OpenBSD founder Theo de Raadt wrote that a firm was probably contracted to put backdoors in OpenBSD project code, but it is unlikely the flaws made it very far if they existed.
The founder of the OpenBSD project said he believes a firm was
"probably contracted" by the government to write backdoors in the
OpenBSD Cryptographic Framework (OCF).
The statement was made
21 by OpenBSD founder Theo de Raadt on the project's mailing list in
response to the ongoing discussion about allegations aired in an e-mail
to de Raadt from former NetSec CTO Gregory Perry. In the e-mail, Perry claimed
that roughly a decade ago, the FBI had developers plant backdoors and side-channel key leaks in OCF.
"I believe that NETSEC [sic] was probably contracted to write
backdoors as alleged," de Raadt wrote. "If those were written, I don't
believe they made it into our tree. They might have been deployed as
their own product."
During the past week, some have criticized
claims, and two people named in his initial e-mail have denied any
involvement in the alleged plot. One of them, Jason Wright, noted in a
message to the OpenBSD mailing list that the code he touched related
"mostly to device drivers to support the framework."
"I don't believe I ever touched isakmpd or photurisd (userland key
management programs), and I rarely touched the ipsec internals
(cryptodev and cryptosoft, yes)," Wright wrote Dec. 15.
Perry, now CEO of GoVirtual Education, told eWEEK in an e-mail Dec. 15 that he stood by his allegations.
"The FBI has been doing this for quite some time now, they have
intentionally weakened the United States' critical infrastructure for
purposes of domestic and international surveillance," Perry wrote. "God
only knows what they are up to these days with their newfound
In his e-mail to de Raadt, Perry alleged the FBI "implemented a
number of backdoors and side channel key leaking mechanisms into the
OCF, for the express purpose of monitoring the site to site VPN
encryption system implemented by EOUSA [Executive Office for United
States Attorneys], the parent organization to the FBI."
According to de Raadt, both Wright and developer Angelos Keromytis
worked at NetSec, which has since been acquired by Verizon, and wrote
code in "many areas we all rely on."
"After Jason left, Angelos (who had been working on the ipsec stack
already for 4 years or so, for he was the ARCHITECT and primary
developer of the IPSEC stack) accepted a contract at NETSEC and while
travelling around the world) wrote the crypto layer that permits our
ipsec stack to hand-off requests to the drivers that Jason worked on,"
he wrote. "That crypto layer contained the...insecure idea of half-IV
that the US govt was pushing at that time."
"Soon after his contract was over this was ripped out," de Raadt
continued. "Soon after this the CBC oracle problem became known as well
in published papers, and ipsec/crypto moved towards random IV
generation (probably not viable before this, since we had lacked a
high-quality speedy PRNG... arc4random). I do not believe that
either of these two problems, or other problems not yet spotted, are a
result of clear malice. So far the issues we are digging up are a
function of the time in history."