A Cryptologist's Critique of NSA Reforms

Email a Friend
Army Gen. Keith Alexander, commander of U.S. Cyber Command, director of the National Security Agency and chief of the Central Security Service, in Baltimore, Maryland June 27, 2013.
From and

Tomorrow, President Barack Obama will reveal his plans to reform the National Security Agency (NSA), guidelines he began to devise only in the wake of Edward Snowden's revelations about the NSA's expansive surveillance programs. 

In a somewhat ironic twist, a number of the president's NSA reforms have already been leaked. As Takeaway partner The New York Times reports, while Obama plans to embrace some of the changes advocated by the civil liberties community, many of the NSA's surveillance programs will remain untouched.

Senator Diane Feinstein, chair of the Senate Intelligence Committee, explained why in a conversation with Takeaway Washington correspondent Todd Zwillich. Sen. Feinstein says that her committee believes that the program is lega.

"I am hopeful that the program will be sustained by the president, maybe in a slightly different form," she tells The Takeaway. "And I think for the president to take action is absolutely acceptable—I may disagree with it, I don't know because I don't know what the action would be—but I think that's the proper thing."

Cryptologists and computer science researchers have their own opinions about how best to protect the American public, and because they design many of the privacy programs that the NSA has thwarted, they have a unique perspective on how best to reform the agency. 

Last spring, Joseph Bonneau, a recent Ph.D. in cryptology, won the NSA's Best Scientific Cybersecurity Paper award for his work on passwords and encryption. While he accepted the award, he used the platform to speak out against the Agency. Today, Bonneau is a fellow at Princeton University's Center for Information Technology Policy.

"Most people working in cryptography independently of the government sector probably would go much further in criticisms of the NSA than I think the public generally has," says Bonneau. "The biggest problem right now is that there's so much that we still don't know—it's hard on a technical level to say how bad the problem is. I think what we've seen in the past year has confirmed some of the worst fears that the tech community has about what the NSA is up to. It's possible that there's a whole lot more there that we just don't see right now."

The cryptologist adds that the information revealed by Snowden might just be the tip of the iceberg, which makes it difficult to make an independent, informed assessment of the agency and its practices. 

Bonneau had mixed feelings about accepting an award from an agency he is critical of. However, he says the accolade provides him a platform to speak out against the NSA.

"In all probability, I think the NSA is going to have to be either split up or abolished or completely changed in terms of the government oversight of it," he says. "The fact that I was still able to say that after winning the award hopefully put enough distance between myself, my own views and the agency that sponsored the award."

In the world of cryptography, there has been a longstanding relationship between the academic community and the NSA, but the revelations of Snowden have put a strain on the relationship between scholars and the agency. While the NSA has helped make cryptographic standards better, the academic community has been suspicious that the agency has been subverting or weakening crypto-technology without the public's knowledge. 

"It's a pretty tortured relationship—it's been uneasy for a long time," says Bonneau. "I think going forward it's basically impossible for any productive collaboration to happen between the NSA and academic community—the trust is just completely gone."

Bonneau adds that in light of the Snowden revelations, the academic community is now actively working to build and develop cryptographic tools that will withstand the NSA.

"We'll have to assume that the NSA is actively working against what academic researchers are generally trying to achieve," he adds.

What are people inside the NSA saying about Snowden's revelations? Listen to the full interview to find out.