Post by Kevin McAleavey on Dec 16, 2010 1:22:05 GMT -5
We've received several emails from concerned users and customers of ours over reports of a long-standing "backdoor" in the IPSEC code in the OpenBSD operating system and are worried that KNOS might contain the offending code as well. For those who would like to research this drama, the original post and followups can be found here:
marc.info/?t=129236639300001&r=1&w=2
(messages are in reverse date order)
As a result of all the hoohah over this topic and because our KNOS OS is based on FreeBSD's code, the BSD community as well as us here have been extremely concerned about this news and numerous ongoing code audits have been in progress ever since this report. To be honest, we're not absolutely certain as yet, although the IPSEC code is only used in VPN situations within BSD and not for other forms of encryption within KNOS.
OpenBSD's IPSEC code is different from other BSD derivatives, but there is reason to believe of course that the possibility of portions of the OpenBSD code in question could have migrated to other BSD's. These audits continue despite information that the original report might be bogus. It is our own opinion, as well as that of the BSD community at large, that this code should be fully audited anyway just to eliminate any possibility that such a compromise of the crypto math within the IPSEC code might exist.
KNOS is based on the original FreeBSD code because FreeBSD is highly regulated by the original founders of BSD who highly scrutinize every inch of the code which makes it into the base. As part of our philosophy of design we do not modify BSD's code itself, but rather use our own proprietary designs to configure and modify it to run properly within the KNOS OS. This helps to ensure those who use KNOS that there are no "tricks" in what we distribute so that our customers can use the original BSD code for their custom KNOS builds if they so desire to wrestle with it themselves.
Until we're certain as to the absolute security of the IPSEC code within FreeBSD itself, I'd like to offer this commentary to the BSD internal discussions for the benefit of those concerned from Jason Wright who is allegedly the source of this "compromise" in his own words:
Watch this space, or the original link above for news once this question has been fully resolved. At that time, I will follow up on this message. At this time, KNOS review and audit of all code involved is ongoing.
marc.info/?t=129236639300001&r=1&w=2
(messages are in reverse date order)
As a result of all the hoohah over this topic and because our KNOS OS is based on FreeBSD's code, the BSD community as well as us here have been extremely concerned about this news and numerous ongoing code audits have been in progress ever since this report. To be honest, we're not absolutely certain as yet, although the IPSEC code is only used in VPN situations within BSD and not for other forms of encryption within KNOS.
OpenBSD's IPSEC code is different from other BSD derivatives, but there is reason to believe of course that the possibility of portions of the OpenBSD code in question could have migrated to other BSD's. These audits continue despite information that the original report might be bogus. It is our own opinion, as well as that of the BSD community at large, that this code should be fully audited anyway just to eliminate any possibility that such a compromise of the crypto math within the IPSEC code might exist.
KNOS is based on the original FreeBSD code because FreeBSD is highly regulated by the original founders of BSD who highly scrutinize every inch of the code which makes it into the base. As part of our philosophy of design we do not modify BSD's code itself, but rather use our own proprietary designs to configure and modify it to run properly within the KNOS OS. This helps to ensure those who use KNOS that there are no "tricks" in what we distribute so that our customers can use the original BSD code for their custom KNOS builds if they so desire to wrestle with it themselves.
Until we're certain as to the absolute security of the IPSEC code within FreeBSD itself, I'd like to offer this commentary to the BSD internal discussions for the benefit of those concerned from Jason Wright who is allegedly the source of this "compromise" in his own words:
List: openbsd-tech
Subject: Re: Allegations regarding OpenBSD IPSEC
From: "Jason L. Wright"
Date: 2010-12-15 18:27:31
Message-ID: 20101215182710.GA6897 () jason-wright ! cust ! arpnetworks ! com
Subject: Allegations regarding OpenBSD IPSEC
Every urban lengend is made more real by the inclusion of real names,
dates, and times. Gregory Perry's email falls into this category. I
cannot fathom his motivation for writing such falsehood (delusions
of grandeur or a self-promotion attempt perhaps?)
I will state clearly that I did not add backdoors to the OpenBSD
operating system or the OpenBSD crypto framework (OCF). The code I
touched during that work relates mostly to device drivers to support
the framework. I don't believe I ever touched isakmpd or photurisd
(userland key management programs), and I rarely touched the ipsec
internals (cryptodev and cryptosoft, yes). However, I welcome an
audit of everything I committed to OpenBSD's tree.
I demand an apology from Greg Perry (cc'd) for this accusation. Do
not use my name to add credibility to your cloak and dagger fairy
tales.
I will point out that Greg did not even work at NETSEC while the OCF
development was going on. Before January of 2000 Greg had left NETSEC.
The timeline for my involvement with IPSec can be clearly demonstrated
by looking at the revision history of:
src/sys/dev/pci/hifn7751.c (Dec 15, 1999)
src/sys/crypto/cryptosoft.c (March 2000)
The real work on OCF did not begin in earnest until February 2000.
Theo, a bit of warning would have been nice (an hour even... especially
since you had the allegations on Dec 11, 2010 and did not post them
until Dec 14, 2010). The first notice I got was an email from a
friend at 6pm (MST) on Dec 14, 2010 with a link to the already posted
message.
So, keep my name out of the rumor mill. It is a baseless accusation
the reason for which I cannot understand.
--Jason L. Wright
Watch this space, or the original link above for news once this question has been fully resolved. At that time, I will follow up on this message. At this time, KNOS review and audit of all code involved is ongoing.