Address: Deutsche Bank, Marienplatz 21
80331 München, Germany

Inside Germany, instead use:

Name: Theo de Raadt
Bank: Deutsche Bank München
BLZ: 70070024
Konto: 338177900

From outside Europe:

SWIFT: DEUTDEDBMUC
Account: 7007 0024 0338 1779 00
Name: Theo de Raadt
Address: Deutsche Bank, Marienplatz 21
80331 München, Germany

Evidently Mr. Gregory Perry is somewhat disturbed at the ripples his disclosure of the Federally-sponsored back-doors inserted into the operating system caused. Apparently his contact in the whole OpenBSD project, Theo de Raadt, should have hesitated before opening up this issue to the common-man. Were I to venture a guess, I think in doing so, Theo potentially exposed Gregory to some repugnant government agency behavior... more on that later.

This time pipeline.com has picked up the government fumbled ball and is sprinting down field searching for the goal-post of justice (good luck with that, truly.)

Mr. Perry seems to hold Theo in high regard, despite the release of the email to the public, and were I an acquaintance of their I would suggest that Theo's actions may have been precisely the right thing to do in order to avoid any further possibility of subterfuge in the matter, especially in light of the allegations.

Many, many commercial security products and real time embedded systems are derived from the OpenBSD Project, due to Theo's liberal BSD licensing approach contrasted with other Linux-based operating systems licensed under the GPL. Many, many commercial security products and embedded systems are directly and proximately affected by any lapse in security unintentional or otherwise by the OpenBSD Project. Almost every operating system on the planet uses the OpenSSH server suite, which Theo and his team created with almost zero remuneration from the many operating systems and commercial products that use it without credit to the OpenBSD Project. Given the many thousands of lines of code that the IPSEC stack, OCF, and OpenSSL libraries consist of, it will be several months before the dust settles and the true impact of any vulnerabilities can be accurately determined; it's only been about 96 hours since their source code audit commenced and your recent article points to at least two vulnerabilities discovered so far.

.

((OP NOTE: Emphasis mine))

Link 2:

This may be the reason Mr. Perry is concerned... what we have here is a former associates' comments on the matter.... he opens and closes with a bang.

These are the words of "Mickey" under the heading.... how i stopped worrying and loved the backdoor

first of all i have to mention that netsec involvement was indirectly one of the first financial successes of theo de raadt (later mr.t for short) as the sale of 2500 cds through the EOUSA project (one for each us-ins office in the country) brought openbsd to profitable state and allowed mr.t to finance his living by means of the openbsd project.

Point of Interest: "sale" of 2,500 Certificates of Deposit
Point of Interest: Unites States - Immigration and Naturalization Service Office (us-ins)

The INS no longer exists. U.S. Citizenship and Immigration Services (USCIS) is the current name of the agency that administers immigration and naturalization services in the U.S. On March 1, 2003, after the Homeland Security Act of 2002 came into law, former INS functions were placed under three agencies within the newly-created Department of Homeland Security: USCIS, Immigration and Customs Enforcement (ICE), and Customs and Border Patrol (CBP).

I don't know how many offices of the INS existed at the time of these alleged shenanigans, but for now, let's just avoid being sidetracked by the involvement of the DHS and how it created three from one agency.

Point of interest: EOUSA.... remember them? Quoting my earler post here.....

When the Defense Department became aware of the backdoors, they simply pulled all their developmental funding from the project, rather than openly identify the flaw. Clearly the EOUSA (Executive Office for United States Attorneys) mandated the FBI to work to insert the backdoors into the system, intended for privacy encryption.

This seems to indicate that the insertion of the backdoors was classified at the Justice Department level, who apparently had the common sense to let the Defense Department know of the engineered inadequacies of the cryptographic subsystem.

OK Mickey... you have our attention:

....perry mentioned the parts involved were ipsec(4)) and crypto(4)) framework and the "gigabit ethernet stack." but see? there is no such thing as "gigabit ethernet stack." moreover back then all the gigabit ethernet drivers came from freebsd....

At this point I thought "I guess Perry's full of crap..." but then I read further....


Mickey then points to the ostensibly true author(s) of the core stack for cryptosecurity.... demonstrating that it was not really subjected to 'oversight' at all, and in fact, the true source was never clearly 'disclosed.' But let's move forward a bit...

...primary goal was to hack on the OCF (crypto framework in openbsd). this does not affect crypto algorithms you'd say right? but why try to plant subtle and enormously complicated to develop side channels into math (encryption and hashing) when it's way easier to just make the surrounding framework misbehave and leak bits elsewhere? why not just semioccasionally send an ipsec(4)) packet with a plain text key appended to it? the receiver will drop it as broken (check your ipsec stats!) and the sniffer in the middle has the key! how would one do it? a little mbuf(9)) underflow combined with a little integer overflow. not that easy to spot if more than just one line of code is involved. but this is just a really crude example. leaking by just tiny bits over longer time period would be even more subtle.

If I follow correctly, he demonstrates the ease of corrupting the framework in communications to defeat any security whatsoever by means of divulging within data that normal systems ignore, keys to the kingdom....

here are just some observations i had made during ipsec hacking years later... some parts of ipsec code were to say at least strange looking. in some places tiny loops were used where normally one would use a function (such as memcpy(3)) or a bulk random data fetch instead of fetching byte by byte. one has to know that to generate 16 bytes of randomness by the random(4) driver (not the arc4 bit) it would take an md5 algorithm run over 4096 bytes of the entropy pool. of course to generate only one byte 15 bytes would have to be wasted. and thus fetching N bytes one-by-one instead of filling a chunk would introduce a measurable time delay. ain't these look like pieces of timing weaknesses introduced in ipsec processing in order to make encrypted data analysis easier? some code pieces created buffer underflows leaving uninitialised data or in other words leaking information as well.

