Slashdot Mirror
Why Crypto Backdoors Wouldn't Work
An anonymous reader writes: Your devices should come with a government backdoor. That's according to the heads of the FBI, NSA, and DHS. There are many objections, especially that backdoors add massive security risks.
Would backdoors even be effective, though? In a new writeup, a prominent Stanford security researcher argues that crypto backdoors "will not work." Walking step-by-step through a hypothetical backdoored Android, he argues that "in order to make secure apps just slightly more difficult for criminals to obtain, and just slightly less worthwhile for developers, the government would have to go to extraordinary lengths. In an arms race between cryptographic backdoors and secure apps, the United States would inevitably lose."
Would backdoors even be effective, though? In a new writeup, a prominent Stanford security researcher argues that crypto backdoors "will not work." Walking step-by-step through a hypothetical backdoored Android, he argues that "in order to make secure apps just slightly more difficult for criminals to obtain, and just slightly less worthwhile for developers, the government would have to go to extraordinary lengths. In an arms race between cryptographic backdoors and secure apps, the United States would inevitably lose."
I seem to recall that we went through this in the mid to late 90s, where the government insisted any use of strong cryptography should as a matter of law, have a backdoor for the government. Then suddenly they dropped it, and all of us paying attention knew they got their way by some other means. Now post-Snowden, I guess we know what that was, and they're back to beating this horse all over again.
The answer should be no, with absolutely no further discussion.
Snowden insisted the journalists remove the battery from their phones and put the phones in the fridge.
That pretty much tells you how useful 'encryption' on Android would be against back doors. None, if you can't protect your speech near the phone you can't protect the password.
Reading the article, it's very intersting. His argument is that you CAN'T backdoor a platform. Summarizing:
1) Say Android rolls over and backdoors the encrypted filesystem.
2) 3rd party apps can use the cryptography library, so Google would also have to backdoor that.
3) Then apps could use a 3rd party crypto library, so gov't would have to compel google to monitor for at least respond to takedown requests for strong crypto 3rd party apps.
4) But apps can easily download and incorporate new code, so Google would have to audit running apps with static and dynamic analysis.
5) Even then, people could use other app stores or sideloads, so Google would have to have an app kill switch option. This would be HUGE INTRUSION and delete apps from people's phones (even innocent people).
6) But how to identify apps? Sideloaded apps could generate a new appID with each download, so Google would have to scan for app characteristics (think antivirus software here).
7) Even if the above worked, browser-based apps could be built that use secure data stores or end-to-end messaging. This would mean the gov't would have to block these web apps, i.e., Internet censorship.
It's just not technically feasible if there is any respect for liberty, not to mention the significant technical challenges involved.