Snowden’s revelations unsettled many mathematicians - but not enough to sever ties with NSA

John Bohannon 13 February 2015

Each year, recruiters from the National Security Agency (NSA), said to be the largest employer of mathematicians in the United States, visit a few dozen universities across the country in search of talent. It used to be an easy sell.

“One of the appealing aspects that they pitch is that you’ll be working on incredibly hard and interesting puzzles all day,” says one mathematician who requested anonymity. In the wake of the September 11 terrorist attacks, he adds, “I felt that if there was any way I could use my mathematical ability to prevent such a thing from ever happening again, I was morally obligated to do it.” Several times over the past decade, he has set aside his university research to work for the agency.

Lately, however, that sense of moral clarity has clouded for some mathematicians, and the recruiters’ task has become more complicated. In 2013, former NSA contractor Edward Snowden began releasing documents revealing, among other things, that the agency has been harvesting email and phone records from ordinary American citizens on a massive scale. The NSA may have also purposefully compromised a mathematical standard used widely for securing personal computers the world over.

The revelations unsettled the anonymous mathematician. “For people who share my motivations,” he says, “the ethics of the NSA’s mission matter a great deal.” The news has also roiled the mathematics community and led some to question its long, symbiotic relationship with the spy agency, which nurtures budding mathematicians in school, supports the field with research and training grants, and offers academic mathematicians the chance to take part in the murky world of spy craft.

Mathematician David Vogan, of the Massachusetts Institute of Technology in Cambridge, who finishes his term as president of the American Mathematical Society (AMS) this week, has urged the society to rethink its long-running, close-knit ties with the agency - though he won little support from other AMS officials.

In a sign of the difficulty of convincing the most talented mathematicians and computer scientists to work for the agency, NSA director Admiral Michael Rogers has hit the road himself to make the pitch. “Many of you are potential future employees that I want to compete for,” he told an audience at Stanford University in Palo Alto, California, last November. “The biggest challenge for us … is getting people in the door in this environment.”

A student asked what the NSA offers to researchers who may be “disillusioned by the US government”. In a reply that may not have helped, Rogers listed both the chance to “serve the

Vogan says: “The NSA needs mathematicians like a papermaker needs trees.” The number of mathematicians employed by the agency cannot be verified. But its total staff is known to be in the tens of thousands, and its official mission - to design cryptologic systems for protecting US information while exploiting weaknesses in the information systems of foreign countries - is deeply mathematical. Since the NSA was established in 1952, it has engaged in a mathematical arms race, with ever more sophisticated codemaking and code breaking. As the NSA has long stated, it has a vested interest in keeping a healthy domestic mathematics community.

Like the rest of its activities, the full extent of NSA’s involvement with academia is secret. “We do not release specific budgets for programmes,” the agency’s public affairs office said in response to queries. Even the total annual budget that Congress provides the agency is classified; estimates range from US$8 billion to US$25 billion.

Only one line item in the NSA budget is publicly reported each year, and only because it involves a grants programme for which AMS provides peer review. Through its mathematical sciences programme, the agency will spend US$4 million this year on research grants, summer internships for undergraduates, sabbaticals for university professors to work at NSA, and mathematical conferences. It’s a pittance compared with the more than US$400 million that mathematicians receive each year from other federal agencies. But for a handful of areas that benefit, such as number theory and probability “it’s not a trivial amount of money”, Vogan says.

A close relationship

The fruits of NSA support are readily found in academic journals. “It is expected that you will acknowledge the funding in your papers,” says Egon Schulte, of Boston’s Northeastern University, whose research in combinatorics is supported by an NSA grant. That makes it possible to directly track the academic output of NSA funding.

An analysis by Science shows that NSA-supported research output grew steadily through the cold war and the fall of the Soviet Union, dropped briefly between 1999 and 2002, then mushroomed in the wake of 9/11. In 2013, more than 500 papers acknowledged NSA support.

But grants for individual researchers are only a tiny portion of NSA’s support for mathematics. Documents the agency shared with Science describe a range of programmes, from STEM (science, technology, engineering, and mathematics) education in schools to research labs at universities. NSA experts give talks and judge science fairs. Grants support science summer camps and school maths clubs and computer labs. The NSA’s GenCyber programme brings talented high school students to universities to focus on “cyber-related education and careers” with help from NSA experts.

