Cybersecurity Official Believes Encryption Can Be Backdoored Safely; Can't Think Of Single Expert Who Agrees With Him
from the broken-encryption-isn't-broken-said-no-one-ever dept
The government continues to looks for ways to route around Apple and Google's phone encryption. The plans range from legislated backdoors to a mythical "golden key" to split-key escrow where the user holds one key and the government shares the other with device makers.
None of these are solutions. And there's no consensus that this is a problem in search of one. Law enforcement and intelligence agencies will still find ways to get what they want from these phones, but it may involve more legwork/paperwork and the development of new tools and exploits. Without a doubt, encryption will not leave law enforcement unable to pursue investigations. Cellphones are a relatively recent development in the lifespan of law enforcement and no crime prior to the rise of cellphone usage went uninvestigated because suspects weren't walking around with the entirety of their lives in their pockets.
But still the government continues to believe there's some way to undermine this encryption in a way that won't allow criminals to exploit it. This belief is based on nothing tangible. One can only imagine how many deafening silent beats passed between question and answer during White House cybersecurity policy coordinator Michael Daniel's conversation with reporters following the recent RSA conference.
In a meeting with a handful of reporters, Daniel was asked whether or not he could name a respected technology figure who believed it possible to have strong encryption that could be circumvented by just one party's legal authority.And he never will. No one who knows anything about encryption will ever say it's possible to create a "good guys only" backdoor. Or front door. Or whatever analogy government officials choose to deploy when arguing for the "right" to access anyone's device with minimum effort.
"I don't have any off the top my head," Daniel said…
But that's not the end of Daniel's embarrassing response. He went on to disingenuously toss this back at "Silicon Valley" with a back-handed compliment insinuating that if these companies don't solve this "problem" for the government, they're either stupid or evil.
[Daniel] added that if any place could come up with an answer, it would be the "enormously creative" Silicon Valley.The government believes there's a solution out there -- some magical alignment of hashes that would keep malicious hackers out and let the government in. It certainly can't figure out this conundrum, so it's going to keep insinuating that tech companies already know how to solve the problem but they hate children/law enforcement/America so much they won't even consider meeting the government halfway.
But the tech companies know -- as do security experts -- that there's no "halfway." You can have encryption that works and keeps everyone locked out or you can have the government's "encryption," which is spelled exactly the same but has extremely leaky quote marks constantly appended, and which lets everyone in the same "door," no matter who they are or what their intent is.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: backdoors, cybersecurity, cybersecurity czar, encryption, michael daniel
Reader Comments
Subscribe: RSS
View by: Time | Thread
And what happens when the "good guys" go bad? Will they spontaneously lose the Key? After all, we know ALL law enforcement personnel are the honest "good guys."
[ link to this | view in chronology ]
Further, the more people that have access to the keys, the more likely that they will leak. Also, if it known that the NSA, FBI and/or other agencies have keys capable of breaking cypher system then concerted efforts will be made by various parties using all tactics available to get hold of the key, and given the number of employees in those agencies that will have access to the key, it will leak in minutes. Well maybe minutes is hyperbole, as it will take longer to distribute the key, but it will only take days.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
You can beat the maths
[ link to this | view in chronology ]
Re: You can beat the maths
[ link to this | view in chronology ]
And as they do, and become - what...felons, for illegal encryption? - will they become targets for SWAT raids?
And when they do, to the extent that they might also be very left-leaning and anti 2nd Amendment, will they finally realize that the 2nd Amendment isn't about hunting or target shooting, and finally acquire the means to defend themselves from the stormtroopers who have taken over the country?
Something to think about...or not. head back in sand, probably.
[ link to this | view in chronology ]
Remember the acronym for Law Enforcement Agency Key
[ link to this | view in chronology ]
We don't have to re-discover why key escrow doesn't work
We have been here 20+ years ago. It is important to remember.
[ link to this | view in chronology ]
There's the first misunderstanding. The government IS a malicious hacker.
[ link to this | view in chronology ]
Not a mere technical problem
That's not just a technical conundrum. It fails for the simple reason that the most malicious hackers are the government.
[ link to this | view in chronology ]
I don't know about anyone else, but when it is a situation of ______ organization or government VS the world's hacking community, I'm betting on the hackers.... every single time.
[ link to this | view in chronology ]
Once again...
