Vint Cerf wanted to make internet secure from the start, but secrecy prevented it
Tells Google Hangout buds that tech was 'classified' at the time...
The NSA acted as a barrier to the rollout of encryption as standard from the very inception of the internet back in the mid 1970s.
Engineers had wanted to add a network encryption layer as part of the original specifications for TCP/IP. Whitfield Diffie and Martin Hellman had published a paper on public key cryptography systems, so the kernel of a technology to make the internet secure was already there. However the algorithms that would have made the idea a practical reality had to wait until Ron Rivest, Adi Shamir and Leonard Adleman published the RSA algorithm in 1977.
Intel agencies including the NSA and GCHQ had already invented public key cryptography systems, but this work remained top secret.
Meanwhile, Vint Cerf, the pioneering internet security engineer, was working on components of a classified NSA at Stanford in the mid 1970s to build a secure, classified internet.
Cerf explained during a Google Hangout session:
I worked with the National Security Agency on the design of a secured version of the internet but we used classified security technology at the time and I couldn't share that with my colleagues. If I could start over again I would have introduced a lot more strong authentication and cryptography into the system.
Video from the key segment of the session can be found here (via YouTube).
Not sharing a fundamental leap forward in privacy communications security technology at the height of the Cold War is understandable if regrettable from the perspective of the current lamentable state of internet security.
Cert's historical footnote does, however, add an extra element to the current debate over the NSA's attempts to weaken encryption schemes and push weak algorithms through schemes like Project Bullrun and the now infamous Dual_EC_DRBG "backdoor".
Former NSA general counsel Stewart Baker, a lawyer rather than a cryptographer, argues that suggestions that his former employer is undermining net security are wide of the mark last weekend. Baker's blog post provoked a feisty exchange with regular sparing partner Jacob Appelbaum, a Tor Project developer, on Twitter. Appelbaum argued the NSA was sabotaging US companies, crypto standards and the US Constitution.
Baker responded that Edward Snowden is "under the thumb" of the Russians and that his revelations about NSA spying tactics are assisting authoritarian government, including the government of Syria.
The exchange can be reviewed here. ®
Sponsored: Becoming a Pragmatic Security Leader