Techdirt covers a new paper published by the US National Academies of Science, Engineering, and Medicine regarding the general access that the FBI and DOJ want to encrypted communications.
Another paper has been released, adding to the current encryption discussion. The FBI and DOJ want access to the contents of locked devices. They call encryption that can be bypassed by law enforcement "responsible encryption." It isn't. A recent paper by cryptograpghy expert Riana Pfefferkorn explained in detail how irresponsible these suggestions for broken or weakened encryption are.
This new paper [PDF] was put together by the National Academies of Science, Engineering, and Medicine. (h/t Lawfare) It covers a lot of ground others have and rehashes the history of encryption, along with many of the pro/con arguments. That said, it's still worth reading. It raises some good questions and spends a great deal of time discussing the multitude of options law enforcement has available, but which are ignored by FBI officials when discussing the backdoors/key escrow/weakened encryption they'd rather have.
The paper's suggestions have not been rigorously investigated by those with domain expertise, yet.
Source : Report On Device Encryption Suggests A Few Ways Forward For Law Enforcement
(Score: 0) by Anonymous Coward on Monday February 26 2018, @09:31AM
You let them have the word "responsible" when they came up with "responsible disclosure", and now they have found another use for it: "Responsible encryption".
What did you expect?
Responsible disclosure: Letting the bad guys get six months to abuse a security hole, before you tell the victims "oh, btw, we have a security hole, you might want to block port 666 at the firewall until we have a patch ready".