Skip to content
Naked Security Naked Security

US government wants “keys under doormat” approach to encryption

It's not exactly plaintext copies of all your communications, but that doesn't make it OK

No, Assistant US Attorney General Rod Rosenstein did not call for tech giants like Apple, Google and Microsoft to keep plaintext copies of all your communications lying around just in case the FBI or other law enforcement agencies come calling with a warrant.

Unfortunately, that is the way some reports spun Rosenstein’s latest salvo in the encryption wars, which came at the end of a speech delivered Monday at the North American International Cyber Summit in Detroit.

Unfortunate because Rosenstein could complain that his comments were distorted, which would distract from the fact that what he did say didn’t improve on either the practicality or the privacy implications of what he said several weeks earlier in speeches at a cybersecurity conference in Boston and at the Naval Academy.

The Assistant AG, echoing former FBI director James Comey, had argued then that unbreakable encryption is allowing criminals to “go dark,” preventing law enforcement from doing its job by denying it the ability to detect, prevent and collect evidence of crimes.

This week the message was slightly modified. Rosenstein said encryption serves, “a valuable purpose.” He called it, “a foundational element of data security and essential to safeguarding data against cyber-attacks.”

And he said he supports, “strong and responsible encryption.” Which to him means, “effective, secure encryption, coupled with access capabilities.”

I simply maintain that companies should retain the capability to provide the government unencrypted copies of communications and data stored on devices, when a court orders them to do so… When a court issues a search warrant or wiretap order to collect evidence of crime, the company should be able to help.  The government does not need to hold the key.

According to The Register, this meant Rosenstein was proposing to, “let people send stuff encrypted as normal, but a plaintext copy of everything – from communications to files on devices – must be retained in an unencrypted form for investigators to delve into as needed.”

Not exactly. Companies don’t have to store everything in plaintext. They just need to have a key – which they can keep – to render data in plaintext when law enforcement comes bearing a warrant. Tufts University professor-Susan Landau, writing on the Lawfare blog last week, called this the “Keys Under Doormat” concept.

Two years ago, Landau was among more than a dozen coauthors of a lengthy paper in the Oxford Academic Journal of Cybersecurity by that title, which presents multiple reasons why such a concept won’t work. The very short version is that, “there is no safe way to do this; any system that provides a way in for law enforcement will inevitably be subverted by hackers.”

Still, Rosenstein also argued that tech companies already circumvent encryption to provide access to data for other reasons. He mentioned, as he has in previous speeches:

… systems that include central management of security keys and operating system updates; scanning of content, like your e-mails, for advertising purposes; simulcast of messages to multiple destinations at once; and key recovery when a user forgets the password to decrypt a laptop.  No one calls any of those functions a “backdoor.” In fact, those very capabilities are marketed and sought out.

Bruce Schneier, CTO of IBM Resilient Systems, another coauthor with Landau of the “Keys Under Doormat” paper, mocked that logic several weeks ago. He noted that that it is absurd to think that encryption can be made to, “work well unless there is a certain piece of paper (a warrant) sitting nearby, in which case it should not work.”

Mathematically, of course, this is ridiculous. You don’t get an option where the FBI can break encryption but organized crime can’t. It’s not available technologically.

Schneier said this week that Rosenstein’s latest speech doesn’t improve on that absurdity.

He can get a warrant for any of those less secure services already. He doesn’t want that. He wants access to the more secure services that don’t have that corporate back door.

Why do we care if he modifies his rhetoric in order to more successfully hoodwink his listeners?

Rosenstein also sought to persuade with a collection of alarming statistics (reproduced here so that you know what he said, not as an endorsement of their veracity by Naked Security):

  • DDoS attacks can amount to 18% of a country’s total internet traffic.
  • The global cost of cybercrime is expected to spike from $3 trillion in 2015 to $6 trillion in 2021.
  • Ransomware attacks are up from 1,000 per day in 2015 to 4,000 per day since the start of 2016. The FBI says ransomware infects more than 100,000 computers per day worldwide.
  • The “WannaCry” ransomware, besides infecting hundreds of thousands of computers, paralyzed Britain’s National Health Service.

