Should Law Enforcement Be Able To Break Into Your Phone?
Political and law enforcement leaders in the United States and the United Kingdom have called for Internet systems to be redesigned to ensure government access to information — even encrypted information. They argue that the growing use of encryption will neutralize their investigative capabilities and have proposed that data storage and communications systems be designed for exceptional access by law enforcement agencies.
The Keys Under Doormats Report, produced by the world’s leading cryptographers and cyber security experts, addresses the concern that if law enforcement receives the keys to encryption, known as “backdoor access” they may fail to account for the risks inherent in the proposed systems, in part because such risks lurk in the technical details. The Keys Under Doormat report examines whether it is technically and operationally feasible to meet the call for exceptional access without causing large-scale security vulnerabilities. The team’s strong recommendation is that those proposing such regulations should present concrete technical requirements, which industry, academics, and the public can analyze for technical weaknesses and hidden costs.
In the late 1990s, a similar but narrower and better-defined proposal called the Clipper Chip was put forward. Many of the “Keys Under Doormat” authors also participated in discussions for Clipper Chip. The Clipper proposal centered on the principle that all strong encryption systems would retain a copy of keys necessary for decryption with a trusted third-party who would turn those keys over to law enforcement given proper legal authorization. At the time it was beyond the technical state of the art to build key escrow systems at scale. Governments kept pressing for key escrow, but Internet firms resisted on the grounds of the enormous expense, the governance issues, and the risk. The Clipper Chip was eventually abandoned. Instead, a much narrower set of law enforcement access requirements were imposed, but only with regard to regulated telecommunications systems.
The goal of the Keys Under Doormat report is to analyze the proposal on exceptional access in the context in today’s massive, complex, global information infrastructure, highlighting three general problems.
First, providing exceptional access to communications (cell phones, tablets, laptops, and other devices) would force a sharp turn away from the best practices now in deployment that help to make the Internet more secure. These practices include forward secrecy — where decryption keys are deleted immediately after use, so that stealing an encryption key used by a communications server does not compromise earlier or later communications. A related technique, authenticated encryption, also uses a temporary key to guarantee confidentiality and to verify that a message has not been forged or altered in any way.
Second, building provision for exceptional access would increase system complexity substantially. To achieve widespread exceptional access, new technology features would have to be deployed and tested with hundreds of thousands of developers around the world. Features to permit law enforcement exceptional access across a wide range of Internet and mobile computing applications could be particularly problematic, because the typical use would be surreptitious — making security testing difficult and less effective.
Third, exceptional access would create concentrated targets that could attract bad actors. Security credentials that unlock the data would be retained by the platform provider, law enforcement agencies, or some other trusted third-party. Furthermore, law enforcement’s stated need for rapid access to data would make it impractical to store keys offline or to split keys among multiple holders, as security engineers would normally do with extremely high-value credentials.
In addition, law enforcement has called for social networks to allow automated, rapid access to their data. Establishing a backdoor into a social network also creates a vulnerability to attack and abuse.
However, the greatest impediment to exceptional access may be jurisdiction. Taking the concept to an international setting, numerous complicated questions arise immediately.
- Which countries have sufficient respect for the rule of law to participate in an international exceptional access framework?
- How would such determinations be made?
- How would timely approvals be given for the vast array of new products with communications capabilities that are launched year after year?
- How would the new surveillance ecosystem be funded and supervised?
Keys Under Doormats lays out a framework for debate by presenting the historical background to exceptional access, summarizing the law enforcement proposals as they are understood, and discussing the proposals in the context of the two most rapidly-growing platforms: messaging services and personal electronic devices, including smartphones and tablets. The report sets forth key questions for policymakers and provides extensive insights to inform and shape the discussions that are underway and those that are yet to come.
For Additional Information See: