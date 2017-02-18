from the double-speak dept.
Riana Pfefferkorn, a Cryptography Fellow at the Center for Internet and Society at Stanford Law School, has published a whitepaper on the risks of so-called "responsible encryption". This refers to inclusion of a mechanism for exceptional access by law enforcement to the cleartext content of encrypted messages. It also goes by the names "back door", "key escrow", and "golden key".
Federal law enforcement officials in the United States have recently renewed their periodic demands for legislation to regulate encryption. While they offer few technical specifics, their general proposal—that vendors must retain the ability to decrypt for law enforcement the devices they manufacture or communications their services transmit—presents intractable problems that would-be regulators must not ignore.
However, with all that said, a lot more is said than done. Some others would make the case that active participation is needed in the democratic process by people knowledgeable in use of actual ICT. As RMS has many times pointed out much to the chagrin of more than a few geeks, "geeks like to think that they can ignore politics, you can leave politics alone, but politics won't leave you alone." Again, participation is needed rather than ceding the whole process, and thus its outcome, to the loonies.
Trump's Department of Justice is trying to get a do-over with its campaign to get backdoors onto iPhones and into secure messaging services. The policy rebrand even has its own made-up buzzword. They're calling it "responsible encryption."
After Deputy Attorney General Rod J. Rosenstein introduced the term in his speech to the U.S. Naval Academy, most everyone who read the transcript was doing spit-takes at their computer monitors. From hackers and infosec professionals to attorneys and tech journalists, "responsible encryption" sounded like a marketing plan to sell unsweetened sugar to diabetics.
Government officials -- not just in the U.S. but around the world -- have always been cranky that they can't access communications that use end-to-end encryption, whether that's Signal or the kind of encryption that protects an iPhone. The authorities are vexed, they say, because encryption without a backdoor impedes law-enforcement investigations, such as when terrorist acts occur.
[...] "Look, it's real simple. Encryption is good for our national security; it's good for our economy. We should be strengthening encryption, not weakening it. And it's technically impossible to have strong encryption with any kind of backdoor," said Rep. Will Hurd (R-Texas), when asked about Rosenstein's proposal for responsible encryption at The Atlantic's Cyber Frontier event in Washington, D.C.
The EFF addresses some shortcomings in the recent report to policy makers by the National Academies of Sciences (NAS) on encryption.
The National Academy of Sciences (NAS) released a much-anticipated report yesterday that attempts to influence the encryption debate by proposing a "framework for decisionmakers." At best, the report is unhelpful. At worst, its framing makes the task of defending encryption harder.
The report collapses the question of whether the government should mandate "exceptional access" to the contents of encrypted communications with how the government could accomplish this mandate. We wish the report gave as much weight to the benefits of encryption and risks that exceptional access poses to everyone's civil liberties as it does to the needs—real and professed—of law enforcement and the intelligence community.
The report via the link in the quote above is available free of charge but holds several hoops to hop through between you and the final PDF. The EFF recognizes that the NAS report was undertaken in good faith, but identifies two main points of contention with the final product. Specifically, the framing is problematic and the discussion of the possible risks to civil liberties is quite brief.
(Score: 3, Insightful) by Anonymous Coward on Sunday February 18, @11:17AM (5 children)
Money, as always, will be the determining factor.
Who has more money? Geeks or the government? And don't forget the stick that dangles the carrot. Governments can coerce businesses to accept "an offer they can't refuse".
Secure communication has become an oxymoron.
End of story.
(Score: 2, Interesting) by Anonymous Coward on Sunday February 18, @01:48PM (4 children)
Retain existing encryption code (it won't magically vanish), send your own manually encrypted gunk thru unsafe network.
(Score: 3, Insightful) by Grishnakh on Sunday February 18, @02:19PM (3 children)
Retain existing encryption code (it won't magically vanish), send your own manually encrypted gunk thru unsafe network.
Two problems with that idea:
1. Compatibility: everyone else will be using the "responsible" crypto protocols, so using today's existing code will be about as useful as, oh, sending a PGP-encrypted email to your grandmother. Vendors like Apple will build the FBI-approved stuff into their devices, and block unapproved stuff from their walled garden app stores. So anyone using non-conforming crypto will stick out and be easily detected, and will be very suspicious.
2. Legality: Non-conforming crypto can be simply banned, and with all the snooping on the internet, pretty easily detected. You'll have to resort to steganography, and the only reason you'd want to go down this route is because you really *are* up to something.
Realistically, #1 is the most likely scenario. They don't need to ban current crypto, they just need to render it irrelevant by getting current vendors to adopt their preferred backdoored solutions. Criminals/terrorists usually just use stuff that's commonly available. Remember, the San Bernardino shooters had iPhones which the FBI was mad about not being able to easily get into. If Apple had had a backdoor, then they wouldn't have had this problem, and if that were the case, the likelihood that those shooters would have been savvy enough to jailbreak their phone and install some other kind of crypto app and then use that for communications is pretty low.