The outreach helps the agency develop a close relationship with the brightest mathematicians at the start of their careers.

At the 55 universities designated by NSA as Centres of Academic Excellence, a full-time NSA “representative” is embedded on campus. According to the documents provided to Science, they serve as the “gateway” for the agency to “influence research and research partnerships that will impact the cyber world and workforce in the future”.

This relationship with academia stirred little controversy until recently, says Thomas Hales, a mathematician at the University of Pittsburgh in Pennsylvania. “Everyone knows colleagues who have worked for the NSA,” he says. After stints at the agency, “they seem to get amnesia about what they were working on,” he quips, but with few exceptions, “no one really cared”. That changed in 2013, when mathematicians got a glimpse of how the NSA used some of their work.

In the wake of the Snowden revelations, most of the attention focused on NSA’s harvesting of data from citizens. But it is a more obscure exploit that concerns many mathematicians: what they see as an attack on the heart of internet security.

When you check your bank account online, for example, the information is encrypted using a series of large numbers generated by both the bank server and your own computer. Generating random numbers that are truly unpredictable requires physical tricks, such as measurements from a quantum experiment. Instead, the computers use mathematical algorithms to generate pseudorandom numbers. Although such numbers are not fundamentally unpredictable, guessing them can require more than the world’s entire computing power. As long as those pseudorandom numbers are kept secret, the information can safely travel online, protected from eavesdroppers - even the NSA.

But the agency appears to have created its own back door. The computer industry routinely adopts security standards approved by the US National Institute of Standards and Technology (NIST). But in 2006, NIST put its seal of approval on one pseudorandom number generator - the Dual Elliptic Curve Deterministic Random Bit Generator, or DUAL_EC_DRBG - that was flawed. The potential for a flaw was first identified in 2007 by Microsoft experts. But it received little attention until internal NSA memos made public by Snowden revealed that the NSA was the sole author of the flawed algorithm and that the agency worked hard to make sure it was adopted by NIST.

“[An] algorithm that has been designed by NSA with a clear mathematical structure giving them exclusive back door access is no accident,” Hales wrote in an open letter published by AMS in February last year. He says that since then, “my conclusions have been reinforced by other sources”. For example, a July 2014 NIST report suggested that NIST was all but following the agency’s orders. “NSA’s vastly superior expertise on elliptic curves led NIST to defer to NSA regarding DUAL_EC,” the report said. Academic research has also revealed that the flaw is easier to exploit if the targeted computer uses other security products that were designed at the NSA’s request. NIST dropped its support for the faulty standard last April.

Some defended the agency. In an open letter in AMS’s online journal, Richard George, who describes himself as a mathematician who worked for the NSA for 41 years, declared that his NSA colleagues “would not dream of violating US citizens’ rights”, although “there may be a few bad apples in any set of people”. As for the NSA’s engineering of a back door into personal computers, George wrote: “I have never heard of any proven weakness in a cryptographic algorithm that’s linked to NSA; just innuendo.”

On the AMS journal, the revelations triggered a sharp debate about whether the society should cut its ties with the agency. Alexander Beilinson, a mathematician at the University of Chicago who helped spur the discussion, argued that the society should completely wash its hands of the NSA. The scale of the domestic spying and software tampering makes the US seem like “a bloated version of the Soviet Union of the time of my youth”, he says. Vogan was outraged as well. “The NSA may have deliberately broken commercial encryption software,” he says. “I see this activity as parallel to falsification of medical research for profit: as an individual wrong action, which damages permanently the position of science in the world.”

But after all was said and done, no action was taken. Vogan describes a meeting about the matter last year with an AMS governing committee as “terrible”, revealing little interest among the rest of the society’s leadership in making a public statement about the NSA’s ethics, let alone cutting ties. Ordinary AMS members, by and large, feel the same way, he adds. For now, mathematicians aren’t willing to disown a shadowy but steadfast benefactor.