Granted, this may seem somewhat technically difficult for the uninitiated, but consider this, in a secure data stream timing is crucial. If you can crate a 'lag' between the time that the data is broadcast, and the time it is delivered (before it is 'read') you can use that time to slice out information from the stream, slowly doling out - bit by bit - the encryption key to the stream.... assuming you know exactly how the stream "noise" - purposely dropped packets are structured and how to reassemble them.... nes pa?

The user function is none the wiser, since the packets that were 'dropped' never get to the host system.

meanwhile in calgary... wasting no time netsec was secretly funnelling "security fixes" through mr.t that he was committing "stealth" into openbsd tree.

Theo de Raadt had become instrumental in trying to contain the integrity of the security hardening in OpenBSD. But on the presumption he was not complicit, it appears that effort was usurped by others.

"stealth" means that purpose of the diffs was not disclosed in the commit messages or the private openbsd development forums except with a few "trusted" developers. it was a custom to hide important development in the openbsd project at that time due to a large netbsd-hate attitude

This makes sense, especially considering that corporations like Unisys, Microsoft, IBM, and their ilk hate the idea of effective operating systems existing out there without their direct control of the code.

Mickey adds:

after all "security" was one of the main important keywords that were separating openbsd from netbsd back then. as we can see holding this funnel for netsec is putting mr.t on the payroll also.

This opinion may prove to be false, but either way, it is clear he is corroborating there are weaknesses in the crypto scheme and since it was someone's job to oversee security, it puts them in the middle of it; whether Theo wants to be there or not.

actually it would be all too easy to spot the malicious code if it all be in the publicly-available sources. this leads us to believe that bits of the solution were in the hardware. unsurprisingly netsec was producing their own version of hifn(4) crypto accelerator. unfortunately hifn was refusing to disclose full docs for their their hifn7751 chip and that prevented the driver from being included in the openbsd base system.

Network firmware and hardware is usually of course, proprietary. Without knowledge of the hardware machine code, which tells you exactly how the machine manipulates and responds to the packet stream, you have to rely on a software solution which will be necessarily slower and use more processing resources.

...it was without any help from anybody else except for mr.t ... and that worked. this was to show hifn that their "protection" is crap on the stack. the driver for the devices was written by mr.j who had access to public docs that lacked the "unlocking" sequence. this allowed netsec to start deploying their hifn(4)-based cards which by no doubt were a part of the side-channel scheme.

If we were to pretend that this were being professionally investigated, we might find that the "hifn" hardware group was equally exposed to the 'FBI" and their 'intentions.'

about the same time at the bazaar show in nyc i was contacted by a representative of us-ins and a ukrainian millitary attache at un. both investigating my involvement with openbsd. a few months later i was offered an interview for a position at the fbi office for cyber-warfare in nyc who as well offered to fix my immigration status (or none thereof at the time

Oooh ... I love it when things get "international."

soon enough due to professional contacts of mr.a the darpa grant for the openbsd was materialised. this was for two years work on various crypto technologies to be integrated in openbsd.

Hmmm, so the funding we are seeing being yanked happened even AFTER the NETSEC problems might have already been inserted into the project?

alot of the code resulting from the work sponsored by the grant still is in the repository except for parts that were done just for the noise and uncommitted later. of course no wander that darpa grant was spent primarily on mr.t and mr.j. i would expect mr.a was on benefit indirectly. three other developers on the payroll i suppose had to be there such it would not look completely obvious as a payment to mr.t and mr.j. initially mr.t offered me a position on it too but due to upenn.edu restrictions i could not be involved legally (as you can remember i had an expired immigrant status in the country of u.s. of a.).

I suspect that there is some personal resentment prompting this 'financial benefit' stuff.... grants and stipends from government projects can be a tricky business depending on what 'pot' they come out of, but I won't linger on this because the best part is below....

... this was slightely disappointing as i had to spend money for coming all the way to philly for the meeting and as it seems for nothing. at least my trip to the following usenix anu-tech in monterey was payed by the moneys from the grant. at the time it only looked kinda funny to travel on the enemy capitalist government's budget

monterey by itself has not much of excitement but for the beach scenery and the cia agents for eastern-europe training camp. that would explain body search at the grayhound bus boarding (this was before the post-2001 scare) which ignored the knife and a whisky bottle i had in my pockets.

I gather we can determine exactly where Mickey is from? CIA training is likely to be a misnomer. Most agencies require out of country agents to undergo language and other training and that is usually not the cloak-and-dagger kind.... especially in San Fransisco... hardly a secure location.

before going to monterey and while exploring the beauty of san francisco i was contacted once by a us navy intelligence officer who seemingly unintentionally appeared next to me at the bar. later on my way back during a short stay in chicago also randomly appearing fbi agent. fellow was ordering food and beer for me and just like his navy pal gave me a warning to keep my mouth shut!

Bingo... the old "keep your mouth shut Mickey!" ploy..... I wonder if the Ukrainians are always treated so disrespectfully in the intelligence community?

Hey Mickey... we're not your enemy, and neither is capitalism; it's just the old farts who either think with their wallets or their .


Thanks for indulging my update!

MM

references: