28 comments

[ 2.4 ms ] story [ 67.5 ms ] thread
Edit: nevermind, thought it was paywalled as the CTA is to pay, but there's a second link on the side to download the PDF.
I could download it just by providing an email address, no payment was required.
(comment deleted)
OP here,

I ran across this from the Cyberlaw Podcast notes[0]. Their brief description of it is why I thought it'd be interesting for the HN crowd:

>The National Academy report on encryption access has demonstrated that access is well within the zone of plausible technology policy, with support from a group of prominent tech experts, such as Ray Ozzie, all of whom know math.

I certainly don't agree with that statement, but I'm a long way from a cryptographer or security expert. I'm mostly looking forward to the EFF refutation, though I'm a little surprised it isn't already up...

[0] http://reason.com/volokh/2018/04/02/keeper-loser-weeper

It's possible to design a system that lets the government decrypt (essentially) everything. The same technology that lets you send a PGP e-mail with two recipients allows you to send a message that can be decrypted by the NSA as well as your recipient.

What's not possible is protecting against bad actors within government; preventing the oppressive governments from insisting on the same powers, allowing them to further oppress their citizens; and eliminating the backdoor-free encryption that evildoers will instantly move over to, which has to be eliminated if trained terrorists are the true targets of the back doors.

But it's possible legislators don't care about these issues as much as freedom advocates do.

> It's possible to design a system that lets the government decrypt (essentially) everything. The same technology that lets you send a PGP e-mail with two recipients allows you to send a message that can be decrypted by the NSA as well as your recipient.

It's not that simple. That "solution" has the government key as a single point of failure: when it leaks, everything is compromised.

You don't need crypto or security expertise, just rhetoric. What are they not mentioning?

AFAICT "a backdoor" vs. "a backdoor that gives the FBI access while keeping both Putin and El Chapo out, and works on phones bought via mail order from China".

The debate about "technical plausibility" should not even be on the table.

Nowhere under US law does the government have any right to mandate that individuals must communicate via mediums that allow for surveillance. The idea that such a government right exists is absurd.

Maybe the NSA and CIA should figure out how to secure their own illegal digital operations first and then get back to this when they have less pressing matters on their hands.

The writing style of the Cyberlaw Podcast certainly makes it hard to take them seriously:

> ...but by the collapse of the left-lib claim that building law enforcement access into IT devices is impossible because, uh, math.

Except no-one is claiming that building law enforcement access into IT devices is impossible because of mathematics. The claim is that there is no way of doing so that doesn't create a general vulnerability.

Even when the whole San Bernardino thing happened, the FBI could already unlock the device. But they kept quiet so they can get their legal precedent.

https://assets.documentcloud.org/documents/4424780/Fbi-Iphon...

Also, let's assume this "solution" gets implemented into every smartphone out there. And then we discover that it actually doesn't work as well as theorized, and it can now be abused by hackers.

What then? Will the FBI agree to put that genie back in the bottle and have all OEMs remove support for this solution? Or will they go whine to the media and Congress that this solution can't be removed because "it's been so helpful in catching criminals and that odd kidnapper out of 1,000 cases", as they usually do when defending surveillance powers they've already had for a decade, whether illegally or legally, and then someone tries to rein in on those powers?

Criminals are not "going dark". If anything, there's been an Enlightenment Age of Surveillance over the past two decades. They have more data and more tools than ever (including the recent FISA law that allows the FBI to see all raw data going through ISP cables). And perhaps that's the problem, and why they keep missing so many cases. Too much noise that's captured.

It doesn't look like the FBI and the US government will ever be satisfied with anything other than complete surveillance of everything US citizens are doing - which is exactly what China is implementing right now.

https://www.rfa.org/english/news/china/surveillance-03302018...

(By the way, in relation to that article, the FBI is already seeking access to whatever Alexa and other such devices are recording, which could be increasingly more data as the tech improves).

Does anyone here actually believe that this is not actually FBI's goal? Or do they think that if this solution will be implemented, they won't find some other thing to complain about? Maybe open source encryption?

> If anything, there's been an Enlightenment Age of Surveillance over the past two decades.

For me, a watershed moment was the suppression of the Green Revolution in Iran. Organizing on social media got the world to notice, but it also provided the Iranian government with an indelible audit trail leading back to the dissidents.

We at EFF didn't appreciate this report that much when it came out last month: https://www.eff.org/deeplinks/2018/02/new-national-academy-s...
That sounds like a good endorsement. Those of use who are competent and honest have been pretty tired of the FUD and downright lies around the benefits of single-user encryption.

Specifically, if admin master keys are so dangerous, why does Google, Microsoft, and every other tech company have one into the employee's hard drives?

Because they own those hard drives. Their employees do not.
That's totally irrelevant to the point that two-user encryption is fundamentally insecure, made insistently by even those who should really know better: https://www.schneier.com/blog/archives/2015/09/tsa_master_ke...
It is fundamentally insecure, as that article establishes.

Do you have an argument to the contrary?

If it is "fundamentally" insecure, why do Google and Apple and Microsoft and all the other tech companies use it on their employee laptops?
The claim made by that article isn't nearly as strong as what you're saying it claims. Two-user encryption obviously can be made secure.

But when one of the keys that can decrypt something is shared by every message using that protocol, it is fragile - a leak breaks everything using that protocol. This is what that article actually says, and seems to also be correct.

A related point is that two-user encryption is insecure when one of the parties has no stake in the contents staying private, which is the case when the government can decrypt your data.

Two-user encryption obviously can be made secure.

I think we're done here.

Your splitting of the hair on "secure but fragile" depends on the assertion that the US government has no interest in maintaining the security of conversations of all US devices? That's inane and insane, respectively.

Because the problem corporations face is pretty much the reverse of the problem at issue here. In a corporation, the only entity being protected is the corporation itself. Master keys exist to provide access to all of a corp's devices, even if employees forget their passcodes etc. The entity controlling the master keys is the entity being protected, and while having those keys compromised would not be great, the loss of data from not having master keys is a much bigger threat.

OTOH, for citizens, a master key with access to their private data is a problem. The data owner is not the owner of the master key in this context and therefore the very existence of such a key is much more problematic even if the key is never leaked to unauthorized parties.

My bad for missing this when I did a quick search of your website. Glad to see you guys still sticking up for the good fight, even if it is never ending. Do you see any particular clear legislation coming out of this that I can call my representatives over? Any call to action to refute this report in particular?

Thanks for chiming in!

You can write to your Congressional representatives telling them that, as a computer professional, you know how vital encryption is for our online security, and you don't want to see any restrictions introduced on what kind of security tools technologists can provide for computer users.
Yes the report is a trainwreck.
If "decision makers" don't already respect the framework of personal liberty and individual rights, then they have no business being "decision makers" in the first place.