Adam Caudill

Security Leader, Researcher, Developer, Writer, & Photographer

Crypto Crisis: Fear over Freedom

Yesterday, President Obama spoke at SXSW on topics including the oft-discussed fight between Apple and the FBI – what he called for, while more thoughtful than some of the other comments that we have been hearing from Washington, was still tragically misinformed. He repeated the call for a compromise, and by compromise, he meant backdoors.

Here, I feel I must paraphrase one of my favorite authors to properly express the magnitude of what’s being discussed here:

Tell me, ‘friend’, when did the United States abandon reason for madness?!

Cryptography is critical is every aspect of modern life – from shopping to protecting national secrets, from medical devices to the phones that diplomats use, from your home router to the infrastructure that powers global communication. Cryptography is ubiquitous and essential to keep everything from foreign powers to bored teenagers from wreaking unimaginable havoc. And world leaders are proposing that we replace real security with a TSA-style show that looks secure, but isn’t actually effective (beyond providing a false sense of security).

Mr. President #

In one simple statement, he made his position perfectly clear:

[T]here has to be some concession to the need to be able get into that information somehow.

This is, quite honestly, a binary issue, a backdoor is present or it isn’t – there’s no partial backdoor, there is no technology that only allows access to the backdoor if there’s a court order, there’s no technology to ensure that the backdoor isn’t abused. You have a backdoor, or you don’t. That simple.

He did acknowledge some of the issues here:

So we’re concerned about privacy. We don’t want government to be looking through everybody’s phones willy-nilly, without any kind of oversight or probable cause or a clear sense that it’s targeted who might be a wrongdoer.

What makes it even more complicated is that we also want really strong encryption. Because part of us preventing terrorism or preventing people from disrupting the financial system or our air traffic control system or a whole other set of systems that are increasingly digitalized is that hackers, state or non-state, can just get in there and mess them up.

It’s good that he understands that strong cryptography is critical, but that doesn’t stop him from saying that backdoors must be added. Like so many that aren’t familiar with how these technologies actually work, he is hoping that some new value between True and False will be found – that you can somehow have a backdoor, but control it. Unfortunately for him, or perhaps for everyone if he gets his way, there is no ItDepends value sitting between those two.

There is some sign that he has heard the reality of the situation, and states it fairly clearly:

Now, what folks who are on the encryption side will argue, is that any key, whatsoever, even if it starts off as just being directed at one device, could end up being used on every device. That’s just the nature of these systems. That is a technical question. I am not a software engineer. It is, I think, technically true […]

This should have been the end of the discussion, if you add a backdoor, it can be abused. But it wasn’t. He acknowledges that the kind of magical backdoor that the government wants isn’t possible, and then goes on to repeat that there has to be compromise, there has to be a way for the government to access data, there has to be backdoors:

My conclusions so far is that you cannot take an absolutist view on this. So if your argument is “strong encryption no matter what, and we can and should in fact create black boxes,” that, I think, does not strike the kind of balance that we have lived with for 200, 300 years. And it’s fetishizing our phones above every other value. And that can’t be the right answer.

Looking forward… #

Let us assume for a moment that the US Government gets what it wants, what does that mean, how does that impact the US and the rest of the world?

We are being watched. #

From the beginning of the case, officials from other governments have chimed in to support the FBI – it’s clear that governments around the globe are waiting to see what happens here. Apple has offices in several countries, it is not only possible, but likely that they would serve Apple with sealed orders to provide them with access to the backdoor, for their own use.

Based on the same decision, Microsoft could be forced to add a backdoor to BitLocker, to allow government access to encrypted desktops and laptops. If you want to actually encrypt your device, there’s always VeraCrypt (they are based in France, so maybe not). This also raises serious questions around things like LUKS – could US-based developers even be allowed to contribute to it?

