Slashdot Mirror

← Back to Stories (view on slashdot.org)

Crypto Experts Blast Gov't Backdoors For Encryption

Posted by timothy on from the mr-potatohead-mr-potatohead dept.

loid_void writes with a link to a New York Times report about some of the world's best-known cryptography experts, who have prepared a report which concludes that there is no viable technical solution which "would allow the American and British governments to gain "exceptional access" to encrypted communications without putting the world's most confidential data and critical infrastructure in danger." From the article: [T]he government’s plans could affect the technology used to lock financial institutions and medical data, and poke a hole in mobile devices and the countless other critical systems — including pipelines, nuclear facilities, the power grid — that are moving online rapidly. ... “The problems now are much worse than they were in 1997,” said Peter G. Neumann, a co-author of both the 1997 report and the new paper, who is a computer security pioneer at SRI International, the Silicon Valley research laboratory. “There are more vulnerabilities than ever, more ways to exploit them than ever, and now the government wants to dumb everything down further.” The authors include Neumann, Harold Abelson, Susan Landau, and Bruce Schneier.

27 of 102 comments (clear)

  1. Falling on deaf ears by Anonymous Coward · · Score: 5, Insightful

    You cannot, under any circumstances, convince the government that having a backdoor into all those things is a bad thing.

    1. Re:Falling on deaf ears by fustakrakich · · Score: 2

      Nor can you convince most people. They prefer to believe the FUD campaign.

      --
      “He’s not deformed, he’s just drunk!”
    2. Re:Falling on deaf ears by ShanghaiBill · · Score: 5, Insightful

      You cannot, under any circumstances, convince the government that having a backdoor into all those things is a bad thing.

      But you can convince individuals that their privacy will not be protected, and you can convince companies that few will buy their products. The Clipper chip did not fail because the government was convinced, but because of a backlash from consumers that didn't want it, and from companies that threatened to move their production overseas. The current proposals will fail for the exact same reasons.

    3. Re:Falling on deaf ears by mwvdlee · · Score: 4, Insightful

      That's because backdoors give private information to governments at the cost of instilling justified fear in it's citizens.
      It's a win-win situation as far as they're concerned.

      --
      Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
    4. Re: Falling on deaf ears by Anonymous Coward · · Score: 2, Interesting

      The world has changed. Move the production where, Europe? Trade treaties will take care of that. Australia? Same thing. Russia? Sanctions. Asia? Treaties again. Governments are not like ordinary people, like you and me: if at first they don't succeed they bring out bigger and bigger weapons until they crush all the opposition. As with protests... Remember OWS? The gloves have come off. They don't have to hide anymore. Remember when being a journalist was almost an insurance policy? No more. They will use as much brutality as they see fit. And nobody will dare resist.

    5. Re:Falling on deaf ears by wbr1 · · Score: 3, Informative

      That was before oogie boogie terrists. Most of the plebes will fall in line now. Witness the scare up before july 4th to keep the fears alive.

      --
      Silence is a state of mime.
    6. Re:Falling on deaf ears by davester666 · · Score: 2

      They don't want a back door into everything. Just whatever services the little people get to use.

      --
      Sleep your way to a whiter smile...date a dentist!
    7. Re: Falling on deaf ears by ShanghaiBill · · Score: 4, Insightful

      Move the production where, Europe? Trade treaties will take care of that.

      Nonsense. There is no way that European countries (other than Britain, of course) are going to force their citizens to use devices that the American government can monitor. If they try that, Marine Le Pen will be the next president of France.

      Asia? Treaties again.

      China is far less likely to agree to American backdoors than Europe is. It is not going to happen.

    8. Re:Falling on deaf ears by Sique · · Score: 2
      Come on, dude. You REALLY believe that the .gov contract does not go to the cheapest bidder, the one who uses off-the-shelf components?

      Computing has an interesting problem right now: The most viable, the most powerful, the cheapest components are the ones available to consumers (or at least very closely related to them), because of the sheer amout of units shipped and the harsh competition in the market. Any we-don't-use-off-the-shelf-components attempt at computing right now is doomed to be late, extremely expensive, full of bugs, and at least two generations behind.

      --
      .sig: Sique *sigh*
    9. Re:Falling on deaf ears by ne0n · · Score: 2

      If they ate their own damned dogfood you'd expect all intel to be declassified and data opened to public scrutiny. Failing that, the idiots espousing backdoored crypto are a bunch of whining hypocrites and should be shoved in a sack with a few tonnes of FISA transcripts and cannonballed into Victoria Falls.