Back door encryption programs will not be used by smart people who wish to hide data. This will form an underground and/or overseas market for encryption applications that can be downloaded to/from anywhere and that's what they "bad guys" will use. The government will have keys to every front door of every person who is either not trying to hide from the government or too stupid to use the underground tools.
So while they can open your phone at anytime, the national security threat will still force them to jump through the same hoops as now.
[ link to this | view in chronology ]
There's no way for a computer to make a final determination based on such a fluid term.
Either you have security or you don't. There's no buts.
[ link to this | view in chronology ]
How *Many* Governments and Agencies?
If US agencies have them, you can count on similar agencies demanding the same access in every other country where Apple and Google's phones are sold.
In any split-key system where the government agency and the device maker must combine their keys for access, it's absolutely inevitable that a government agency will simply demand the device maker's keys.
[ link to this | view in chronology ]
Re: How *Many* Governments and Agencies?
However, Angela Merkel is unlikely to be happy using a device that has US or UK government decryption keys built in. So will the manufacturers have to install different decryption keys depending on where a device is being used ? US keys on US devices, German keys on German devices, Brazilian keys on Brazilian devices.
International travel suddenly becomes very complicated.
If Michael Daniel visits France, will he be happy to comply with their laws and install the French government decryption keys on his Kindle ? What happens when he returns home. Will he want to be able to remove the French decryption keys once he is safely back in the USA ?
If Dilma Rousseff visits the USA, will she be required to install the US government decryption keys on her iPad ? Can she remove them again once she has left ? Will she ever be able to trust the device again, or do we all just throw everything away and buy new devices every time we cross a border ?
If the keys can be added and removed, who is authorised to modify the keys and how ? Who checks that a device has all the right decryption keys installed on it ?
Perhaps this a job for United Nations Cyber Law Enforcement ?
[ link to this | view in chronology ]
Another good question
[ link to this | view in chronology ]
If government gets front-door / side-door / back-door / open-window access to people's encryption. They'll just write another law stating they no longer need a warrant to access this information.
So where does that leave us? Totalitarianism, that's where.
[ link to this | view in chronology ]
safe
encryption is our digital safe into which we are permitted to place anything that will fit - having a safe place for our effects is unalienable - it is illegal for any government to require our combinations
[ link to this | view in chronology ]
"I'm confident Silicon Valley magic can do it!"
"Silicon Valley does magic. I think they can do magic on this. Therefore, let's require it, and magic will happen."
Sigh.
[ link to this | view in chronology ]
At least on the Android side of the world, there are numerous forks of Android that would almost certainly choose not to comply, and given that the government has it's hands tied on regulating source code, there would be nothing they could do stop it.
So unless I'm missing a point here, their quest to make sure nobody can have full device encryption that they do not have a means of decrypting has already reached a dead end.
It seems like they are just hoping that Apple, Google, etc. just voluntarily go along with this scheme and that users without technical knowledge of implementations would naively just go along with whatever their phone came with.
[ link to this | view in chronology ]
Re:
Speech is covered under the 1st Amendment, but they've put limits on that. Obscenity, "hate" speech, encouraging a crime, etc.
If they can place limits on actual speech, how hard will it be for them to place limits on computer code?
[ link to this | view in chronology ]
Three may keep a secret, if two of them are dead
[ link to this | view in chronology ]
Iv tried
Encryption is a good/bad thing.
Passwords and encryption in a poor circumstance, is a BAD thing..and does not work.
Fair passwords and encryption, only delays what will/can happen.
Good passwords and encryption, takes TIME to solve.
Thinking your wireless/BT headphones are encrypted? is a dream. There may be a small weak encryption, but its very weak.
Encryption, SLOWS things down.. its like having ZIP files..and you have to open each file to use the file or see a picture.(ZIP is weak protection)
Never think that wireless is protected...there are HOLES in how to listen to it.
Encrypting a system, is/can be a good thing. But backdoors, are built into many products, called a reset button. without that button, if you have a problem its hard to fix many things. the problem with that tends to be EVERYONE knows that.
[ link to this | view in chronology ]
Enormously creative
Oh, they are going to come with an answer. Several of them, in fact. But they are not the answers this guy would like to see.
"Silicon Valley" is working on making sure transmissions can't be decrypted after the fact (PFS). "Silicon Valley" is working on making it harder to spoof a valid certificate (CT, HPKP, DANE). "Silicon Valley" is working on ways to keep the user's data safe even if the service provider is compromised. And so on.
The problem for this guy is not "Silicon Valley"'s creativity. The problem for this guy is that their objectives are irreconcilable with his.
