Slashdot Mirror

← Back to Stories (view on slashdot.org)

Crypto Experts Blast Gov't Backdoors For Encryption

Posted by timothy on from the mr-potatohead-mr-potatohead dept.

loid_void writes with a link to a New York Times report about some of the world's best-known cryptography experts, who have prepared a report which concludes that there is no viable technical solution which "would allow the American and British governments to gain "exceptional access" to encrypted communications without putting the world's most confidential data and critical infrastructure in danger." From the article: [T]he government’s plans could affect the technology used to lock financial institutions and medical data, and poke a hole in mobile devices and the countless other critical systems — including pipelines, nuclear facilities, the power grid — that are moving online rapidly. ... “The problems now are much worse than they were in 1997,” said Peter G. Neumann, a co-author of both the 1997 report and the new paper, who is a computer security pioneer at SRI International, the Silicon Valley research laboratory. “There are more vulnerabilities than ever, more ways to exploit them than ever, and now the government wants to dumb everything down further.” The authors include Neumann, Harold Abelson, Susan Landau, and Bruce Schneier.

10 of 102 comments (clear)

  1. Falling on deaf ears by Anonymous Coward · · Score: 5, Insightful

    You cannot, under any circumstances, convince the government that having a backdoor into all those things is a bad thing.

    1. Re:Falling on deaf ears by ShanghaiBill · · Score: 5, Insightful

      You cannot, under any circumstances, convince the government that having a backdoor into all those things is a bad thing.

      But you can convince individuals that their privacy will not be protected, and you can convince companies that few will buy their products. The Clipper chip did not fail because the government was convinced, but because of a backlash from consumers that didn't want it, and from companies that threatened to move their production overseas. The current proposals will fail for the exact same reasons.

    2. Re:Falling on deaf ears by mwvdlee · · Score: 4, Insightful

      That's because backdoors give private information to governments at the cost of instilling justified fear in it's citizens.
      It's a win-win situation as far as they're concerned.

      --
      Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
    3. Re: Falling on deaf ears by ShanghaiBill · · Score: 4, Insightful

      Move the production where, Europe? Trade treaties will take care of that.

      Nonsense. There is no way that European countries (other than Britain, of course) are going to force their citizens to use devices that the American government can monitor. If they try that, Marine Le Pen will be the next president of France.

      Asia? Treaties again.

      China is far less likely to agree to American backdoors than Europe is. It is not going to happen.

  2. They tried it before. by GerbilSoft · · Score: 4, Informative

    The Clipper chip was designed by the NSA and had a government-sponsored backdoor. Unsurprisingly, it failed.

    1. Re:They tried it before. by gstoddart · · Score: 4, Interesting

      But now they have more secret "national security" laws which can be used to force it without people knowing or having the choice to reject it.

      So you'd never know if they're demanding it from companies.

      --
      Lost at C:>. Found at C.
  3. Experts? by hyperar · · Score: 5, Insightful

    Who doesn't know that backdoors are there for everyone who finds them and not just those who put it there?

  4. Master key by comet63 · · Score: 5, Insightful

    Who would buy a lock from a company that made a master key that was good in all of their locks? Of course, they would promise to only release that key to authorized people. However, it is certain that eventually it will get into criminal hands. At that point, there is lots of money to be made from selling the key. Of course, lock companies could make lots of money off this proposal, but not the one who made the master key. The government might as well give up on a web based economy and go back to paper banking if they start giving out keys to all of the transactions.

    1. Re:Master key by BBCWatcher · · Score: 5, Interesting

      Everybody who buys suitcases. https://www.tsa.gov/traveler-i...

    2. Re:Master key by mlts · · Score: 4, Insightful

      Cryptography and physical security are often similar, but in other areas, they differ. Encryption algorithms are either extremely secure, or not worth the time in using them because every few years, CPU power doubles to attack them.

      Plus, with physical security, there is "good enough". I use an el cheapo Master warded lock on a chicken coop door... because it is nuisance protection. Same reason I use a six pin American lock on the gate. If it resists bumping or quick attack, good enough. Even with high security locks, their main function is mainly to work as a "seal", to show that if there is a break-in, there is physical evidence to show it is the case. A kicked in door, insurance will pay a claim. A picked lock? The claim almost certainly will be denied.

      Encryption isn't like that. Either it keeps everyone out, or it keeps nobody out.