SoylentNews

New Paper on The Risks of "Responsible Encryption"

posted by mrpg on Sunday February 18 2018, @11:06AM   
from the double-speak dept.

canopic jug writes:

Riana Pfefferkorn, a Cryptography Fellow at the Center for Internet and Society at Stanford Law School, has published a whitepaper on the risks of so-called "responsible encryption". This refers to inclusion of a mechanism for exceptional access by law enforcement to the cleartext content of encrypted messages. It also goes by the names "back door", "key escrow", and "golden key".

Federal law enforcement officials in the United States have recently renewed their periodic demands for legislation to regulate encryption. While they offer few technical specifics, their general proposal—that vendors must retain the ability to decrypt for law enforcement the devices they manufacture or communications their services transmit—presents intractable problems that would-be regulators must not ignore.

However, with all that said, a lot more is said than done. Some others would make the case that active participation is needed in the democratic process by people knowledgeable in use of actual ICT. As RMS has many times pointed out much to the chagrin of more than a few geeks, "geeks like to think that they can ignore politics, you can leave politics alone, but politics won't leave you alone." Again, participation is needed rather than ceding the whole process, and thus its outcome, to the loonies.

Source : New Paper on The Risks of "Responsible Encryption"

Related:
EFF : New National Academy of Sciences Report on Encryption Asks the Wrong Questions
Great, Now There's "Responsible Encryption"

---

Original Submission

• Re:DIY is the only answer Re:DIY is the only answer (Score: 2) by JoeMerchant on Monday February 19 2018, @03:55AM (1 child)

  by JoeMerchant (3937) on Monday February 19 2018, @03:55AM (#639953)

  Well, one solution for the "two can keep a secret" problem is for all parties to communicate 1:1 using each others' public keys. If one (or more) parties are sloppy with their keys, only messages addressed to the poor key keeper are compromised. This is just as unavoidable as the sloppy party re-posting the decrypted content in public - you can't stop a bad actor, but you can limit what you share with them.

  --
  🌻🌻 [google.com]

  Parent

  Starting Score:	1		point
  Karma-Bonus Modifier		+1
  Total Score:		2

• Re:DIY is the only answer (Score: 2) by NotSanguine on Monday February 19 2018, @04:33AM

  by NotSanguine (285) <{NotSanguine} {at} {SoylentNews.Org}> on Monday February 19 2018, @04:33AM (#639961) Homepage Journal

  Well, one solution for the "two can keep a secret" problem is for all parties to communicate 1:1 using each others' public keys. If one (or more) parties are sloppy with their keys, only messages addressed to the poor key keeper are compromised. This is just as unavoidable as the sloppy party re-posting the decrypted content in public - you can't stop a bad actor, but you can limit what you share with them.

  Absolutely. Unfortunately (as I pointed out in my reply [soylentnews.org] to your previous comment), the software ecosystem that would need to support widespread use of asymmetric key encryption is sorely lacking in the features that could engender widespread use.

  Choosing the "wrong" (whether they be incompetent, unprincipled, stupid or otherwise "bad actors") folks with whom to communicate sensitive information goes far beyond digital communications, as is evidenced by (I'm sure there's at least one in your circle) that person(s) who can't help but tell everyone the stuff you reveal to them in confidence.

  --
  No, no, you're not thinking; you're just being logical. --Niels Bohr

  Parent