Computer Security Experts Release Report Slamming Proposals To Backdoor Encryption, As FBI Makes Latest Push
from the bad-ideas dept
Later today, FBI director James Comey will testify before two separate Senate panels about “going dark”, the buzz phrase for law enforcement’s ridiculous fear of strong encryption. In preparation for this, Comey has posted an article claiming that he’s not “a maniac” and recognizes the value of strong encryption… but.
1. The logic of encryption will bring us, in the not-to-distant future, to a place where devices and data in motion are protected by universal strong encryption. That is, our conversations and our “papers and effects” will be locked in such a way that permits access only by participants to a conversation or the owner of the device holding the data.
2. There are many benefits to this. Universal strong encryption will protect all of us—our innovation, our private thoughts, and so many other things of value—from thieves of all kinds. We will all have lock-boxes in our lives that only we can open and in which we can store all that is valuable to us. There are lots of good things about this.
3. There are many costs to this. Public safety in the United States has relied for a couple centuries on the ability of the government, with predication, to obtain permission from a court to access the “papers and effects” and communications of Americans. The Fourth Amendment reflects a trade-off inherent in ordered liberty: To protect the public, the government sometimes needs to be able to see an individual’s stuff, but only under appropriate circumstances and with appropriate oversight.
He ends the piece by noting that he’s just encouraging debate on the topic:
Democracies resolve such tensions through robust debate. I really am not a maniac (or at least my family says so). But my job is to try to keep people safe. In universal strong encryption, I see something that is with us already and growing every day that will inexorably affect my ability to do that job. It may be that, as a people, we decide the benefits here outweigh the costs and that there is no sensible, technically feasible way to optimize privacy and safety in this particular context, or that public safety folks will be able to do their job well enough in the world of universal strong encryption. Those are decisions Americans should make, but I think part of my job is make sure the debate is informed by a reasonable understanding of the costs.
But, of course, this suggests that there hasn’t been much debate on this. There has been. There was a giant debate twenty years ago and people realized how important strong crypto is and how dangerous it is to undermine it. And yet, now he’s claiming we need a new debate. We don’t. It’s been concluded and forcing everyone to retrace their steps from two decades ago is just a waste of time, especially considering that many of these people could be working on more important things, like better protecting us and our data.
But… instead, the debate is happening. And now a large group of folks who lived through the last debate have published a fantastic report on why backdooring encryption is monumentally stupid. The report is written by a who’s who of computer security folks:
Harold Abelson, Ross Anderson, Steven M. Bellovin, Josh Benaloh, Matthew Blaze,
Whitfield Diffie, John Gilmore, Matthew Green, Peter G. Neumann, Susan Landau,
Ronald L. Rivest, Jeffrey I. Schiller, Bruce Schneier, Michael Specter, Daniel J. Weitzner
The paper highlights that this debate was done decades ago:
Twenty years ago, law enforcement organizations lobbied to require data and
communication services to engineer their products to guarantee law enforcement
access to all data. After lengthy debate and vigorous predictions of enforcement
channels “going dark,” these attempts to regulate the emerging Internet were abandoned. In the intervening years, innovation on the Internet flourished, and law
enforcement agencies found new and more effective means of accessing vastly larger
quantities of data. Today we are again hearing calls for regulation to mandate the
provision of exceptional access mechanisms. In this report, a group of computer
scientists and security experts, many of whom participated in a 1997 study of these
same topics, has convened to explore the likely effects of imposing extraordinary
We have found that the damage that could be caused by law enforcement exceptional access requirements would be even greater today than it would have been 20
years ago. In the wake of the growing economic and social cost of the fundamental
insecurity of today’s Internet environment, any proposals that alter the security dynamics online should be approached with caution. Exceptional access would force
Internet system developers to reverse “forward secrecy” design practices that seek to
minimize the impact on user privacy when systems are breached. The complexity of
today’s Internet environment, with millions of apps and globally connected services,
means that new law enforcement requirements are likely to introduce unanticipated,
hard to detect security flaws. Beyond these and other technical vulnerabilities, the
prospect of globally deployed exceptional access systems raises difficult problems
about how such an environment would be governed and how to ensure that such
systems would respect human rights and the rule of law
As the paper notes, beyond the technical problems with these proposals, there’s also the fact that other governments are going to want this same capability and that opens up all sorts of problems:
The greatest impediment to exceptional access may be jurisdiction. Building in ex-
ceptional access would be risky enough even if only one law enforcement agency in the
world had it. But this is not only a US issue. The UK government promises legislation
this fall to compel communications service providers, including US-based corporations,
to grant access to UK law enforcement agencies, and other countries would certainly
follow suit. China has already intimated that it may require exceptional access. If a
British-based developer deploys a messaging application used by citizens of China, must
it provide exceptional access to Chinese law enforcement? Which countries have sufficient
respect for the rule of law to participate in an international exceptional access framework?
