Pre-order the Atlas Obscura Book now and Receive a Free Enamel Pin.
Mini book a30976e9da7a24921cf3be4abf80181ccad21053999e5b9c9eff280eeaa1806b

A Brief History of the U.S. Trying to Add Backdoors Into Encrypted Data

A government agent uses an NSA IBM 360/85 console in 1971 (Photo: Wikimedia Commons/NSA).

It’s been a weird week for America’s most valuable company—a firm whose tech products have such consumer goodwill they got away with forcing us to listen to U2—who is poised to go to court against its own government over its users' right to privacy. The government is invoking an obscure law dating back almost to the founding of the country to force the company to comply. It’d be a pretty good movie.

But it’s just the most dramatic flare-up in a lengthy battle between government officials, cybersecurity experts, and the tech industry over how consumer’s technical data is protected, and whether or not the government has a right to access that information.

In fact, the government has actually won this fight before—secretly. 

Throughout 2015, U.S. politicians and law enforcement officials such as FBI director James Comey have publicly lobbied for the insertion of cryptographic “backdoors” into software and hardware to allow law enforcement agencies to bypass authentication and access a suspect’s data surreptitiously. Cybersecurity experts have unanimously condemned the idea, pointing out that such backdoors would fundamentally undermine encryption and could exploited by criminals, among other issues. While a legal mandate or public agreement would be needed to allow evidence obtained via backdoors to be admissible in court, the NSA has long attempted—and occasionally succeeded—in placing backdoors for covert activities.

An Enigma machine at Bletchley Park, long-rumored to be one of the first backdoored devices (Photo: Flickr/Adam Foster).

One of the most important developments in cryptography was the Enigma machine, famously used to encode Nazi communications during World War II. For years, rumors have persisted that the NSA (then SSA) and their British counterparts in the Government Communications Headquarters collaborated with the Enigma’s manufacturer, Crypto AG, to place backdoors into Enigma machines provided to certain countries after World War II. Crypto AG has repeatedly denied the allegations, and in 2015 the BBC sifted through 52,000 pages of declassified NSA documents to find the truth.

The investigation revealed that while no backdoors were placed in the machines, there was a “gentlemen’s agreement” that Crypto AG would keep American and British intelligence appraised of “the technical specifications of different machines and which countries were buying which ones,” allowing analysts to decrypt messages much more quickly. Consider it a security “doggy-door.”

Next, in 1993, the NSA promoted “Clipper chips,” which were intended to protect private communications while still allowing law enforcement to access them. In 1994, researcher Matt Blaze uncovered significant vulnerabilities in the "key escrow" system that allowed law enforcement access, essentially making the chips useless. By 1996, Clipper chips were defunct, as the tech industry adopted more secure, open encryption standards such as PGP.

In more recent years, the NSA was unequivocally caught inserting a backdoor into the Dual_EC_DRBG algorithm, a cryptographic algorithm that was supposed to generate random bit keys for encrypting data. The algorithm, developed in the early aughts, was championed by the NSA and included in NIST Special Publication 800-90, the official standard for random-number generators released in 2007. Within a matter of months, researchers discovered the backdoor, and awareness that the algorithm was insecure quickly spread, although it continued to be implemented in consumer software Windows Vista. What was really odd, as crypto expert Bruce Schneier explained in a 2007 essay published in Wired, was that Dual_EC_DRBG wasn’t even worth the NSA’s effort:

It makes no sense as a trap door: It's public, and rather obvious. It makes no sense from an engineering perspective: It's too slow for anyone to willingly use it. And it makes no sense from a backwards-compatibility perspective: Swapping one random-number generator for another is easy.

A Chipper clip—one of the NSA's unsuccessful backdoor attempts (Photo: Wikimedia Commons/Travis Goodspeed).

Although the NSA’s effort puzzled crypto experts, documents leaked by Edward Snowden in 2013 proved that the NSA did indeed build a backdoor into Dual_EC_DRBG and paid RSA, a computer security company, to include the compromised algorithm in its software.

These are the incidents that have been proven. There are, of course, numerous theories and insinuations that the NSA has made many more efforts along these lines—from backdoors in Lotus Notes to persistent allegations that Microsoft routinely includes backdoors in its software. Additionally, the Snowden leak proved that the NSA is constantly working to decrypt common encryption standards.

As our lives become more and more dominated by the digital, security experts have become increasingly vocal in their calls for truly secure encryption, and some governments have begun to listen. Holland’s government has agreed not to use backdoors and support open encryption standards, and despite calls to do so in response to the Paris terrorist attacks, France refuses to implement a backdoor mandate. Even former NSA director Michael Hayden has said that backdoors are a bad idea (and he would know). As Apple vs. FBI wends its way through the courts, we are probably far from the end of this public battle. Whatever the results of this landmark case, the NSA’s classified efforts to subvert cryptography will likely continue.