[ link to this | view in chronology ]
The US Government can't (legally) regulate the source code. So what? They don't have to. They can regulate access to public utilities.
Reclassify the internet as not a public utility. (for bonus points, subsidize access to it to ensure no one is left out based on their ability to afford it) and then specify the technical requirements for connection to it. Make one of those technical requirements "responds appropriately to key escrow validation query" or something similar and they're set. No valid response? No network access for you, and the technical data about the system gets logged for investigation.
Mobile providers are already regulated this way, so no issue there - they just need to add back-end hooks to make sure the OS is "government approved".
The technical capabilities already exist to do this at medium to very large scale, but they might require some tweaking to scale appropriately to, say, Cox Communications or Verizon Internet. Google "posture validation" and "network admission control". For a fair number of these networks, the code is already in place, and just needs to be licensed and configured.
And yes, posture validation systems - as with any security related system - can be bypassed. Which is why the technical controls would/will be backed with administrative controls (Make it a felony to bypass "any technical control intended to regulate access to a public utility) and aggressively prosecute anyone caught attempting to do so. Oh. And the CFAA still applies.
It might take a decade or so to accomplish, but it's certainly doable. And frankly, you don't even need 100% coverage. just get the percentage of covered devices high enough to where it's possible to evaluate the outliers and you're "close enough"
[ link to this | view in chronology ]
Re:
"Reclassify the internet as not a public utility" should read "Reclassify the internet as a public utility"
Anyone else ever with there was a way to edit comments here?
[ link to this | view in chronology ]
Re: Re:
No, I just rely on the "Preview" button and proofread first. It (proofreading) appears to be a, soon to be, lost art.
[ link to this | view in chronology ]
Re: Re: Re:
This sentence is pure comedic gold. Thank you!
[ link to this | view in chronology ]
This merely pushes the issue back one level. It is perfectly possible to store encrypted files on an encrypted file system. There is no requirement that the two encryption schemes share a common origin, scheme, or code base. You likely do this every day without realizing it: what do you think audio codecs are, or image/file compression?
If the government does mandate broken encryption on a device, you can bet that anyone wanting to keep their files secret will just put another private layer on.
... or you could just go the route England did: "unencrypt this for us or go to jail".
[ link to this | view in chronology ]
Re:
Pushing the issue back one level would be regarded as a significant win by the folks proposing this, as it dramatically reduces the number of people out there capable of working around the technical control. As to the other point above, as you say, there's no requirement, per se, for any common format or code base, but realistically, if you want to communicate effectively, you need some sort of a common system, and whether or not they realize it, most people aren't sufficiently competent to roll their own. This leads, inevitably, to common systems, format, code, and ciphers.
Given de-facto control of an OS, there's very little that can be done on a system that you can't also control.
Also, onto your final point: not all problems can be solved with technology, which is why you back up the technology with:
It's not "or", it's "and". Possible financial and reputational ruin, coupled with the possibility of jail time, is a fairly hardcore administrative control.
Never underestimate the effectiveness of a public execution (literal or figurative). The hard core penalties sought by prosecutors under, e.g., the CFAA - think Aaron Schwartz, or Deric Lostutter (who's hacking under the alias KYanonymous brought about 2 rape convictions), and is now facing more prison time than the rapists because of it? Yes, prosecutors will put the person away for a long time, but that's arguably a secondary goal - The primary goal - and we hear it stated over and over by prosecutors, county sheriffs, police captains, etc - is deterring other people from undertaking similar actions.
[ link to this | view in chronology ]
odd that....
[ link to this | view in chronology ]
Lets say something stupid
Can you protect a backdoor?
[ link to this | view in chronology ]
Collaborators
This is because Silicon Valley is chock-full of collaborators who willing work with the criminals infesting the US government to subvert the US Constitution.
[ link to this | view in chronology ]
Mr Daniel's next project
[ link to this | view in chronology ]
[ link to this | view in chronology ]
One question to shut down this line of thinking
[ link to this | view in chronology ]
The Athens Affair
[ link to this | view in chronology ]
This is his/their problem, not ours or anybody else's.
All this really is about is they're fighting a stupid drug war (prohibition, yet again). I don't care that they want to do that and wish they'd just stop. If they insist on continuing that silly thing, it's all up to them to find ways to do it. I feel no obligation whatever to compromise my security just to help them carry on as usual in their tilting at windmills.
[ link to this | view in chronology ]