      --
      $ :(){ :|:& };:
  2. They tried it before. by GerbilSoft · · Score: 4, Informative

    The Clipper chip was designed by the NSA and had a government-sponsored backdoor. Unsurprisingly, it failed.

    1. Re:They tried it before. by gstoddart · · Score: 4, Interesting

      But now they have more secret "national security" laws which can be used to force it without people knowing or having the choice to reject it.

      So you'd never know if they're demanding it from companies.

      --
      Lost at C:>. Found at C.
    2. Re:They tried it before. by John+Allsup · · Score: 2

      Quite possibly by making GPL'd crypto illegal.

      --
      John_Chalisque
  3. government wants to dumb everything down further by fustakrakich · · Score: 2

    Yes... how many times must it be said? Ignorance is strength!

    --
    “He’s not deformed, he’s just drunk!”
  4. Experts? by hyperar · · Score: 5, Insightful

    Who doesn't know that backdoors are there for everyone who finds them and not just those who put it there?

    1. Re:Experts? by ancientt · · Score: 3, Interesting

      I can't believe I'm going to contribute to this side of the discussion. "Loathe" is the mildest word I can think of for how I feel about a government accessible decryption system, but I'm going to explain why it's not infeasible to maintain security and have government access, unlike so many posters seem to assume.

      Lets take cell phones as a starting example. The encryption of my phone isn't done with the password I put into the phone when I reboot it, the encryption is done with a randomly generated key which my password decrypts. There is no reason the same key that is actually decrypting the phone couldn't be encrypted with a phone manufacturer password. That government mandated password would encrypt the real decryption key just like my password does, but the government password wouldn't change when I change the password I'm using.

      Note the government password isn't the same for multiple phones, it's unique to each phone. The government password is a randomly generated complex string of numbers, letters and symbols and it's not stored on the phone.

      The government password for my phone is created at OS installation time and then the phone manufacturer encrypts it with the public key provided by the government. Those encrypted password media are sent to the companies selling the phones and those companies keep that media physically secured.

      The government must subpoena the key for a specific phone in order to decrypt its contents.

      The government password is now protected by:
      A) A PKI private key stored by a government agency
      B) Physical security at a non-governmental agency
      C) The somewhat abused but best available legal processes of our government

      Encrypted computer drives work the same. The assumption in both scenarios is that people fall into one of these groups:
      A) don't know it is there
      B) use the system their device came with
      C) don't understand how to change the system

      That covers 99.999% of people, probably even 99.99% of criminals. I may repartition my drive and install varying operating systems, and I may install a different OS on my phone, but normal people don't. Even drug dealers and terrorists are unlikely to do that when there are far easier ways to avoid incrimination. The fact is we could have such a "backdoor" already in play and we wouldn't necessarily know about it. I'm geekier than most by far, and I don't recompile the kernel on my boot partition to make sure it matches the one that is actually there. Granted, I do tend to wipe drives and start fresh, but if Redhat and Canonical are compromised, the NSA is good enough at their jobs, that I'll probably never notice. Do you know for sure the signature of your running kernel matches the one that you could compile for yourself?

      --
      B) Eliminate all the stupid users. This is frowned upon by society.
  5. Master key by comet63 · · Score: 5, Insightful

    Who would buy a lock from a company that made a master key that was good in all of their locks? Of course, they would promise to only release that key to authorized people. However, it is certain that eventually it will get into criminal hands. At that point, there is lots of money to be made from selling the key. Of course, lock companies could make lots of money off this proposal, but not the one who made the master key. The government might as well give up on a web based economy and go back to paper banking if they start giving out keys to all of the transactions.

    1. Re:Master key by Anonymous Coward · · Score: 3, Informative

      People still buy Master locks.

    2. Re:Master key by nine-times · · Score: 3, Insightful

      Who would buy a lock from a company that made a master key that was good in all of their locks?

      It's probably not the best example. I would hire a locksmith knowing full well that they could pick the lock that they're installing. That doesn't bother me. However, that's because I'm resigned to the idea that locks only keep out casual thieves, and that any lock I'm likely to put on my door can be picked. I'm not inclined to say the same sort of thing about my encryption.

    3. Re:Master key by BBCWatcher · · Score: 5, Interesting

      Everybody who buys suitcases. https://www.tsa.gov/traveler-i...

    4. Re:Master key by mlts · · Score: 4, Insightful

      Cryptography and physical security are often similar, but in other areas, they differ. Encryption algorithms are either extremely secure, or not worth the time in using them because every few years, CPU power doubles to attack them.

