NSA report details risks of key-recovery technology

The National Security Agency has prepared a report that may be the first federal government documentation of the potential risks posed by the encryption technology that has been at the center of a raging debate between the Clinton administration and industry.

The report details the potential threats of following a key-

recovery technology, which is an encryption system that uses a so-called back door, which allows users to retrieve the key needed to unscramble encrypted data should they lose the key. Key recovery also would allow law enforcement agents to decode encrypted data after obtaining a court order or other authorization. The FBI has been a forceful proponent of key-recovery technology, arguing that investigations would be impeded without it.

The Clinton administration intends to make a market for key-recovery technology by urging federal agencies to use these encryption systems. At least one bill that is now being considered by Congress would require federal agencies to purchase key-recovery encryption systems for securing data.

But the report, "Threat and Vulnerability Model for Key Recovery," pointed out that certain law enforcement agents and officials operating key-recovery centers could pose the greatest threat to a key-recovery system— and to the users' data, which is encrypted by the system— if proper security mechanisms were not in place.

"A rogue key-recovery agent, because of his high level of access, poses the most formidable threat, although [he] may lack the motivation and risk-tolerance to exploit this access," the report stated. "The law enforcement agent is also trusted with a high degree of access during the recovery process and may be more motivated to exploit this access since he is already in the 'wiretap business.' "

The report said organized crime, foreign intelligence and hackers represent a low risk to key-recovery systems because these individuals lack access. However, a rogue key-recovery agent is more likely to sell his high level of access to these groups or individuals than to work on his own behalf, the report concluded.

Dave Banisar, staff counsel for the Electronic Privacy Information Center, said NSA's report is the first public documentation from a federal entity that outlines potential risks associated with key-recovery technology. A group of leading encryption experts in May 1997 issued a report noting that widespread key-recovery systems would be extraordinarily difficult and expensive to build. That report also noted that the risks of unauthorized disclosures are much higher in a key-recovery system than a system without key-recovery features.

"It certainly raises a lot of issues when you add it to the cryptographers' report," Banisar said. "[NSA is] finally now admitting that there are serious problems with key recovery. It raises the question: Why they have been promoting it all these years." The report was prepared by an NSA analyst at the request of a public/private advisory committee working to develop a standard for federal agency use of key-recovery technology.

The threat that anyone poses to key-recovery systems is a function of how well the application has been designed and operated to address the potential security concerns, according to a statement NSA provided to FCW.

"Key recovery, like any other application, is secure against attacks to the extent that it was properly designed, implemented and operated," according to the statement. "If due consideration is given to the threats and vulnerabilities identified in the paper and appropriate countermeasures are employed for each of the factors identified, there would be minimal risk posed to the resulting key-recovery system."

The major factor in assessing the overall security of a key-recovery system would be the strength of the countermeasures applied "against the full spectrum of threats and vulnerabilities," the report stated.

Peter Neumann, principal scientist at SRI International, Menlo Park, Calif., and one of the cryptographers who authored the report on key-recovery risks, said key-recovery systems are "inherently risky" because of overall weaknesses in the computer operating systems and networking products.

"If they put a total air gap between all the key-recovery systems in the world and the rest of the world, then they could reduce the risks," Neumann said. "As soon as the government creates any access whatsoever to the key-recovery systems, they're vulnerable to the fact that the computer security and network protocols stink."


  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.