Any attempt by government to weaken encryption technology so as to enable easier law enforcement access to cryptographically protected content would seriously weaken Internet security, a group of noted cryptographers and security researchers warned in a new report this week.
The report, from the Massachusetts Institute of Technology’s Computer Science and Artificial Intelligence Lab, incorporates the views of more than a dozen top security researchers, including noted cryptologists like Bruce Schneier, Whitfield Diffie, and Ronald Rivest.
It expresses alarm over growing efforts by the FBI and other U.S. law enforcement agencies to get data and communication services companies to engineer backdoors in their systems so law enforcement can have access to encrypted data when needed.
Government officials have claimed they need such access in order to be able to pursue criminals conducting transactions online under the cover of encryption and anonymizing services like Tor. In testimony before Congress only earlier this week, FBI director James Comey warned about the “ongoing” and “significant” impact that such technologies were having on the government’s ability to track, pursue, and prosecute criminals.
But according to the researcher, enabling “exceptional access” to systems of the sort being demanded by the government will have devastating security consequences for the rest of the Internet. “These proposals are unworkable in practice, raise enormous legal and ethical questions, and would undo progress on security at a time when Internet vulnerabilities are causing extreme economic harm.”
Here, according to the security researchers are three reasons why:
Abandoning Best Pratices
The first reason is that providing exceptional access means abandoning many of the best practices that have been deployed or are being deployed to make the Internet safer. As one example, the researchers pointed to technologies like perfect forward secrecy, a practice where decryption keys are destroyed immediately upon use, so as not to compromise the integrity of data that was encrypted earlier or later. “A related technique, authenticated encryption, uses the same temporary key to guarantee confidentiality and to verify that the message has not been forged or tampered with.”
In order to enable the kind of backdoor access the government is seeking, it would require industry to abandon such best practices, the group said.
Increased System Complexity
Implementing an exceptional access requirement would also greatly increase system complexity, the report noted. New technology would need to be developed, deployed, and tested with potentially hundreds of thousands of developers around the world. Because the typical use of such technologies would be surreptitious in nature, security testing would become far more difficult and less effective as well.
“This is a far more complex environment than the electronic surveillance now deployed in telecommunications and Internet access services,” the researchers said.
Exceptional access would also require platform providers, law enforcement agencies, or some other trusted third party to hold the credentials needed to unlock encrypted data. Because law enforcement would need rapid access to data it would be impractical to split the keys or store them offline as best practices would typically dictate. They pointed to the recent breach at the U.S. Office of Personnel Management as one example of what can happen when a single organization is entrusted with a lot of data.
Enabling exceptional access would create a similar set of concentrated targets for bad actors to go after, the security researchers said. “If law enforcement’s keys guaranteed access to everything, an attacker who gained access to these keys would enjoy the same privilege.”
Richard Blech, CEO of Secure Channels, said the government finds itself between a rock and a hard place on the encryption issue.
“You cannot have a backdoor that only the 'good guys' can use; it will be exploited by the bad guys,” he said in an email statement. “Unfortunately, sensitive data is vulnerable if the agencies are left a backdoor.” As a result, due process may continue to be the only way forward, he said. “If there are concerns, go to court and get a warrant.”