Economic impact. #

If backdoors are mandated, it would become impossible to recommend any product made by a company with offices in the US – to do so would be unethical, as the security would be known to be compromised. For any organization that is interested in the security of their systems, the logical option would be to look for solutions in other parts of the world, avoiding anything coming from the US. This leads to a very unfortunate outcome – to remain competitive globally, it would be in the best interest of US-based technology companies to move their offices out of the country.

Unknown threats. #

There aren’t many people who are able to build effective backdoors; the crypto community is fairly small, and only a small percentage of that group is capable of building a backdoor that wouldn’t be an immediate disaster (though still likely a disaster in the long-term). This leads to two possible outcomes:

  • Backdoors are built by people who don’t know what they are doing, and open systems immediately to attackers.
  • Backdoors are contracted out to a very small number of consulting firms, making them a huge target for attacks.

Either way, what you have is a situation where you, as a consumer, or a corporate buyer, a consultant, etc. have no idea about any of these:

  • How well was the backdoor designed? Is it only obscurity that protects it? Will it be broken once reviewed by the crypto community?
  • How is access to the backdoor restricted?
  • How many people have access? The developers could have maintained copies, an employee could have walked out with a copy before being fired, an attacker could have targeted the developers to steal a copy – this goes on and on.
  • How many organizations have access? If a consultant was brought in to develop the backdoor, did they keep a copy?
  • How many governments have access? The reasonable assumption would have to be that every country that the company has offices in, has requested a copy.

I suspect that the answer is going to come down to how do we create a system where the encryption is as strong as possible. The key is as secure as possible. It is accessible by the smallest number of people possible for a subset of issues that we agree are important.

Secure as possible, except against the unknown list of people and various governments that have access to the backdoor. That isn’t security, and isn’t in the long-term interest of anyone.

Adam Caudill

Related Posts

  • The Door to Nowhere

    Today I was walking around, exploring the local downtown area, and I noticed a door. Or more accurately, what used to be a door, and the symbolism was too perfect to ignore. It’s a door to nowhere. A door once stood here, carefully built, thoughtfully placed, well crafted. Long ago someone decided that they didn’t want the door to exist anymore — so they filled it in. They made an attempt at reversing the decisions of the past to suit their desire at the moment — but they couldn’t.

  • On Apple, Privacy, and Device Control

    If you’ve bothered to look at Twitter or any technology news source, you’ve seen that Apple made a major announcement: Expanded Protections for Children. This has been written about by countless outlets, so I’ll assume you’re familiar with the basics. The announcement covered a few new features being added to the next version of Apple’s operating systems, namely: Scanning of inbound and outbound messages for sexually explicit images. Scanning images being uploaded to iCloud for CSAM.

  • Battle Fronts in the Crypto War

    or, These aren’t the droids apps you are looking for… The Chinese government has passed new anti-terror legislation, drafts of which have been criticized for months due to broad language, and the massive privacy concerns. This legislation is a critical move in the global Crypto War – effectively giving the Chinese what the FBI has been seeking for well over a decade: a CALEA-style law, that mandates providers be able to supply law enforcement with decrypted data.

  • Crypto Front Door: Everyone Welcome!

    For decades, the US Government has fought — sometimes with itself — to prevent the use of secure cryptography. During the first crypto war, they allowed strong cryptography within the US, but other countries were limited to small keys — making brute force attacks practical. But what about those pesky US citizens? They didn’t really want them to have strong crypto either — enter key escrow. What is key escrow? According to Wikipedia:

  • Confide, Screenshots, and Imaginary Threats

    Recently Vice published a story about a lawsuit against the makers of the ‘secure’ messaging application Confide. This isn’t just a lawsuit, it’s a class-action lawsuit and brought by Edelson PC – an amazingly successful (and sometimes hated1) law firm – this isn’t a simple case. The complaint includes a very important point: Specifically, Confide fails to deliver on two of the three requirements that it espouses as necessary for confidential communications: ephemerality and screenshot protection.