FBI Director Chris Wray Says Secure Encryption Backdoors Are Possible; Sen. Ron Wyden Asks Him To Produce Receipts
from the not-so-great-when-you're-on-the-receiving-end-of-a-bludgeoning-interrogation dept
I cannot wait to see FBI Director Christopher Wray try to escape the petard-hoisting Sen. Ron Wyden has planned for him. Wray has spent most of his time as director complaining about device encryption. He continually points at the climbing number of locked phones the FBI can't crack. This number signifies nothing, not without more data, but it's illustrative of Wray's blunt force approach to encryption.
I'm sure Wray views himself as a man carefully picking his way through the encryption minefield. But there's nothing subtle about his approach. He has called encryption a threat to public safety. His lead phone forensics person has called Apple "evil" for offering it to its users. He has claimed the move to default encryption is motivated by profit. And if that's not the motivation, then it's probably just anti-FBI malice. Meanwhile, he claims the FBI has nothing but the purest intentions when it calls for encryption backdoors, even while Wray does everything he can to avoid using that term.
He claims the solution is out there -- a perfect, seamless blend of secure encryption and easy law enforcement access. The solution, he claims, is most likely deliberately being withheld by the "smart people." These tech companies that have made billionaires of their founders are filled with the best nerds, but they're just not applying themselves. Wray asserts -- without evidence -- that secure encryption backdoors are not only possible, but probable.
Senator Ron Wyden has had enough. He's calling out Director Wray on his bullshit. Publicly. His letter [PDF] demands Wray hand over information on his encryption backdoor plans. Specifically, Wyden wants Wray to name names. [via Kate Conger at Gizmodo]
Your stated position parrots the same debunked arguments espoused by your predecessors, all of whom ignored the widespread and vocal consensus of cryptographers. For years, these experts have repeatedly stated that what you are asking for is not, in fact, possible. Building secure software is extremely difficult, and vulnerabilities are often introduced inadvertently in the design process. Eliminating these vulnerabilities is a mammoth task, and experts are unified in their opinion that introducing deliberate vulnerabilities would likely create catastrophic unintended consequences that could debilitate software functionality and security entirely.
I would like to learn more about how you arrived at and justify this ill-informed policy proposal. Please provide me with a list of the cryptographers with whom you've personally discussed this topic since our July 2017 meeting and specifically identify those experts who advised you that companies can feasibly design government access features into their products without weakening cybersecurity. Please provide this information by February 23, 2018.
Remember how FBI directors (Wray, Jim Comey) claimed they just wanted to have "an adult conversation" with tech experts and cryptographers? My guess is they've never even tried. Wray hasn't held the post for long, but he's been beating Comey's weathered anti-encryption drum as long as he's held the title. And in all this time, I doubt he has talked to anyone in the tech industry directly about his encryption backdoor theory. Even if he has, he certainly hasn't found anyone who agrees such a thing can be done without weakening device security. Wray will have no answers for Wyden. We can only hope being publicly embarrassed by Senator Wyden will force him to rethink his position.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: backdoors, chris wray, encryption, fbi, going dark, responsible encryption, ron wyden
Reader Comments
The First Word
“Are you willing to conduct all of your personal banking with this backdoor encryption system, Mr Wray?
When it comes to literally putting your money where your mouth is, I would like to see any person who is proposing a backdoor encryption model move all of their personal banking, stocks, bonds, loans, retirement accounts... really all financial data over to using that encryption. Given all the bad actors out there, do they really trust all of their money with this system? I think we all know the answer...Subscribe: RSS
View by: Time | Thread
Wait, someone on Capitol Hill recognizes reality?
He is so not getting re-elected.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
I'm proud to have TWO great Senators from Oregon
Wish I could respect every Senator as much as I do Wyden and Merkley.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
So you're saying the whole public / private key thing is wrong.
Seems "cryptographers" are of two opinions, both wrong. I'd avoid everything NSA advises, just because the method is known if not the keys.
Use any custom method instead.
It's "hoist with your own petard", meaning blown up by your own bomb. There is NO "bomb-hoisting" even possible if you understand the notion!
Then there's "weathered anti-encryption drum"! Where DO you come up with these concatenations of ordinary words? They're unique and practically INHUMAN, and I mean that this minion MAY be "AI".
[ link to this | view in chronology ]
Re: So you're saying the whole public / private key thing is wrong.
[ link to this | view in chronology ]
Re: Re: So you're saying the whole public / private key thing is wrong.
[ link to this | view in chronology ]
Re: So you're saying the whole public / private key thing is wrong.
Perhaps he should have said, petard-hoisted?
[ link to this | view in chronology ]
Re: So you're saying the whole public / private key thing is wrong.
Encryption relies on scrambling data so it appears to be random even if it isn't. All it takes is a very slight mistake for it all to come apart. The enigma machine was cracked because of someone sending a message that was one letter repeated over and over. Once someone finds a pattern your encryption falls.
Building a solid encryption system is well beyond the skill level of most people.
[ link to this | view in chronology ]
Ouch
Oh wow. No, that's not what encryption relies upon. That's a side effect, and only so if you don't package the result with steganography afterwards.
Given the understanding displayed in the above, this conclusion is doubly valid.
[ link to this | view in chronology ]
Re: Ouch
Look, since you seem so sure about this, then instead of me trying to explain “indistinguishability” to you—how 'bout you explain it to me. Please.
My question is… simply… what is IND-CPA, IND-CCA1, and IND-CCA2 all about?
I can handle a moderate amount of math in your explanation, but listen, I'm an EE, not a mathematician.
[ link to this | view in chronology ]
Re: So you're saying the whole public / private key thing is wrong.
Wuh? Bomba nu explody? Modern warfare is a lie!
[ link to this | view in chronology ]
Re: So you're saying the whole public / private key thing is wrong.
For an illustration of how this falls apart, look at the FAA's public/private key solution for suitcase locks.
Someone took a picture that just happened to include the keys handed out to appropriate personnel, and suddenly that key wasn't so private. And ALL locks made for the program were suddenly useless.
And yes: in the FAA illustration, "rolling your own" is likely better, although it will result in your own lock being destroyed by the TSA eventually.
In the case of cryptography, rolling your own has ALWAYS resulted in something that didn't work. Real cryptography is done in public, with industry feedback. Even the smartest cryptographer is going to miss something, because the subject is insanely complex.
[ link to this | view in chronology ]
Rolling your own encryption
These days, rolling your own means taking one of the several well-tested sans-backdoor encryption schemes available and using one of them. Contrast the 1990s in which security through obscurity was still regarded as a valid encryption tactic. And it was in vogue for mathematics freshmen to try their hand at amateur crypto.
We've gotten really good at both cryptanalysis and guessing human-created passwords, and this has been established by the late aughts. So it's commonly known (at least should be within the tech sector) that it is dangerous to attempt to construct an encryption scheme without a lot of study, practice and rigorous testing. And if passwords are easy to guess or stowed while lightly encrypted themselves, they're going to be discovered.
(Curiously, it's less well known that cracking TPMs is expensive but doable and has been since 2011. Generally, something that is expensive to crack is regarded as acceptable. Regarding the San Bernadino Shooter iPhone affair, either the FBI lied about having cracked it, or the consulting firm broke the unit's TPM with a tunnelling electron microscope.)
And granted, programming is a messy, buggy process, but that puts the vulnerability of roll-your-own encryption not in the encryption algo but its implementation.
[ link to this | view in chronology ]
Re: Rolling your own encryption
Contrast the 1990s in which security through obscurity was still regarded as a valid encryption tactic.
That's not how I remember the 90's. I think you need to go back a lot further to get to the point where anyone competent thought that. I was looking at ASIC implementations of RSA in 1983.
[ link to this | view in chronology ]
Re: Re: Rolling your own encryption
Agreed; there were a group of us working with Phil Z in the 90s to find secure implementations of accepted crypto routines.
The problem with "rolling your own" isn't limited to rolling your own key crypto: the problem extends to rolling your own implementation of known-secure crypto. All it takes is for your random seed to not be so random, or your inputs to be subject to a replay or timing attack, and it doesn't matter which crypto lib was used. This stuff needs many eyes from end to end to ensure that the implementation doesn't have a fatal flaw.
Adding the complexity of third party keys into the mix basically makes the "acceptable security" part of it impossible. If one person doesn't control the keys, they don't control the security.
So the only way this could possibly work is if, say, the FBI had a PKI program where they held the master key, but access to that key was role based and time boxed. You could even have multipart keys, where, say, the FBI and the manufacturer both held key parts, and they both had to present their tokens within a specific timeframe to gain access to the master key. This access would then be used alongside the individual's public key to generate a decryption key for the individual product.
Works fine in napkin theory. However, such a model is rife with holes in security management: not only will those keys need constant rotation to stay secure (due to the known bug in PKI and human fallability), someone still has to manage the servers that manage the private keys. And we've created a single point of failure that every single hacker in the world is going to see as the ultimate target, and this single point HAS to be connected to the Internet.
TL;DR: Sure there's plenty of bright people out there, but in order for good enough security, the entire process needs many eyes and few inputs. What the FBI wants is few eyes and many inputs, which isn't secure.
[ link to this | view in chronology ]
Petard Hoisting
I assumed this meant I wasn't the only one who listened to the Idle Thumbs and Important If True podcasts.
Hoists by one's own petard is a major theme
[ link to this | view in chronology ]
Re: So you're saying the whole public / private key thing is wrong.
When is Masnick going to put up that article in support of breathing?
[ link to this | view in chronology ]
He absolutely has, no doubt. He was also advised it's not possible... without making everyone less secure. He (FBI, NSA, ETC) could give 2 shit about the latter and it is acceptable collateral damage as long as they get the backdoor.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
Actually, you can be absolutely certain that he's found a government contractor - probably small and almost certainly fly-by-night - that specializes in telling government officials what they want to hear, who can absolutely accomplish what's considered to be impossible (by actual experts) as long as there are enough zero's on the check.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Let me pick one tidbit from the intro:
[ link to this | view in chronology ]
Re: Let me pick one tidbit from the intro:
I mean, it is. Because it is a feature that customers want.
[ link to this | view in chronology ]
Re: Re: Let me pick one tidbit from the intro:
That's why we're so proud of being a capitalist economy. Because making profit is evil. Right?
Right?
[ link to this | view in chronology ]
Re: Re: Re: Let me pick one tidbit from the intro:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
In 2000 - 2010 they said that we educated too many people in IT and the bubble was bursting again.
Today it is easy with very little knowledge to "hack" as long as you have $50 and know the right place to look (or can do the right search) and then we have "home-grown" IT people without an official education but with access to the greatest gathering of knowledge ever known.
My point is that the agencies loved the clear-text age, because they had the people with the knowledge to use (or misuse) that... today they are outdone by many forms of encryption that everyone has access to. So yeah, they have forgotten how to investigate, because for years it was so very easy for them.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
There are TWO choices
1. Securely encrypted devices. Hackers can't get into them. But neither can the government.
2. Insecure devices. The government can get into them. But so can hackers.
[ link to this | view in chronology ]
Let me pick one tidbit from the intro:
If the offer of encryption is enough of an added value for enough customers to make their phone choice (and it's not like the price spread is all that large) profitable, it seems like enough customers care for their privacy that should be protected from government intrusion by the Fourth Amendment (but isn't really anymore) that it counts.
So how about some representatives offering to work on making the Fourth Amendment heeded? There is a market for it, you know. It's just that the market is getting bled dry because of partisan politicsmaking and either of the two ingrained parties being a lousy choice for heeding any of the amendments coined against government overreach because either are too accustomed to getting their turn in the seat of power occasionally.
A person must not be running more than twice for president. How about a party being only permitted to rule not more than 5 times at all? Now that would upset the party system continuity that rides roughshod over democracy.
[ link to this | view in chronology ]
To: FBI Director Christopher Wray
From: Senator Ron Wyden
Re: Backdoors without weakening security
To: Senator Ron Wyden
From: INS
Re: Dreamers
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
FBI...
not
"Freely Browse Information"!
[ link to this | view in chronology ]
The Nerd Harder Song
---------------------------------------------------------
Nerd!
Nerd! Nerd! Nerd!
Nerd! Nerd! Nerd!
Nerd! Nerd! Nerd!
Nerd!
Nerd! Nerd! Nerd!
Nerd! Nerd! Nerd!
Nerd! Nerd! Nerd!
Loggin' in, startin' up Windows
Worst OS on the planet
But the spooks, they just love it to death
They want us all insecure all the time
Clapper's
lied on and on about this whole goin' dark
wants to go
and install some useless backdoors
But it's
not gonna work and it'll make us less safe
Now Wray still says tech needs to go
nerd harder
Nerd!
Nerd! Nerd! Nerd!
Nerd! Nerd! Nerd!
Nerd! Nerd! Nerd!
Nerd!
Nerd! Nerd! Nerd!
Nerd! Nerd! Nerd!
Nerd! Nerd! Nerd!
Ignorant, that's what Chris Wray is
Not a clue about nothin'
Safe backdoors, it just cannot be done
But he still asks for the impossible
Clapper's
lied on and on about this whole goin' dark
wants to go
and install some useless backdoors
But it's
not gonna work and it'll make us less safe
Now Wray still says tech needs to go
nerd harder
Just got to nerd harder
[ link to this | view in chronology ]
Re: The Nerd Harder Song
[ link to this | view in chronology ]
"These tech companies that have made billionaires of their founders are filled with the best nerds, but they're just not applying themselves."
In otherwords, nerd harder. So far that hasn't worked for eliminating the effects of gravity for physicists. It's a dodge for trying to say, "That's not my problem, I just know what I want. Someone else make it possible".
If it were that easy, I want to be able to go to other galaxies. Not next year but tomorrow. Has the same ring of reality to it.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Another consequence of backdoored encryption
The other 96% of the world population will know better than to use products from US companies -- because of baked-in backdoors. If you're looking for a security product, or a secure product, DON'T BUY FROM THE US!
Quasi-related: Intel's Management Engine is going to come back to bite them so hard they will hate the day they ever built it. These things just take time. But I suppose I should consider that Windows is used all over the world and Microsoft can totally pwn your Windows computer at its whim.
[ link to this | view in chronology ]
Re: Another consequence of backdoored encryption
LOL, You mean like how Windows 10 is a huge malware program pretending to be an OS? They demand control over your computer any time they feel like they need an update. Then they spy on all that you do on your computer. If you try and stop all the spying then they make sure the next forced update "fixes" all your settings preventing the spying.
[ link to this | view in chronology ]
Re: Re: Another consequence of backdoored encryption
A. No dear child, using Windows 10 is not a sin, it is a penance.
[ link to this | view in chronology ]
Re: Another consequence of backdoored encryption
I think you're being optimistic.
Intel's share of the processor market is already decreasing, but that's mostly due to the rise of ARM in mobile devices. Intel has very little competition in the desktop/laptop market; AMD has made some positive steps in the past year, but the vast majority of people buying a desktop or laptop are not the kinds of consumer who pay attention to whether it's got an Intel or AMD processor under the hood. (And the kinds of users who are likely to switch to AMD are enthusiasts who are more interested in performance for the buck than security -- if security were their highest priority, they wouldn't be using Windows.)
If IME is going to dent Intel's bottom line, it's going to be because OEMs become wary of Intel processors, not end users. I don't see much evidence of that happening yet. If a major remote exploit shows up in the wild, that could change things, but so far most of the exploits have required physical access, and there's no evidence of any attacks as yet.
I'd like to see users rise up against IME, but I just don't think it's a priority for most users -- hell, most users aren't even aware that it exists.
[ link to this | view in chronology ]
Re: Re: Another consequence of backdoored encryption
[ link to this | view in chronology ]
Re: Intel's share of the processor market is already decreasing
Intel is currently at number 3 in the processor market:
[ link to this | view in chronology ]
Re: Re: Intel's share of the processor market is already decreasing
[ link to this | view in chronology ]
Re: Re: Re: Intel's share of the processor market is already decreasing
The x86/x86-64 ISA is CISC, but the in-silicon processor architecture of the processing cores have been RISC for over a decade.
Their front-ends are CISCy, but the decode step in the pipeline breaks the instructions down into RISC instructions - what Intel calls micro-ops - for processing on the ALU/FPU. The actual processing cores - ALUs, FPUs, etc - are RISC engines.
[ link to this | view in chronology ]
Re: Re: Intel's share of the processor market is already decreasing
That is a crazy statistic, and has been the case since 2011.
https://www.theatlas.com/charts/Ek18VmbP
[ link to this | view in chronology ]
Re: Another consequence of backdoored encryption
US customers would get the backdoor distribution, while others - and no doubt the US government and FBI - would get the secure one.
[ link to this | view in chronology ]
"Purest Intentions"
Remember this is the same institution that entraps mentally disabled people in terrorist sting operations by gaslighting them and isolating them from all their friends.
Even if it _was_ possible to design encryption with a backdoor safe from hackers, The FBI (and the rest of our Law Enforcement) have demonstrated they should not be trusted with the keys.
Wray doesn't follow codes of ethics or honor. He just trumpets for his team -- a team to which the rest of us do not belong.
[ link to this | view in chronology ]
Dangit!
I keep forgetting to check my boxes.
Maybe put on the Techdirt wishlist the option to set the defualts for the comment options into our account settings
[ link to this | view in chronology ]
Maybe the FBI needs to attract more "Smart People" to their side
[ link to this | view in chronology ]
Hasn't this guy ever heard of Occam's Razor?
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Authorized persons would have the key to the encryption.
Unauthorized persons would not have the key and have to find a backdoor to get in.
If a backdoor exists, they will be able to get in. If it doesn't, they won't.
[ link to this | view in chronology ]
Re:
The argument is that a secure backdoor could be one where any given ciphertext can be decrypted by either of two keys: the unique one controlled by the person who the encryptor means to be able to decrypt the data, and a single central key which is in the control/custody of law enforcement (or of a company which is obligated to use it upon demand of law enforcement).
No encryption-breaking is involved in that backdoor; it's just that the encryption is designed to have two valid keys. (This is also why they try to argue that it's not a backdoor, it's a second front door, or something like that.)
Of course, even leaving aside the problems with securing the central key and the likelihood that that central key would be abused even by its authorized holders, the counterargument is that a system which is designed to have two keys in this way would be inherently easier to crack than one which is designed to have only one key, because of the mathematical underpinnings of the encryption.
That counterargument is where I understand the "nerd harder" line to come in; "if you think making one that's not less secure would be impossible, you must not be trying hard enough".
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Choice
I certainly hope the choice list is longer, including at least sane, sober considerations of the security needs of private citizens and an entire web of national and international commerce. However, if no other options ARE on the list, I hope it's malice. When it comes to malicious retaliation for deceitful attacks on Constitutional rights, I can think of no more deserving group than the FBI.
[ link to this | view in chronology ]
Hmmm...
[ link to this | view in chronology ]
Re: Hmmm...
[ link to this | view in chronology ]
"Ten..."
"Ten Ten what?"