Privacy advocates have heard all that and more, and say they take seriously the need for law enforcement to have the tools it needs to bring criminals to justice. But they contend that law enforcement already has vast surveillance capabilities – what Schneier has more than once called, “a golden age of surveillance” – and complying with government demands to defeat encryption even in allegedly selective circumstances will damage public safety rather than improve it.

Gary McGraw, vice president of security technology at Synopsys, scoffs at Rosenstein’s claim that everybody’s privacy will be protected as long as companies, not government, hold the key to unlock encrypted data (key escrow). That simply demonstrates that he doesn’t understand encryption. “He’s an idiot,” McGraw said.

Kurt Opsahl, general counsel of the Electronic Frontier Foundation, in a blog post earlier this month, said Rosenstein has it wrong from the start when he contends that society has never before had a system where, “evidence of criminal wrongdoing was totally impervious to detection.”

Rosenstein is apparently unaware of in-person conversations and, until a couple of decades ago, pay phones, he said.

And he is as scornful as McGraw about what he calls Rosenstein’s “magical dream of secure golden keys.”

First, perfect security is an unsolved problem. No one, not even the NSA, knows how to protect information with zero chance of leaks. Second, the security challenge of protecting a signing key, used only to sign software updates, is much less than the challenge of protecting a system which needs access to the keys for communications at the push of a button, for millions of users around the globe.

Opsahl notes that the Department of Justice has called for an “adult conversation” about encryption.

“This is not it,” he said. “The DoJ needs to understand that secure, end-to-end encryption is a responsible security measure that helps protect people.”


“The DoJ needs to understand that secure, end-to-end encryption is a responsible security measure that helps protect people.”

and its not going anywhere. Even if you force law abiding people to use broken encryption, the bad guys don’t follow the rules!


Kinda dumb of Rosenstein to bring up WannaCry, since it wouldn’t have existed without the NSA’s eternal blue. Almost like hitting someone then saying; look we need security, he got hit.


It is worth mentioning that many terrorists already use the russian-made Telegram instead of the american-made WhatsApp and co. because they already believe that the american-made apps can be intercepted by the relevant government bodies.


I think you’ll find that Telegram is used by a lot of Linux users – most of which will probably be arguing about which desktop environment is best. Telegram by default does not enable secret chats – you have to request the key exchange and this only happens with mobile devices.

Besides, what makes you think that authorities will try to break the encryption? They’re more likely to break into the phone using the baseband backdoor, wait until your device deciphers the message and then just read the plain text. Much easier than breaking the encryption.

Of course if you are worried about the Russians, you could always ask he Israeli’s to hack into the Kaspersky network to spy on them, who in turn are spying on the Americans, who are in turn spying on the rest of the world (including the Israeli’s)…..

The only thing that is stopping the human race from annihilating itself is the ability to deceive, cheat and lie – imagine a world where everything was public. How long do you think peace would last? I’d give it a day tops before we would destroy ourselves. Some things ought to stay private for the greater good. That’s why true encryption is essential.


Governments claim they have always had the ability to recover documents, but they are ignoring the age-old issue of paper, fireplaces and matches. Are we to believe that criminals under pressure of discovery never burned evidence in fireplaces? Aren’t ashes in August sort of a clue?


Why doesn’t he pilot key escrow with the people releasing cryptolockers. If it works out the rest of us can follow afterwards.

What? It’s just as practical as what he said.


Kinda have to wonder what the relevance of those “alarming statistics” in this entire circus. You can’t prevent DDoS or Ransomware by weakening encryption.


They already have it, it’s called the FIPS. If you want your certification approved, well you can figure it out what happens next.


Governments are human and will continue to try anything to get access to everyone’s deepest secrets. Waterboarding anyone?


Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?
You’re now subscribed!