Former NSA chief undercuts FBI’s desire for encryption backdoors

Michael Hayden knows what he’s talking about and says no to crypto backdoors for law enforcement

The former head of the NSA says the U.S. is better served by strong encryption than it would be by encryption schemes with backdoors that allow law enforcement to decrypt the content of communications, according to reports, and he should know.

Under Michael Hayden’s watch as director of the NSA, the agency exploited back doors into phone switches in Greece in order to spy on calls including those made by the Greek prime minister and the mayor of Athens.

The legal-intercept capabilities baked into the switches are supposed to be used only under strict legal supervision, but they can be abused. According to a story by James Bamford for The Intercept, documents stolen by Edward Snowden help show that the NSA took unauthorized advantage of legal-intercept backdoors in the Greek phone system to eavesdrop on what calling parties assumed would be private communications.

Despite finding such built-in weaknesses useful to the NSA, Hayden still opposes requiring that encryption keys used for private communications be available to law enforcement under supervision.

What Hayden said was the U.S. is “better served by stronger encryption, rather than baking in weaker encryption,” according to a report by Motherboard, quoting remarks he made on a panel at the Council on Foreign Relations in New York. In questioning afterward, he said he “would not support [FBI] Director [James] Comey’s demands for access,” the Motherboard story says.

That goes directly against the wishes of the head of the FBI who says carefully controlled backdoors are needed in order to catch criminals, particularly terrorists. That also puts Hayden at odds with the current NSA chief Mike Rogers, who also wants backdoors.

There are a lot of good reasons to oppose a mechanism whereby law enforcement and intelligence agencies can get encryption keys used to keep communications secret. They include destroying the value of encryption, creating problems for vendors of encryption gear and encouraging laws in other countries that would work against the interests of U.S. organizations.

But according to Hayden, one might add to the list the fact that the NSA tried and failed to get this type of backdoor 20 years ago - yet made do without. He took over at the NSA shortly after the end of the Crypto Wars, the 1990s fight over the Clipper Chip that provided a means to crack communications encrypted by devices that use the chips.

Regardless, the agency managed to get information it wanted. “In retrospect, we mastered the problem we created by the lack of the Clipper Chip,” the Motherboad story quotes him as saying. “We were able to do a whole bunch of other things. Some of the other things were metadata, and bulk collection and so on.”

(Bulk collection of phone-call meta data enabled the NSA to see who called whom, when and for how long. It didn’t reveal content of conversations but it did draw a good picture of relationships among individuals that proved useful in solving crimes.)

Hayden’s voice on this issue is particularly powerful because of his experience in both having access – albeit illegally – to private communications, and having to make do without it. Given all the downsides of baked-in crypto weaknesses, he should be listened to.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2015 IDG Communications, Inc.

SD-WAN buyers guide: Key questions to ask vendors (and yourself)