"Eleven..."
"Wait, if this is a countdown, aren't you counting the wrong way?"
"Twenty..."
"... And now it's accelerating?!"
"...Fifty. This isn't a countdown, it's just a count - of how many malicious hacker groups already have possession of our 'secret secure master key'. One hundred..."
[ link to this | view in chronology ]
Are you willing to conduct all of your personal banking with this backdoor encryption system, Mr Wray?
[ link to this | view in chronology ]
Re: Are you willing to conduct all of your personal banking with this backdoor encryption system, Mr Wray?
Absolutely right. If they're willing to put the public's security at risk by mandating a security hole for things like banking, medical data, email and so on they should be required to put their own data under the same protections to demonstrate that they really believe that it's secure.
Anything less should be treated as a flat out admission that they don't trust what they claim is secure, and as such need to shut up.
[ link to this | view in chronology ]
And… it's gone!
[ link to this | view in chronology ]
Re: Re: Are you willing to conduct all of your personal banking with this backdoor encryption system, Mr Wray?
https://www.wired.com/2010/05/lifelock-identity-theft/
"Apparently, when you publish your Social Security number prominently on your website and billboards, people take it as an invitation to steal your identity.
LifeLock CEO Todd Davis, whose [social security]number is displayed in the company's ubiquitous advertisements, has by now learned that lesson. He's been a victim of identity theft at least 13 times,…"
[ link to this | view in chronology ]
Re: Re: Re: Are you willing to conduct all of your personal banking with this backdoor encryption system, Mr Wray?
Credit where it's due, he did put his money where his mouth was and learned personally why what he was pushing was a bad idea.
... Well, I was going to say I hope he learned his lesson, but a quick check at their wikipedia page and it seems that whether or not he learned his lesson the company at large apparently just brushed it aside and carried right on, to the point that they've been hit with multiple fines by the FTC, one in 2010 for deceptive advertising and another in 2015 for violations of the 2010 'agreement'.
[ link to this | view in chronology ]
It is refreshing...
These people with an impossible demand of "safe backdoors" keep demanding that we have an adult conversation, all the while acting like children, stomping the ground, going on like a 7 year old screaming "Waaah! I want a rocket launcher! Why can't I have it?! You are so mean!"
[ link to this | view in chronology ]
Re: It is refreshing...
Replace with Unicorn, Flying carpet or a Genie.
[ link to this | view in chronology ]
"Experts in the field agree with me." "Name them." "Uhh..."
[ link to this | view in chronology ]
History repeating itself...
It's almost as it Wray and his like keep reading Nineteen Eighty-Four where INGSOC is the benevolent dictator and Winston Smith is the enemy. Or maybe they're reading it as a 'how to'...
[ link to this | view in chronology ]
deliberately being withheld by the "smart people."
[ link to this | view in chronology ]
Re: deliberately being withheld by the "smart people."
Which makes the FBI Director the King of the Stupid :)
[ link to this | view in chronology ]
Brilliant
[ link to this | view in chronology ]
Re: Brilliant
Do they not take any notice whatsoever of all the cryptographic experts who say that safe backdoors can't be done?
Giving them the benefit of the doubt, they know, they just don't care.
Under that view it's simply grandstanding about how the terrible encryption helps criminals(ignoring the millions of non-criminals it protects), and how it allows them to avoid government scrutiny (again, ignoring that it also makes it harder to go on baseless fishing expeditions).
Besides, it's not like their data will be protected by broken encryption, because while every person is equal, some are more equal, and therefore more deserving of protection, than others.
[ link to this | view in chronology ]
Everyone is forced to 'backdoor' encryption for banks etc and the FBI holds the backdoor key.
if there is ANY breach, whether malicious or not, no matter who breached or why, the FBI's payroll budget is on the hook for compensation.
I'd say we match copyright at say $150,000 per item per breach. Sound fair to everyone else?
[ link to this | view in chronology ]