The problem is that competent criminal organizations *will* have enough savvy to do that, and then get their members to use it (criminal organizations do have "IT departments" these days), so this stuff would only help the FBI get into the devices of lone wolves and other not-so-competent people. The other problem, of course, is that these backdoors will inevitably get out at some point, and suddenly everyone's encrypted data is now unprotected. There's just no way multiple large organizations can keep this stuff a secret indefinitely.
(Score: 2) by JNCF on Sunday February 18, @02:50PM
Or because you want privacy in an age where its illegal.
(Score: 3, Interesting) by JoeMerchant on Sunday February 18, @02:58PM
Very true, which is why artful steganography is a valuable skill.
(Score: 2) by JoeMerchant on Sunday February 18, @03:01PM
So many "mob enforcement" movies fall back on the theme that most gangsters are basically idiots and confess openly to law enforcement. Law enforcement is busy enough collecting these wise-guys that they don't have much bandwidth leftover to try to crack the hard nuts.
(Score: 5, Insightful) by Anonymous Coward on Sunday February 18, @12:34PM (1 child)
Encryption for dummies
There are only two states:
1 - It works
2 - It does not work
p.s.:
"Responsible Encryption", "back door", "key escrow", "golden key", etc.. all fall in the second case
(Score: 3, Interesting) by JoeMerchant on Sunday February 18, @02:56PM
Odd that this is modded insightful. Encryption is actually graded based on time/effort required to break it, its effectiveness scale is far from binary. To the point of OP, however, "responsible" or "backdoored" encryption basically has a zero time/effort required for it to be broken by anyone who has access to the backdoor key, so would fall pretty close to the "doesn't work" category, if you care about keeping your secrets from anyone who might have backdoor access.
On the other end of the spectrum, strong encryption takes a lot of effort / long time to break - but, as long as the message can be read by the intended recipients, there is the possibility that it will also be read by unintended persons.
(Score: 4, Interesting) by JoeMerchant on Sunday February 18, @02:50PM
If you care about keeping a secret, the only real answer is to DIY the encryption - learn as much as you feel you need to about the algorithms, implement them yourself, and try to not copy something exactly that's in mainstream use and likely to be broken.
This is not saying: make up your own stuff from scratch and hope it sticks... this is saying: research the methods that have been proven, roll your own implementation from vetted published solutions, and include enough variation that when a successful attack method for the common implementations inevitably gets released it won't work on your implementation.
Or, pick one of these and pray: https://www.techrepublic.com/blog/five-apps/five-free-and-secure-messaging-tools/ [techrepublic.com]
It's always a tradeoff between convenience and security - rolling your own does come with a high inconvenience cost, and a risk that if you are sloppy you'll be insecure anyway, but if you're not a high value target then the effort required to practically secure your own communications is pretty low.
(Score: 2, Interesting) by Anonymous Coward on Sunday February 18, @03:00PM
Is where only *I* can decrypt it.
(Score: 0) by Anonymous Coward on Sunday February 18, @03:21PM
ok, this is not realistic, but just for kicks:
the encrypted communications device holds the secret (longish) pin to disarm
a dirty nuke that has been discovered in some major city?
the encrypted communications device holds the secret anti-dot/vaccine to some
army-nation-state developed super flu?
also something about foiling a time traveler, but nevermind that...
my opinion is that if law enforcement has a search warrant, they can search you house
AND YOUR MOBILE PHONE!
of course, it is NOT OKAY that law enforcement has the "unlock keys" to the device.
separation of power and all.
in the same way that law enforcement cannot give
itself the search warrant, they cannot give themselves the key to unlock the
phone, which needs to be IN THEIR PHYSICAL POSSESSION.
The "unlock key" ALSO needs to be in the form and shape of a PHYSICAL DEVICE.
Now, because the device to unlock is also a physical device, again a physical
key is required.
thus, maybe, the unlocking key/device is housed at the manufacturers location, but behind
a physical door that only law enforcement can open but the manufacturer is only
required to give access to the lock if law enforcement can show a search warrant AND THE PHYSICAL DEVICE that needs to be unlocked.
this is so that the manufacturer has to be true to their word, that they
themselves cannot unlock the phone .. for some reason or other (maybe to find carmen sandiego).
ofc someone will come up with a solution that works digital, remote-over-the-air (lol), or via a physical cable dongle (that nobody in china can mass produce for 0.02 dollars)
and nobody will find a way around it... for all!
anyways, my money is on:
loonies win! "Again, participation is needed rather than ceding the whole process, and thus its outcome, to the loonies."