## 4 comments:

The numbers game: mathematicians and NSA

Snowden’s revelations unsettled many mathematicians - but not enough to sever ties with NSA

John Bohannon

13 February 2015

Each year, recruiters from the National Security Agency (NSA), said to be the largest employer of mathematicians in the United States, visit a few dozen universities across the country in search of talent. It used to be an easy sell.

“One of the appealing aspects that they pitch is that you’ll be working on incredibly hard and interesting puzzles all day,” says one mathematician who requested anonymity. In the wake of the September 11 terrorist attacks, he adds, “I felt that if there was any way I could use my mathematical ability to prevent such a thing from ever happening again, I was morally obligated to do it.” Several times over the past decade, he has set aside his university research to work for the agency.

Lately, however, that sense of moral clarity has clouded for some mathematicians, and the recruiters’ task has become more complicated. In 2013, former NSA contractor Edward Snowden began releasing documents revealing, among other things, that the agency has been harvesting email and phone records from ordinary American citizens on a massive scale. The NSA may have also purposefully compromised a mathematical standard used widely for securing personal computers the world over.

The revelations unsettled the anonymous mathematician. “For people who share my motivations,” he says, “the ethics of the NSA’s mission matter a great deal.” The news has also roiled the mathematics community and led some to question its long, symbiotic relationship with the spy agency, which nurtures budding mathematicians in school, supports the field with research and training grants, and offers academic mathematicians the chance to take part in the murky world of spy craft.

Mathematician David Vogan, of the Massachusetts Institute of Technology in Cambridge, who finishes his term as president of the American Mathematical Society (AMS) this week, has urged the society to rethink its long-running, close-knit ties with the agency - though he won little support from other AMS officials.

In a sign of the difficulty of convincing the most talented mathematicians and computer scientists to work for the agency, NSA director Admiral Michael Rogers has hit the road himself to make the pitch. “Many of you are potential future employees that I want to compete for,” he told an audience at Stanford University in Palo Alto, California, last November. “The biggest challenge for us … is getting people in the door in this environment.”

A student asked what the NSA offers to researchers who may be “disillusioned by the US government”. In a reply that may not have helped, Rogers listed both the chance to “serve the

Mathematical arms race

Vogan says: “The NSA needs mathematicians like a papermaker needs trees.” The number of mathematicians employed by the agency cannot be verified. But its total staff is known to be in the tens of thousands, and its official mission - to design cryptologic systems for protecting US information while exploiting weaknesses in the information systems of foreign countries - is deeply mathematical. Since the NSA was established in 1952, it has engaged in a mathematical arms race, with ever more sophisticated codemaking and code breaking. As the NSA has long stated, it has a vested interest in keeping a healthy domestic mathematics community.

Like the rest of its activities, the full extent of NSA’s involvement with academia is secret. “We do not release specific budgets for programmes,” the agency’s public affairs office said in response to queries. Even the total annual budget that Congress provides the agency is classified; estimates range from US$8 billion to US$25 billion.

Only one line item in the NSA budget is publicly reported each year, and only because it involves a grants programme for which AMS provides peer review. Through its mathematical sciences programme, the agency will spend US$4 million this year on research grants, summer internships for undergraduates, sabbaticals for university professors to work at NSA, and mathematical conferences. It’s a pittance compared with the more than US$400 million that mathematicians receive each year from other federal agencies. But for a handful of areas that benefit, such as number theory and probability “it’s not a trivial amount of money”, Vogan says.

A close relationship

The fruits of NSA support are readily found in academic journals. “It is expected that you will acknowledge the funding in your papers,” says Egon Schulte, of Boston’s Northeastern University, whose research in combinatorics is supported by an NSA grant. That makes it possible to directly track the academic output of NSA funding.

An analysis by Science shows that NSA-supported research output grew steadily through the cold war and the fall of the Soviet Union, dropped briefly between 1999 and 2002, then mushroomed in the wake of 9/11. In 2013, more than 500 papers acknowledged NSA support.

But grants for individual researchers are only a tiny portion of NSA’s support for mathematics. Documents the agency shared with Science describe a range of programmes, from STEM (science, technology, engineering, and mathematics) education in schools to research labs at universities. NSA experts give talks and judge science fairs. Grants support science summer camps and school maths clubs and computer labs. The NSA’s GenCyber programme brings talented high school students to universities to focus on “cyber-related education and careers” with help from NSA experts.

