FBI Again Calls For Magical Solution To Break Into Encrypted Phones

An anonymous reader quotes a report from Ars Technica: FBI Director Christopher Wray again has called for a solution to what the bureau calls the "Going Dark" problem, the idea that the prevalence of default strong encryption on digital devices makes it more difficult for law enforcement to extract data during an investigation. However, in a Wednesday speech at Boston College, Wray again did not outline any specific piece of legislation or technical solution that would provide both strong encryption and allow the government to access encrypted devices when it has a warrant. A key escrow system, with which the FBI or another entity would be able to unlock a device given a certain set of circumstances, is by definition weaker than what cryptographers would traditionally call "strong encryption." There's also the problem of how to compel device and software makers to impose such a system on their customers -- similar efforts were attempted during the Clinton administration, but they failed. A consensus of technical experts has said that what the FBI has asked for is impossible. "I recognize this entails varying degrees of innovation by the industry to ensure lawful access is available," Wray said Wednesday. "But I just don't buy the claim that it's impossible. Let me be clear: the FBI supports information security measures, including strong encryption. Actually, the FBI is on the front line fighting cyber crime and economic espionage. But information security programs need to be thoughtfully designed so they don't undermine the lawful tools we need to keep the American people safe."

Let's call this what it is: NEED FOR CONTROL

[Rick+Schumann]

This has nothing to do with encryption. It has little to do with Law and Order. It has to do with CONTROL. Let's face the facts: The vast majority of law enforcement, whether they admit it to even themselves or not, are in it because they want CONTROL of as many people around them as possible, and law enforcement careers give them that. They could investigate crimes and enforce the law regardless of encyption, but the fact that they can't CONTROL companies like Apple and force them to do as they are told, when they are told, without question makes them so angry that I'm sure they think about just putting a gun to Tim Cook's head and threaten to blow his head off unless he knuckles under and does as he is told to do. Surprise, surprise: many of our politicians aren't much better! They get into politics because they want power, and being an elected congressperson gives them that. They may not carry guns, but they still wield power, and in their anus-clenched-so-hard-they-could-make-diamonds obsessive-compulsive ultra-A-type personalities, they can't tolerate not knowing everything about everyone, immediately, without delay or reason why. So we have what we've got here today: a bunch of thugs with badges and guns, and a bunch of elected old farts who shuffle papers and make back-alley deals, and they all want to sift through your underwear drawer when you're not home. Naturally, they all need to be told to fuck the fuck off, not yours, you can't have it -- and they need to continue to be told that, ad infinitum.

Re:Strong Encryption, But Not For Us

[swillden]

Any bypass, back door or master key, no matter how well designed, perfectly implemented, or zealously protected, fundamentally weakens the encryption they claim to support.

The FBI is asking for something infeasible, and probably a bad idea even if it were feasible (see my comments here), but this is not true. Modern cryptography provides us with ready tools to do this sort of thing. Escrowing of keys, protected by public key encryption, is very well understood. It's actually pretty common in enterprise system configurations for the crucial keys on employee devices to be escrowed with the enterprise to enable it to recover data from the device in the event of employee unavailability (death, termination, etc.). What the FBI wants is fundamentally the same thing, but on a vastly larger scale.

And it's the scale that makes it infeasible. Secure key management is hard even on a small scale, and it gets exponentially harder with scale and with the number of parties involved. In addition, there are all kinds of hard-to-handle corner cases. In the enterprise case, those are addressed with a combination of fiat -- employees must do whatever needs to be done to enable the key escrow -- and acceptance that sometimes stuff happens and data gets lost. In the FBI's scenario, the first of those is impossible and the second is unacceptable. Enterprises don't generally have to contend with employees deliberately subverting the escrow system.

So, yes, this is a bad idea, but not because it's fundamentally impossible as you say, but because it's just way too hard. Especially since we haven't managed to figure out how to secure consumer devices at all yet.

Here's the impossible

[raymorris]

Imagine I want to tell Travelsonic something secret. I don't have his email address or any other way to contact him other than posting here, for all to see. My desire is to post openly, where everyone can read it, but only Travelsonic can tell what it means. We have no means of agreeing on a secret password or anything.

Cryptography experts tells us that's impossible. Or was impossible, until Diffie and Hellman figured out a very clever way to do it. Diffie-Hellman key exchange is now used all the time, of course. It's a brilliant solution to a problem that seemed impossible for many years.

Therefore I don't think it's unreasonable to say "I understand we don't have any way to X, but it's possible that some clever innovation can somehow achieve this goal, something nobody had thought of yet.". In his remarks he acknowledged that there is not a solution, currently. He said he's not proposing any law or regulation, because there isn't any law that could make sense right now. He's right, most any such law that could be passed today would be bad.

In fact, I happen to know of some innovative ideas that partially solve the need. It's possible to do encryption in such a way that you can't read the message, but you can check if the message has certain strings in it. You can build a chip that, without revealing some fact , cryptographically proves that the fact is stored in the chip.

Simple salted hashing of text and call message numbers makes it impossible to know who someone called, yet still possible to answer whether they called one specific number. So the FBI could find out whether a suspect called Muhammad Atta, without being able to tell who else they called. This isn't super-advanced technology - every web site that has password login uses salted hashes, or should be using them.

I'm fact saving only the salted hash of the numbers you call and text would be MORE SECURE than what your phone does today.

This guy may, five years from now, propose something stupid. If so I'll oppose it. I don't see expressing a desire to consider what innovative solutions might solve certain needs, with a search warrant, as stupid. Such a search might have some uninformed people making dumb proposals, but he made none in this case.

Re:Also

[Koby77]

Along those lines, how about for any communications system that the FBI should propose, they have to implement it onto themselves and their own communications systems/email/cell phones first, for 5 years. And they have to give the "magic key" or whatever they want to call their encryption backdoor, to some public figure who will constantly audit them. If the FBI balks at their own proposal, then we can reasonably assume that it won't work.