Slashdot Mirror
Why Crypto Backdoors Wouldn't Work
An anonymous reader writes: Your devices should come with a government backdoor. That's according to the heads of the FBI, NSA, and DHS. There are many objections, especially that backdoors add massive security risks.
Would backdoors even be effective, though? In a new writeup, a prominent Stanford security researcher argues that crypto backdoors "will not work." Walking step-by-step through a hypothetical backdoored Android, he argues that "in order to make secure apps just slightly more difficult for criminals to obtain, and just slightly less worthwhile for developers, the government would have to go to extraordinary lengths. In an arms race between cryptographic backdoors and secure apps, the United States would inevitably lose."
Would backdoors even be effective, though? In a new writeup, a prominent Stanford security researcher argues that crypto backdoors "will not work." Walking step-by-step through a hypothetical backdoored Android, he argues that "in order to make secure apps just slightly more difficult for criminals to obtain, and just slightly less worthwhile for developers, the government would have to go to extraordinary lengths. In an arms race between cryptographic backdoors and secure apps, the United States would inevitably lose."
Reading the article, it's very intersting. His argument is that you CAN'T backdoor a platform. Summarizing:
1) Say Android rolls over and backdoors the encrypted filesystem.
2) 3rd party apps can use the cryptography library, so Google would also have to backdoor that.
3) Then apps could use a 3rd party crypto library, so gov't would have to compel google to monitor for at least respond to takedown requests for strong crypto 3rd party apps.
4) But apps can easily download and incorporate new code, so Google would have to audit running apps with static and dynamic analysis.
5) Even then, people could use other app stores or sideloads, so Google would have to have an app kill switch option. This would be HUGE INTRUSION and delete apps from people's phones (even innocent people).
6) But how to identify apps? Sideloaded apps could generate a new appID with each download, so Google would have to scan for app characteristics (think antivirus software here).
7) Even if the above worked, browser-based apps could be built that use secure data stores or end-to-end messaging. This would mean the gov't would have to block these web apps, i.e., Internet censorship.
It's just not technically feasible if there is any respect for liberty, not to mention the significant technical challenges involved.