How would such determinations be made? How would timely approvals be given for the
millions of new products with communications capabilities? And how would this new
surveillance ecosystem be funded and supervised? The US and UK governments have
fought long and hard to keep the governance of the Internet open, in the face of demands
from authoritarian countries that it be brought under state control. Does not the push
for exceptional access represent a breathtaking policy reversal?
And there’s still the technical problems. Government officials still seem to think it’s possible to build a golden key that only government can access. This is technologically ignorant:
[B]uilding in exceptional access would substantially increase system complexity.
Security researchers inside and outside government agree that complexity is the enemy of
security — every new feature can interact with others to create vulnerabilities. To achieve
widespread exceptional access, new technology features would have to be deployed and
tested with literally hundreds of thousands of developers all around the world. This is a far
more complex environment than the electronic surveillance now deployed in telecommunications and Internet access services, which tend to use similar technologies and are more
likely to have the resources to manage vulnerabilities that may arise from new features.
Features to permit law enforcement exceptional access across a wide range of Internet and
mobile computing applications could be particularly problematic because their typical use
would be surreptitious — making security testing difficult and less effective.
[E]xceptional access would create concentrated targets that could attract bad
actors. Security credentials that unlock the data would have to be retained by the platform
provider, law enforcement agencies, or some other trusted third party. If law enforcement’s
keys guaranteed access to everything, an attacker who gained access to these keys would
enjoy the same privilege. Moreover, law enforcement’s stated need for rapid access to data
would make it impractical to store keys offline or split keys among multiple keyholders,
as security engineers would normally do with extremely high-value credentials. Recent
attacks on the United States Government Office of Personnel Management (OPM) show
how much harm can arise when many organizations rely on a single institution that itself
has security vulnerabilities. In the case of OPM, numerous federal agencies lost sensitive
data because OPM had insecure infrastructure. If service providers implement exceptional
access requirements incorrectly, the security of all of their users will be at risk.
There’s a lot more in the report itself, which is worth reading. As Kevin Bankston, the director of the Open Technology Institute, notes, we’ve had this debate and it’s time to end it. It’s over.
Tech companies, privacy advocates, security experts, policy experts, all five members of President Obama’s handpicked Review Group on Intelligence and Communications Technologies, UN human rights experts, and a majority of the House of Representatives all agree: Government-mandated backdoors are a bad idea. There are countless reasons why this is true, including: They would unavoidably weaken the security of our digital data, devices, and communications even as we are in the midst of a cybersecurity crisis; they would cost the US tech industry billions as foreign customers — including many of the criminals Comey hopes to catch — turn to more secure alternatives; and they would encourage oppressive regimes that abuse human rights to demand backdoors of their own.
Most of these arguments are not new or surprising. Indeed, it was for many of the same reasons that the US government ultimately rejected the idea of encryption backdoors in the 90s, during what are now called the “Crypto Wars.” We as a nation already had the debate that Comey is demanding — we had it 20 years ago! — and the arguments against backdoors have only become stronger and more numerous with time. Most notably, the 21st century has turned out to be a “Golden Age for Surveillance” for the government. Even with the proliferation of encryption, law enforcement has access to much more information than ever before: access to cellphone location information about where we are and where we’ve been, metadata about who we communicate with and when, and vast databases of emails and pictures and more in the cloud. So, the purported law enforcement need is even less compelling than it was in the 90s. Meanwhile, the security implications of trying to mandate backdoors throughout the vast ecosystem of digital communications services have only gotten more dire in the intervening years, as laid out in an exhaustive new report issued just this morning by over a dozen heavy-hitting security experts.
If only someone would explain that to Comey, everyone could get back to work. Yet, unfortunately, it looks like he wants to rehash this debate over and over again, despite the fact that the basics aren’t going to change.