It may seem unlikely – or even impossible – but there is agreement between the former Obama administration and the Trump administration on at least one thing: Neither likes unbreakable encryption.
Deputy Attorney General Rod Rosenstein gave a couple of speeches in recent weeks focusing on encryption – one at a cybersecurity conference in Boston and another at the Naval Academy – that sounded almost like they could have come from former FBI director James Comey. Ironically enough, it was Rosenstein who signed off on President Trump’s decision to fire Comey last May.
But their philosophical arguments on this are essentially the same – strong encryption jeopardizes the lives and safety of Americans because it prevents law enforcement from gathering evidence, even when they have a warrant in hand.
The FBI famously took Apple to court last year over its inability to access an iPhone belonging to one of the San Bernardino terrorists. That conflict never got settled – it was dropped after the agency hired a vendor that was able to break the access code.
But this past March, at a conference in Boston, Comey argued that strong encryption was allowing major swaths of the criminal and terrorist underworld to “go dark.”
There has always been corner of the room that was dark – that was where sophisticated actors like nation states operated… (but now) more and more of the room is dark. It’s not just sophisticated actors. Now it’s drug dealers, pedophiles and other bad actors. That shadow is spreading.
He argued that he “loves privacy” and supports encryption. But he said the current level of it, with no way for government to break it, breaks the “bargain” that government is allowed to invade privacy with probable cause and a warrant.
That was the argument from Rosenstein as well. While he declared he had no intention to “undermine” encryption, he said that when it is designed with no means of lawful access…
… it allows terrorists, drug dealers, child molesters, fraudsters, and other criminals to hide incriminating evidence. Mass-market products and services incorporating warrant-proof encryption are now the norm.
Where he went further than Comey was describing how he thinks, “responsible encryption is achievable.”
Responsible encryption can involve effective, secure encryption that allows access only with judicial authorization. Such encryption already exists. Examples include the central management of security keys and operating system updates; the scanning of content, like your e-mails, for advertising purposes; the simulcast of messages to multiple destinations at once; and key recovery when a user forgets the password to decrypt a laptop. No one calls any of those functions a “back door.” In fact, those capabilities are marketed and sought out by many users.
It’s not the first time that the US government has looked at the central management of encryption keys. In the early nineties it tried to introduce the Clipper chip – an encryption and decryption chip for consumer devices that came with a backdoor for law enforcement.
It was found to harbour a number of vulnerabilities, was never widely adopted and was quickly made obsolete by strong encryption that wasn’t controlled by the government, such as Phil Zimmermann’s PGP.
Clipper didn’t impress cryptographer Bruce Schneier (now CTO at IBM Resilient), who described the idea of a global key escrow system as “far beyond the experience and current competency of the field”.
He isn’t impressed this time around either. Speaking in a podcast this week with Paul Roberts of the Security Ledger, he said it is absurd to think that Rosenstein’s vision of encryption is possible:
…for encryption to work well unless there is a certain piece of paper (a warrant) sitting nearby, in which case it should not work.
Mathematically, of course, this is ridiculous. The math either works or it doesn’t. You don’t get an option where the FBI can break encryption but organized crime can’t. It’s not available technologically.
Indeed, the government’s track record on securing everything from employee data (the Office of Personnel Management breach) and malicious exploits developed by US spy agencies suggest that if it has the technology or the keys to defeat encryption, the threat of it being compromised would be very real.
The National Security Agency (NSA) failed to secure an exploit it had developed called EternalBlue. It was leaked by the hacker group Shadow Brokers on April 14, and used as part of the worldwide WannaCry ransomware attack in May, the NotPetya cyberattack in June and reportedly part of the Retefe banking Trojan since early September.
Those and other instances of lax government security, privacy advocates say, means weakening encryption for government would be much more of a threat to public safety than criminals’ ability to “go dark.”
Even if the government could make the use of unbreakable encryption illegal it would still have to contend the most basic of realities: criminals don’t obey the law. Law abiding citizens would be forced to use hobbled encryption while criminals continued to choose the strongest encryption available.
Marc Rotenberg, executive director of the Electronic Privacy Information Center, who debated Comey about a year ago at a conference hosted by the American Bar Association, argued that the Fifth Amendment does indeed give American citizens an absolute right to privacy.
