An open source core: the answer to cryptographic back doors?

What is a cryptographic back door?

“A backdoor is an intentional flaw in a cryptographic algorithm or implementation that allows an individual to bypass the security mechanisms the system was designed to enforce. A backdoor is a way for someone to get something out of the system that they otherwise would not be able to. If a security system is the wall, a backdoor is the secret tunnel underneath it.”
How the NSA (may have) put a backdoor in RSA’s cryptography: A technical primer, by Nick Sullivan, January 6th 2014

For any organisation concerned at the possibility of cryptographic backdoors being built into the authentication solution they invest into, open source software (OSS) can be seen as offering an alternative, for several reasons:

  • A closed-source system is easier to contain malicious elements, because OSS has a greater potential of any risk areas being discovered by the open source community.
  • Contrary to the perspective that releasing code benefits attackers because hostile audiences can see OSS code, attackers are able to reverse engineer binary (proprietary) code patches in minutes and generate exploits. Security by obscurity has never been a solid approach. Multiple academic papers demonstrate how easy it is, „in some of the cases they tried, they claimed to be able to create an exploit in minutes after receiving the patch and comparing the patched version of the application with the unpatched version.“ https://isc.sans.edu/forums/diary/The+Patch+Window+is+Gone+Automated+PatchBased+Exploit+Generation/4310/
  • OSS offers the IT security team the opportunity to audit the code and conduct proper due-diligence.
  • OSS gives the IT security team the possibility to even adjust the code to their own needs if possible. Customers can, but do not have to, take part in the development of the code.
  • If source-code is public-available, and a maintainer stops working on it for whichever reason, it still can be developed and maintained by anybody else.

For any organisation concerned at the possibility of cryptographic backdoors being built into the authentication solution they invest into, open source software (OSS) can be seen as offering an alternative, for several reasons. A closed-source system is easier to contain malicious elements, because OSS has a greater potential of any risk areas being discovered by the open source community.

While proprietary vendors have argued that their software is more secure because it is secret, this can be countered with the view that closed source is so easy to use that weak crypto or implementing a crypto back door by selecting fixed numbers as parameters can occur, whilst in OSS this is not possible.OSS offers the IT security team the opportunity to audit the code and conduct proper due-diligence and even adjust the code to their own needs if possible.

With Open Source at its core, LinOTP reduces the risks associated with proporietary software.