More Encryption Is Not the Solution

CowboyRobot writes "Poul-Henning Kamp argues that the 'recent exposure of the dragnet-style surveillance of Internet traffic has provoked a number of responses that are variations of the general formula: "More encryption is the solution." This is not the case. In fact, more encryption will probably only make the privacy crisis worse than it already is.' His argument takes a few turns, but centers on a scenario that is a bit too easy to imagine: a government coercing software developers into disabling their encryption: 'There are a whole host of things one could buy to weaken encryption. I would contact providers of popular cloud and "whatever-as-service" providers and make them an offer they couldn't refuse: on all HTTPS connections out of the country, the symmetric key cannot be random; it must come from a dictionary of 100 million random-looking keys that I provide. The key from the other side? Slip that in there somewhere, and I can find it (encrypted in a Set-Cookie header?). In the long run, nobody is going to notice that the symmetric keys are not random — you would have to scrutinize the key material in many thousands of connections before you would even start to suspect something was wrong.'"

No story?

No link to any story at all? Since when does Slashdot provide a private blogging platform on the front page?

In this scenario, the endpoint is compromised.

[Arancaytar]

In that case, indeed, no amount of encryption will save you.

Links or it didn't happen

[zacs]

It would be super cool if there was some kind of technology that allowed you to provide a link to the source material for discussion...

http://queue.acm.org/detail.cfm?id=2508864

Complete idiocy

In other news, locks do not work if someone gains a copy of your key. Therefore more locks are not the solution, and locks actually harm security!

Wait...what?

This is complete rubbish. Of course encryption doesn't work if you are trusting a giant cloud corp. not to have a man on the inside corrupting the encryption process.

That is the exact reason why more encryption is the answer! People need to be taking the issue into their own hands, using their own (open source) personal or community-driven encryption schemes that are provably secure. Trusting a giant corp. to generate your keys for you and presuming that is THE ONLY WAY encryption can work is such fantastically F.U.D I don't even know where to begin.

better title:some common encryption practices suck

[ron_ivi]

Encryption isn't fundementally the problem here.

The problem is insecure distribution and control of private keys. (i.e. https that depends on trusting Certificate Authorities that appear easy to abuse by governments).

Better solutions could exist --- for example if HTTPS would only work after checking both certificates from a "trusted" certificate authority *and* a self-signed cert. That way all you rely on is that the CA wasn't compromised when you first exchanged the keys for the self-signed cert. Once that happens, even if a CA cooperates with an oppressive regime later, the self-signed cert would keep you safe.

Re:Call it the Fermat's Last Theorem Effect

[TWX]

Like bank transfers and just about all financial-services communications?

There are so many people that move around in this world that I expect good old-fashioned sneakernet with one-time pads will just become the norm, especially when time is not necessarily of the essence. When more data is needed then micro-SD will be employed, and encrypted connections will be left for when absolutely necessary.

When I was a kid, if my friends and I wanted to meet up, we had to generally all agree where we were going to meet in-advance, generally at school or when we were previously together, or a few of us had to decide and then had to manually pass the word on to others, who in-turn passed the word on to others until everyone was notified. We could coordinate and plan without "the authorities" in the form of our parents really knowing what was going on if we chose to keep them uninformed.

If the evil "they" still want to do us harm they can do it entirely offline. They proved that with how long it took to identify Osama Bin Laden's location, he avoided all outgoing traffic other than couriers and it took years to find him.

The brothers that bombed the Boston Marathon managed to avoid being caught in advance due to a typographical error. A Buttle/Tuttle type of snafu literally lead to the older brother's slipping through the cracks. Even after all of everything that happened, the younger brother was caught because a homeowner noticed some blood on his boat. Helicopters, infrared, and door-to-door searches failed to find him.

It hasn't been demonstrated satisfactorily to me that heavy encryption means that there's anything relevant to the authorities being transmitted therein.

Re:Passwords don't work either

[interval1066]

All too true, people don't want to bother with any effort for a return they really can't see. Its hard to appreciate encryption when the effects of opentext on their private lives is difficult to impossible to gauge. Until they get hit. After a small dns server I ran got hit, I didn't really pay much attention to it either. 10 years on I still cover my tracks whenever possible, encrypt my drives (linux and truecrypt make this pretty easy), prefer encrypted smtp providers, and ask people I correspond with for their public encryption key. If they ask me what that is I explain it to them. If they say they don't care then I move on, but if they express interest I help them set up. If they say "no one uses that" I show them that I do, many of my friends do, and to look at the news lately. Its in everyone's interest to manage their privacy. If you are into managing your life like a business then its just another procedure to add to your list. If not, well, I wouldn't want to be you.