Ask HN: Topics on Encryption vs. Abuse?

1 points by methodin ↗ HN
I've been trying to find papers or articles about providing end-to-end encryption but in a way that you can detect or avoid it being used for nefarious/illegal purposes. I'm having a difficult time searching for actual technical details about ways to do so and am only getting general articles. Does anyone know of any technical papers or articles about that topic, or perhaps even other terms I can use to find such things?

4 comments

[ 0.18 ms ] story [ 40.2 ms ] thread
End-to-end encryption means that no-one apart from the sender and recipient have access to the cleartext.

To detect what end-to-end encryption is used for I suppose that you need to scan and analyse the cleartext.

So...

I should have perhaps phrased that differently as: If I desire end-to-end encryption but I do not want to be a conduit for nefarious activities then what are the options? Surely there is a spectrum between facebook messenger and a total secure, end-to-end encrypted chat client.
The option is to write your T&Cs accordingly. Of course that won't prevent anything but may help you act against someone that has somehow been found to breach those T&Cs.

There is no magical solution here.

How about

https://en.wikipedia.org/wiki/Clipper_chip

It's a tough problem. Leaving aside the question of "do we trust the government with it?" That kind of thing is a genie that you can't put back in the bottle. Edward Snowden did not walk away from the NSA with a set of back door keys, but if they existed, somebody like him could.

In 2020 any such tool is on the side of chaos and not order. Today we're having to shut down hospitals because hackers hit the computer. The risk that some people are going to abuse encryption sometime is hypothetical, the risk that people are going to exploit anything that is possible to exploit is urgent.