[Cryptography] Obama to clarify his stance on encryption by the holidays

Henry Baker hbaker1 at pipeline.com
Fri Dec 11 09:17:56 EST 2015

FYI -- Weakening encryption would allow the Grinch to steal Christmas...  I don't want Santa coming in *either* the back door or the front door; he's only allowed to enter via the chimney.  New crypto characters: Alice, Bob & Eve, meet Grinch & Santa!

Curiously, if you have *Javascript turned off*, dailydot.com rejects access to the following link with a *certificate error* !!


"This Connection is Untrusted

"You have asked [your browser] to connect securely to www.dailydot.com, but we can't confirm that your connection is secure.

"Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place.  However, this site's identity can't be verified.

"What Should I Do?

"If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn't continue."


Obama to clarify his stance on encryption by the holidays

By Eric Geller and William Turton

Dec 10, 2015, 6:22pm CT | Last updated Dec 10, 2015, 7:39pm CT

The Obama administration plans to clarify its stance on strong encryption before Washington shuts down for the holidays.

Administration officials met Thursday with the civil-society groups behind a petition urging the White House to back strong, end-to-end encryption over the objections of some law-enforcement and intelligence professionals.

At that meeting, White House and Department of Homeland Security officials told representatives from the American Civil Liberties Union, Access, the Center for Democracy and Technology, Human Rights Watch, and New America's Open Technology Institute that they were eyeing a holiday deadline for their formal response, according to Kevin Bankston, OTI's director, who helped organize the meeting.

A senior administration official confirmed that an encryption response was forthcoming but did not comment on the deadline.  "The response we posted was an interim one," the official said of the brief reply to the petition, "and we will have a more fulsome response soon."

Bankston called Thursday's discussion "a very hopeful meeting."  He said that the officials present were Michael Daniel, President Obama's cybersecurity coordinator; Ed Felten and Alexander Macgillivray, Obama's deputy chief technology officers; and Daniel Prieto, director of civil liberties and privacy for the National Security Council.

"They were mostly in listening mode," Bankston said, "but they did seem to share our overall goal of moving the discussion beyond the debate over encryption into a more productive conversation about how best to provide for national security in the current technological environment."

As tech companies have improved the security of their products and have begun to offer encryption that even they cannot bypass, national-security officials have complained that those companies are aiding criminals and terrorists by stymying investigations.  These officials want tech companies to add "backdoors" to their encryption that the government could access with a warrant.

FBI Director James Comey, the staunchest advocate for making tech companies modify their products to facilitate investigations, has warned that criminals are "going dark" by encrypting their communications in indecipherable ways.

Security experts overwhelmingly oppose backdoors, which they say would create opportunities for criminals, not just cops, to breach secure systems.

President Obama has not taken a firm stance on backdoors.  He told Re/code in February that "there’s no scenario in which we don’t want really strong encryption," but he called on tech companies to work with the government to make investigations easier in an Oval Office address on Sunday.  His administration continues to pressure tech companies to make such accommodations.

The White House considered a variety of backdoor policies but ultimately rejected them as unworkable.  Mark Stroh, a White House spokesman, told the Daily Dot in October that "the administration is not seeking legislation at this time."

Bankston hopes that the White House will go further now.  "What we want to hear from the White House is for them to not only continue to hold to their current position--which is that they are not seeking legislation at this time--but have them drop the qualifier of 'at this time.'"

"Our hope," he added, "is that, if they are willing to do that, we can move beyond this seemingly endless debate... and start talking about how can law enforcement and intelligence [agencies] adapt to a world where encryption is common, rather than pretending that we could ever make encryption adapt to law enforcement and intelligence [agencies]."

The debate over whether businesses should weaken their encryption to help the government, known as the "crypto wars," began in the 1990s and took on new life after the Paris terrorist attacks in November and the San Bernardino shooting in December.  Some officials and lawmakers have blamed encryption and called for a policy response, although there is no evidence that the perpetrators of both attacks relied on encryption to evade detection.

"One of our key arguments at this stage," Bankston said, "is simply continuing to highlight--as was true in the '90s... during the original crypto wars, but is even more true now--no matter what U.S. law and U.S. companies do
 strong end-to-end encryption is going to be widely available to anyone who wants it."

Two lawmakers are working on legislation that could outlaw unbreakable encryption.  The White House did not promise to rebuke those attempts, according to Bankston, but it is aware of the problems with such a law.

"At this point, they clearly understand all of our concerns and arguments," he said.  "In fact, many of those concerns and arguments were laid out in the White House’s own memos that were leaked a few months ago." 

Another participant in the meeting, who asked not to be named, said that the White House "seemed to very clearly understand the security implications of weakening encryption."

"I think the civil society groups broadly shared their concerns... both from a security standpoint and also from a First Amendment standpoint about some of these harms associated with weakening encryption or mandating a backdoor," this person said.  "The meeting participants really stressed that this was an important moment for the White House to be clear about their position."

Civil-society groups hope that their talk launches "a series of meetings of more dialogue between not just us but other stakeholders as well," the participant said.  "The participants in the room seemed to recognize the pressure domestically and globally and the importance of the U.S. to really lead on this issue."

Bankston warned that requiring companies to weaken their encryption, whether through backdoors or other means, would "make us less secure, in terms of our cybersecurity, and also shoot our tech industry in the foot, in terms of its economic competitiveness."

More information about the cryptography mailing list