To Comey’s assertion that the FBI had custody of 650 phones it could not decrypt (Rosenstein said that number is now about 7,500 “mobile devices”), Rotenberg noted that in 2013 alone, more than 3.1 million cell phones were stolen. Without strong encryption on those phones, “crime would be much higher in the United States,” he said.
And Shahid Buttar, director of grassroots advocacy at the Electronic Frontier Foundation (EFF), said encryption is often the only thing protecting journalists in repressive countries, whistleblowers even in the US, and religious minorities such as Christians in Muslim countries.
At the root of this is a misapprehension of what security means. To them (law enforcement) it’s a matter of the power of their agencies. To the rest of us, it’s who has access to our private communications.
The debate – obviously – will continue.
Rosenstein said if companies are allowed to created “law-free zones” for their customers, the consequences would be that, “crime cannot be solved. Criminals cannot be stopped and punished.”
But Schneier said the math works the other way. In an era when hostile nation states are trying to tap classified communications, “it’s hard to have a system that is made deliberately weak for law enforcement that doesn’t make it weak for other governments.”
But he added that he doubts there will be any serious moves in Congress to mandate that government can defeat encryption. “It’s all rhetoric,” he said. “And for now it’s too controversial.”
Mark Stockley
Government is a many-headed hydra. The same organisation funded the development of Tor, the biggest “dark corner of them all”, and MEMEX, the search engine designed to shine a line into that dark corner.
Paul Ducklin
Where was it that the internet itself came from?
Anton.
Sometimes i think Government[Law enforcement] is either confused or very misinformed of how certain things work. so….. “put a door for only Law enforcement in Encryption”. maybe in USA hehehe…lol , it really sounds funny. i don’t think other countries are buying the Notion.
Seriously…. that renders Encryption useless and meaningless.
Correct/ Truth-:”Instances of lax government security, means weakening encryption for government would be much more of a threat to public safety than criminals’ ability to “go dark.”
Correct and Truth -:”Even if the government could make the use of unbreakable encryption illegal it would still have to contend the most basic of realities: criminals don’t obey the law. Law abiding citizens would be forced to use hobbled encryption while criminals continued to choose the strongest encryption available”.
RichardD
Unfortunately, some other countries are buying into the same idea.
Here in the UK, our Home Secretary has repeatedly called for the same thing, and recently said she doesn’t have to understand encryption to know that she wants to prevent criminals from using it.
Down in Australia, the PM fairly recently said that the laws of mathematics are commendable, but they don’t override the laws of Australia.
It seems to be an easy drum to bang for politicians who don’t understand the topic.
ejhonda
Oh, those wacky US Feds. I prefer my irresponsible encryption, thank you.
Mahhn
On behalf of the world I offer to make a deal with the US government.
Open all your books to the public; financial, missions, every single secret. End all exemptions of government workers from US law (yes including Congress and Senate excluding themselves from healthcare laws). Remove all corruption/money from politics, (lobby, bribes, pacs, foreign/corporate donations, all contributions exceeding $100 per person per year). Eliminate the dumb laws giving companies human rights while not making them accountable for their actions as a human. Eliminate political parties and make people run on their own merits.
Do that, and you can have a backdoor into everything. Skip just one and you get NOTHING!
The Netsies
You, sir win my “Internet comment of the day” award for excellence. You are exactly right, and kudos to you.
delayedthoughtengineering
If the government were to truly want breakable encryption for all, all they would have to do is create an encryption solution that works effortlessly in everyday life, similar to https. No encryption process works that smoothly yet, so if they were to introduce it, it would take off, and everybody, including the lazy, and the lazy outlaws, would use it. Easier written than done.
Of course, this is government we are talking about. They have to get contracts with civilian organizations, they have to water it down with endless committee changes, and they have to otherwise make it a waste of taxpayer money.
James
…the idea of a global key escrow system
Equifax has graciously offered to do the escrow of the keys.
FreedomISaMYTH
“terrorists, drug dealers, child molesters” always the same fear-mongering and yet I have never met any of these three types in my life…
John C
Yes you have; you just don’t know it. Probably not terrorists, but you probably have met drug dealers and definitely child molesters.
Jeff
Rosenstein gave several examples of current encryption and said that ‘No one calls any of those functions a “back door.” ‘. I beg to differ — I consider all of them as types of back doors, and all have risks.
