Did NSA leave itself an encryption back door?

Is there any better indication of how far our freedoms have eroded than the frequency and vigor with which security experts question the means and motivation behind U.S. government actions purportedly intended to keep us safe? Suspicion of the government has always been natural, of course, but today it has become - quite rightfully - a defense mechanism of the first order.

Our latest example comes from the field of cryptography: Security consultant Bruce Schneier, leaning on analyses from other experts, last week questioned why one of four government-sanctioned random-number generators -- the one "three orders of magnitude slower than its peers" -- includes what "can only be described as a back door."

In addition to the vulnerability, which Schneier says would be enough to spook cryptographers, there is this to know about the suspect random-number generator: It's one of the chosen four only because the National Security Agency insisted.

The back door boils down to a question of who, if anyone, possesses a "secret set of numbers that can act as a kind of skeleton key," according to Schneier:

"Of course, we have no way of knowing whether the NSA knows the secret numbers that break Dual_EC-DRBG. We have no way of knowing whether an NSA employee working on his own came up with the constants -- and has the secret numbers. … Maybe nobody does. … We only know that whoever came up with them could have the key to this back door. And we know there's no way for NIST -- or anyone else -- to prove otherwise."

Which brings us back to distrust: Who at this point is willing to grant the government the benefit of the doubt? You don't have to be a conspiracy theorist to be worried.

Jail for online poker players?

First-term Massachusetts Gov. Deval Patrick is the gambling hypocrite's gambling hypocrite.

Patrick has been something of a hero to those of us in the Bay State who believe that grownups should be able to dispose of their disposable income as they see fit, even if that means blowing it on a game of chance or skill inside of a casino. He's been pushing a controversial plan to open three such gambling houses here, which would spare his constituent gamblers - including poker players like yours truly - the trouble of driving to Connecticut casinos and keep the resultant tax revenue here where it belongs. It's simply the right thing to do.

Now, however, it turns out that Patrick is just another blindingly hypocritical politician who's in the pocket of moneyed special interests: in his case, two moneyed special interests, the casino industry and the treasury department of the state of Massachusetts.

Simply put: Patrick wants to put online poker players in prison - in prison, right there along with the mother rapers and father stabbers - at the exact same moment he's mustering all of his newly won political muscle to build three giant poker rooms in our little state.

"Why is gambling in a casino OK and gambling on the Internet is not?" asked U.S. Rep. Barney Frank. "[The governor] is making a big mistake. He's giving opponents an argument against him."

Of course, he's handing ammunition to opponents of casino gambling. It's an intellectual dishonesty of the highest degree to argue on one hand that it's desirable, even necessary, to build three casinos in this state while at the same time moving to imprison anyone with the audacity to play poker from the privacy of his own Web browser.

Learn more about this topic

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2007 IDG Communications, Inc.