      Plus, with physical security, there is "good enough". I use an el cheapo Master warded lock on a chicken coop door... because it is nuisance protection. Same reason I use a six pin American lock on the gate. If it resists bumping or quick attack, good enough. Even with high security locks, their main function is mainly to work as a "seal", to show that if there is a break-in, there is physical evidence to show it is the case. A kicked in door, insurance will pay a claim. A picked lock? The claim almost certainly will be denied.

      Encryption isn't like that. Either it keeps everyone out, or it keeps nobody out.

    5. Re:Master key by Sique · · Score: 3, Informative
      I have one issue: Edward Snowden never sold any documents to the Russians/Chinese. Yes, he has been repeatedly accused of doing so, but so far, no document is known that was sold to them.

      Thus, claiming Edward Snowden sold documents to the Russians/Chinese amounts to a blatant lie.

      --
      .sig: Sique *sigh*
  6. Its deja vu all over again by WorldWarPi · · Score: 2
    In 1994 the NSA proposed a "Clipper Chip" which would "escrow" encryption keys for their inspection.

    When Phrack republished the NSA Employee Security Manual to demonstrate how porous NSA was for its own security, it backed off.

    This is just the same old crap with Edward Snowden or the OPM caper as a counter-example, rather than Phrack.

  7. backdoor versus sidedoor. by goombah99 · · Score: 2

    Discussing this as a "backdoor" conflates this with the usual hidden backdoor which is a bad thing. Putting in a backdoor that is freely accessible and leaves no trace of its accession is ill advised. But I fail to see why there are no technological means to secure keys for multiple parties. you can even have crypto so multiple parties must agree so for example like my safe deposit box the bank and I both have to agree that I am me.

    Now that's a different question of whether
    1) I might encrypt the data on my own or use a thrird party client that uses googles services but keeps things encrypted in passage. That defeats the abililty to side door googles encryption.

    2) I might off shore my data to someplace outside such laws (do I trust them is another matter).

    3) the dent this might cause in googles popularity outside the US--I actually doubt this since de facto it has been the case in the past that the NSA had free range of google and no one cared deeply. But Will china also demand that google also let it have side door access as a condition of doing bussiness there? Still while a mess it's not technologically difficult.

    4) an even stickier issue might be who all has to agree to unlock the data. Google+NSA. Google+China. those are doable. but Google+NSA+China is a problem. China might not want the NSA peeking at chinese national accounts without it's permission. Nor perhaps North Korean or any number of disputed places the NSA is interested in.

    So there's a political mess here and some ways consumers can defeat it, but I fail to see why someone like Bruce Schneir would say there's no technical means to do this at the level of google or apple or major sites when there plainly is.

    --
    Some drink at the fountain of knowledge. Others just gargle.
    1. Re:backdoor versus sidedoor. by suutar · · Score: 2

      Oh, sure, there's ways to require multiple keys. I would be surprised, though, if they seriously considered a plan that involved more than 2 keys (two keys is approximately equivalent to getting a warrant - keyholder 1 wants to do it and keyholder 2 says okay).

      However, at a purely technical level, there's going to be something that does the decryption, and it takes the keys. There is no way to guarantee that it cannot be hacked to either work without the keys or leak the keys when they're used, and if either of those happen, eventually you have folks using the decrypter who shouldn't be.

      There's also the fact that there's no technical way for this plan to prevent corruption/collusion amongst keyholders. More keys requires a bigger conspiracy or more social engineering, but enough keys to make that really infeasible also makes the decryption itself unwieldy, at which point it'll get bypassed somehow (shared keys, decrypting bigger chunks to avoid having to do more individual operations, etc).

    2. Re:backdoor versus sidedoor. by Asgard · · Score: 2

      Your safe deposit box is vulnerable to one person with a good drill.

      Any system that hobbles wide-spread encryption tools with a backdoor key will eventually be subverted by loss / discovery of the key(s), rendering the entire system worse then useless. Multiple keys is also difficult as the NSA/FBI is going to regularly use this facility, so the keys have to be online / available. Not so much the 'break glass in case of fire' but more of 'press button to open door'.

      Keys that subvert an entire countries infrastructure would be one of the worlds most sought-after secrets. Thats a lot of resources to bring to bear to defeat a small number of keys.

  8. "Mr. Potato head! by X86BSD · · Score: 2

    MR. POTATO HEAD! Backdoors are not secrets!"