Peter Haigh
What’s that odour? Mmmmmm… Smells like 56 bit DES is trying to make a comeback!!!
Paul Ducklin
Rot-13 FTW. Or its double-strength variant rot-26.
[Yes, this a a joke. Just mentioning that in case :-]
Wilderness
Rosenstein said if companies are allowed to created “law-free zones” for their customers, the consequences would be that, “crime cannot be solved. Criminals cannot be stopped and punished.”
Well, that much is true. Ransomware only exists because crypto-currencies allow them to move funds completely independently of oversight.
Mark Stockley
Ransomware isn’t dependent on crypto-currencies (and making money using malware isn’t dependent on ransomware).
RichardD
And crypto-currencies aren’t as anonymous as many people think. :)
KeithF
Wasn’t there a time when the US required “export” encryption to be limited to 48-bits so it was easier to crack? Then the rest of the world simply bought non-US products with stronger encryption? So if the US or another country requires back doors, wont the bad folks simply use encryption that is developed in countries where it (supposedly) lacks a back door?
Paul Ducklin
It was 40 bits, and, yes, that law was an ass that worked against the US crypto industry while incommoding the crooks not at all.
As we wrote a couple of years ago:
“[The crypto-crushing laws] were a silly idea from the start: US companies just imported cryptographic software that had no export restrictions, and hurt their own software industry.”
The laws also left us with legacy “export grade” ciphers that remained in many products for years after they were no longer needed, ultimately leading to a slew of security problems. (To be fair, that part of the problem was not the fault of US regulators – once they scrapped the crypto-crushing laws, any continued use of crushed-crypto algorithms was the fault of the rest of us.)
For more background:
https://nakedsecurity.sophos.com/2015/09/04/to-encrypt-or-not-to-encrypt/
njorl
“secure encryption that allows access only with judicial authorization. Such encryption already exists. … Examples include the central management of … operating system updates”
What was Rosenstein revealing here? If O/S updates provide an example of extant encryption yielding judicial access, O/S updates must already have been dispatched to selected, or all (on the same update path), machines to cripple some, or all, of their encryption capabilities.
“No one calls any of those functions a ‘back door’”. Certainly, I agree I would not call it a “back door”. A closer analogy is with the whole building being controlled by or for the state. So, the metaphor might be “prison”.
Laurence Marks
When unbreakable encryption is outlawed, only outlaws will have unbreakable encryption.
As long as the government hires and protects creeps like Lois Lerner and her boss, John Koskinen, there’s no way I would trust them to operate a back door. Not to mention the former Secretary of State.
Mark
Oh dear. Will politicians never learn to stay away from commenting on IT? They seem to make sweeping statements that leave most tech professionals shaking their heads in dismay because of the unfeasability of it all. I know. We’ll have to add this to our magic buttons array and we can put it near the “make the internet safe” button
herrman
This reminds me the situation from the 90ies when cryptography was export regulated like radioactive materials and uncle Sam’s crazy solution to allow the export of crippled crypto… Well DROWN, LOGJAM, FREAK and partially POODLE as well were all fruits of this poison tree which we all had to eat due to their paranoia decades after it was covered by dust. Hopefully they won’t try the same path again.
Lyle
Government and law enforcement act like they have no rogue employees. If encryption is ever made to work unless broken by law enforcement, then more criminals will infiltrate and work for law enforcement so that many other criminals will be able to break encryption using law enforcement techniques.
MirceaKitsune
Why can’t the universe be responsible and offer backdoors to oral speech? Criminals being able to whisper in each others ears creates law-free zones, where authorities cannot monitor criminal activity with a warrant. This is unheard of! We need to use responsible air vibrations, where the air allows someone with juridical authorization to check what waves traveled between peoples mouths and ears.
jkwilborn
The simple bottom line (in dollars and cents) is that if we require a breakable encryption, then the we will cease to be one of the world leaders in technology. I’m not buying them, why would anyone else?
Then, how would they know? Prosecute when they can’t decrypt the target? You are talking about legally invasive requirements to ensure compliance. Of course this doesn’t apply to them…
Where does that put me with my Linux box that has encryption? Will I become a criminal? That would mean open source wouldn’t be allowed. I could build my own kernel with encryption of my choice.
We have seen the government find these ‘people’ then let them go ahead and do it anyway. All of this is ‘after the fact investigations’ and will not stop anything.