European Information Security Advisory Says Mandating Encryption Backdoors Will Just Make Everything Worse
from the solving-little,-breaking-lots dept
More and more entities involved in government work are coming out in support of encryption. (Unfortunately, many governments are still periodically entertaining backdoor legislation...) While recognizing the limits it places on law enforcement and surveillance agencies, they're not quite willing to sacrifice the security of everyone to make work easier for certain areas of the government.
The European Union for Network and Information Security (ENISA) has just released its report [PDF] on encryption and finds it to be pretty much essential for everyone's security. Any efforts to undermine this harms the public more than it helps them. (h/t Tom's Hardware)
There is a legitimate need to protect communications among individuals and between individuals and public and private organisations. Cryptography provides the electronic equivalent of letter cover, seal or rubber stamp and signature. In the light of terror attacks and organised crime, law enforcement and intelligence services have requested to create means to circumvent these protection measures. While their aims are legitimate, limiting the use of cryptographic tools will create vulnerabilities that can in turn be used by terrorists and criminals, and lower trust in electronic services, which will eventually damage industry and civil society in the EU.
Mandating backdoors will hurt the countries where they're implemented, sending customers in search of secure computer equipment and services elsewhere. Beyond that, there's the fact that all backdoors can be exploited. Thousands or millions of device users could be negatively affected while very few criminals will suffer adverse effects. If a backdoor exists, it can be exploited by either "side," but only the criminal side will be able to protect itself from unwanted intrusion. Because if you're going to break a few laws, why not break one that forbids you from owning or operating devices with non-backdoored encryption?
Or you could just roll your own...
Technology is changing at a very fast pace. It is questionable if solutions such as backdoors will be effective given that criminals can develop their own encryption technologies.
As ENISA points out, it's not just exploitation by criminals that's the problem. It's also exploitation by government agencies, which may use the handy backdoors to collect/intercept far more than they're legally allowed to.
Judicial oversight may not be a perfect solution as different interpretations of the legislation may occur.
One agent's facially-invalid search warrant is the same agent's legally-unassailable judicial order. This is enough of a problem in the US, where multiple federal districts have resulted in contradictory opinions on identical legal arguments. In the European Union, the problem is only exacerbated. Not only are there multiple courts, but also multiple nations, all with their own laws. Sure, there's an attempt to unify guidance on technical/legal issues under the EU, but only so much can be done. Deciding what is or isn't abusive use of government-mandated backdoors is going to be far from consistent. And that, of course, requires a unified European stance on encryption backdoors, which isn't likely to happen either.
Ultimately, ENISA concludes that tech advancements do pose legitimate challenges to law enforcement/national security efforts, but backdoors are no way to solve the problem. But the solution it does suggest isn't much better. Here in the US, courts routinely defer to Congress when the remedy sought isn't within their power. Over in the EU, ENISA suggests legislative measures are the wrong approach.
Other procedural approaches should be explored that focus on the power of the judicial process to find solutions.
Unfortunately, ENISA does not drop any hints about how EU courts might be able to address government agencies' complaints about encryption. This suggests some sort of All Writs Ordering might be the way around being locked out of devices and computers -- blanket court orders that compel assistance from service providers and manufacturers under the threat of whatever the court can come up with. While this would cause less damage to security than mandated backdoors, a court-ordered backdoor is still a backdoor, and judicial oversight wouldn't be enough to prevent government abuse of these "one time only," purposefully-induced security holes.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: backdoors, encryption, enisa, eu, europe, security
Reader Comments
Subscribe: RSS
View by: Time | Thread
Surveillance is the biggest threat to security
Do you really want to be responsible for terrorists taking down the electrical grid, using a backdoor you inserted, or a vulnerability you kept secret, because you wanted your surveillance capabilities?
https://seegras.discordia.ch/Blog/the-biggest-threat-to-cyber-security-is-surveillance/
[ link to this | view in thread ]
education
Beylikdüzü Teog Kursu Beylikdüzü’nde butik eğitim, bire bir özel ders merkezi, etüt merkezi, eğitim koçluğu, Butik Dersane hizmetleri veren profesyonel bir eğitim kurumudur. 2011 yılından beri uzman eğitimcilerle hizmet veren kurumumuz her sene başarılarına yenilerini katmaktadır.
[ link to this | view in thread ]
Re: Surveillance is the biggest threat to security
If it is critical infrastructure, it should remain air gapped and address most sigint precautions.
[ link to this | view in thread ]
Re: education
[ link to this | view in thread ]
I call this the "we-the-government-are-damn-lazy-and-reek-of-totalitarianism" option.
[ link to this | view in thread ]
Re: education
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Just think about that for a bit. I have serious doubts about the US security agencies being able to protect a backdoor key. You give copies of that key to 30 countries and each of them gives copies to who knows how many agencies inside the country..... suddenly your backdoor key can be found in hundreds of locations and all a hacker needs to do is break into the weakest location and it all falls.
[ link to this | view in thread ]
A few nits
Conclusion 1.
"While their [law enforcement] aims are legitimate, . . . ."
[Citation Needed]
One should no longer assume that the aims of law enforcement are legitimate. That ship has long since sailed.
Conclusion 3.
"given that criminals can develop their own encryption technologies"
Criminals don't need to develop their own encryption technologies. There are already several good algorithms, well known, published in textbooks, and that do not have a back door and are unlikely to have a trap door.
Conclusion 4.
"New technologies which generate once off encryption keys between end users are now being deployed. These keys are not stored centrally by the operator. These types of technologies make lawful interception in a timely manner very difficult. There is every reason to believe that more technology advances will emerge that will continue to erode the possibility of identifying or ecrypting electronic communications."
Oh, hey! I've got one! Let me try!
Carry two devices. A regular phone with a mobile plan, just like most people. This provides network access either via WiFi or cellular. A second device, which has no SIM, and is always in Airplane mode, is used to run the communications app which does the encryption. They bad guys [eg, NSA, etc] might hack your phone, but it is only being used to pass already encrypted communications from the other device which has the app you use to communicate, and little else.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Re:
If corporations are people, are any of them gay?
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
[ link to this | view in thread ]
Don't get me wrong here, it is great and all, but it should be enough that we, the people, don't want it, and that quite a lot of smart people with extensive knowledge in the area have agreed!
A majority have spoken and still it seems to require Terrorists and criminals in the reasoning to even be considered valid.
[ link to this | view in thread ]
Re:
Police work is easy in a police state.
[ link to this | view in thread ]
Re: Re: Surveillance is the biggest threat to security
Plus, the embedded and process control people are still new to this whole "security" thing. Stuxnet and the IOT security disaster should be proof enough of that.
No really, I'll bet you good money that if you go to any large plant or refinery and hook into a data bus you'll see large amounts of un-encrypted traffic. That's the data keeping machines and tanks from exploding.
[ link to this | view in thread ]
Re: Re:
An informed people will and have come out against such insane proposals, together with pretty much every expert in the field, and still it seems like "nah, if you don't have terrorists in your wording, we are just gonna do it anyway."
[ link to this | view in thread ]
Re: Re: Re: Surveillance is the biggest threat to security
If that is air gapped from the Internet, it needs physical access to get at, and with physical access data security is the least of their worries. An attacker just needs to know which valve to jam open, or which relay to jam in or out to do a lot of damage, and need not worry about how to use the data bus to do that.
[ link to this | view in thread ]