Former NSA tech chief: I don't trust the cloud

The former National Security Agency technical director told the RSA Conference he doesn't trust cloud services and bluntly admonished vendors for leaving software vulnerabilities unpatched sometimes for years.

Speaking for himself and not the agency, Brian Snow says that cloud infrastructure can deliver services that customers can access securely, but the shared nature of the cloud leaves doubts about attack channels through other users in the cloud. "You don't know what else is cuddling up next to it," he says.

Snow was speaking as a member of the annual cryptographers panel at RSA Conference. Another panelist said he doesn't trust clouds either, but his reluctance was based upon worry about what NSA might be up to.

Adi Shamir a computer science professor at Israel's Weizmann Institute of Science and also the "S" in the RSA encryption algorithm, warned against trusting cloud computing services for the same reason he suspects the confidentiality of transmissions over telecom networks and the Internet. He says the phone systems are secure, but that major crossroads in their networks are tapped by the NSA. "There's a pipe out of the back of an office at AT&T in San Francisco to NSA," he said.

Government access to assets entrusted to public cloud providers will be similar, he says. He suspects in some cases cloud providers will be companies influenced by government spy agencies, similar to the way Crypto AG security gear gave the NSA backdoor access to encrypted messages sent by foreign governments that had bought the gear. "Please don't use Cloud AG," he said.

On another topic, Snow said many commercial applications and security products contain known flaws or shortcomings that users accept without understanding them or analysing them thoroughly. That trust is similar to the trust investors had in unsound Wall Street derivative investment products, he said. Just as the country's financial markets melted down last year, he said network security could face a "trust-bubble meltdown".

He alluded to a 17-year-old Microsoft vulnerability that went unpatched. Fixing such problems before they are exploited gives vendors a commercial advantage, so they should do so. "Fix vulnerabilities before you first smell an attack," he said. "End of message."

Also during the panel, Snow acknowledged that cryptographers for the NSA have been losing ground to their counterparts in universities and commercial security vendors for 20 years but still maintain the upper hand in the sophistication of their crypto schemes and in their ability to decrypt.

"I do believe NSA is still ahead, but not by much - a handful of years," said Snow, the former technical director for the agency. "I think we've got the edge still."

He said that in the 1980s there was a huge gap between what the NSA could do and what commercial encryption technology was capable of. "Now we are very close together and moving very slowly forward in a mature field," Snow said.

The NSA has a deep staff of Ph.D. mathematicians and other cryptographic experts to work on securing traffic and breaking codes, and also has another key advantage. "We cheat. We get to read what [academics] publish. We do not publish what we research," he said.

Whitfield Diffie - the Diffie in Diffie-Hellman key exchange - said the NSA lead might have to do with the fact that some cryptography problems are out of bounds for academics, such as nuclear command and control platforms.

"It would be illegal, expensive and frustrating to do," said Diffie, who sat on the cryptographers' panel. Any work done privately would be immediately be classified and the researchers would be unable to discuss it publicly or claim credit, he said.

Plus the demands of commercial cryptography don't allow for the thoroughness of refinement that is the hallmark of NSA work, he said. There are practical issues - such as developing products quickly that can be sold to business as valuable assets - that NSA doesn't face.

Snow's claim of NSA superiority seemed to rankle. He noted that when the titles of papers in NSA technical journals were declassified up to 1983, there were none that included public key encryption. "That demonstrates that NSA was behind," Shamir said.

But Snow said that perhaps the topic was written about, only under another name. When technologies are developed separately in parallel, the developers don't necessarily use the same terms for them, he said.