The outreach helps the agency develop a close relationship with the brightest mathematicians at the start of their careers.

At the 55 universities designated by NSA as Centres of Academic Excellence, a full-time NSA “representative” is embedded on campus. According to the documents provided to Science, they serve as the “gateway” for the agency to “influence research and research partnerships that will impact the cyber world and workforce in the future”.

This relationship with academia stirred little controversy until recently, says Thomas Hales, a mathematician at the University of Pittsburgh in Pennsylvania. “Everyone knows colleagues who have worked for the NSA,” he says. After stints at the agency, “they seem to get amnesia about what they were working on,” he quips, but with few exceptions, “no one really cared”. That changed in 2013, when mathematicians got a glimpse of how the NSA used some of their work.

A few bad apples

In the wake of the Snowden revelations, most of the attention focused on NSA’s harvesting of data from citizens. But it is a more obscure exploit that concerns many mathematicians: what they see as an attack on the heart of internet security.

When you check your bank account online, for example, the information is encrypted using a series of large numbers generated by both the bank server and your own computer. Generating random numbers that are truly unpredictable requires physical tricks, such as measurements from a quantum experiment. Instead, the computers use mathematical algorithms to generate pseudorandom numbers. Although such numbers are not fundamentally unpredictable, guessing them can require more than the world’s entire computing power. As long as those pseudorandom numbers are kept secret, the information can safely travel online, protected from eavesdroppers - even the NSA.

But the agency appears to have created its own back door. The computer industry routinely adopts security standards approved by the US National Institute of Standards and Technology (NIST). But in 2006, NIST put its seal of approval on one pseudorandom number generator - the Dual Elliptic Curve Deterministic Random Bit Generator, or DUAL_EC_DRBG - that was flawed. The potential for a flaw was first identified in 2007 by Microsoft experts. But it received little attention until internal NSA memos made public by Snowden revealed that the NSA was the sole author of the flawed algorithm and that the agency worked hard to make sure it was adopted by NIST.

“[An] algorithm that has been designed by NSA with a clear mathematical structure giving them exclusive back door access is no accident,” Hales wrote in an open letter published by AMS in February last year. He says that since then, “my conclusions have been reinforced by other sources”. For example, a July 2014 NIST report suggested that NIST was all but following the agency’s orders. “NSA’s vastly superior expertise on elliptic curves led NIST to defer to NSA regarding DUAL_EC,” the report said. Academic research has also revealed that the flaw is easier to exploit if the targeted computer uses other security products that were designed at the NSA’s request. NIST dropped its support for the faulty standard last April.

Some defended the agency. In an open letter in AMS’s online journal, Richard George, who describes himself as a mathematician who worked for the NSA for 41 years, declared that his NSA colleagues “would not dream of violating US citizens’ rights”, although “there may be a few bad apples in any set of people”. As for the NSA’s engineering of a back door into personal computers, George wrote: “I have never heard of any proven weakness in a cryptographic algorithm that’s linked to NSA; just innuendo.”

A steadfast benefactor

On the AMS journal, the revelations triggered a sharp debate about whether the society should cut its ties with the agency. Alexander Beilinson, a mathematician at the University of Chicago who helped spur the discussion, argued that the society should completely wash its hands of the NSA. The scale of the domestic spying and software tampering makes the US seem like “a bloated version of the Soviet Union of the time of my youth”, he says. Vogan was outraged as well. “The NSA may have deliberately broken commercial encryption software,” he says. “I see this activity as parallel to falsification of medical research for profit: as an individual wrong action, which damages permanently the position of science in the world.”

But after all was said and done, no action was taken. Vogan describes a meeting about the matter last year with an AMS governing committee as “terrible”, revealing little interest among the rest of the society’s leadership in making a public statement about the NSA’s ethics, let alone cutting ties. Ordinary AMS members, by and large, feel the same way, he adds. For now, mathematicians aren’t willing to disown a shadowy but steadfast benefactor.

Science magazine

Post a Comment