[Cryptography] Ad hoc "exceptional access" discussion at Crypto'15 ?

covariant covariant at i2pmail.org
Tue Jul 14 06:32:15 EDT 2015 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 07/14/2015 05:55 AM, Henry Baker wrote:
> Behind the opponents’ demand for “concrete technical requirements” 
> is the argument that any method of guaranteeing government access 
> to encrypted communications should be treated as a security flaw 
> that inevitably puts everyone’s data at risk. In principle, of 
> course, adding a mechanism for government access introduces a risk 
> that the mechanism will not work as intended. But it’s also true
> that adding a thousand lines of code to a program will greatly
> increase the risk of adding at least one security flaw to the
> program.  Yet security experts do not demand that companies stop
> adding code to their programs. The cost to industry of freezing
> innovation is deemed so great that the introduction of new security
> flaws must be tolerated and managed with tactics such as internal
> code reviews, red-team testing, and bug bounties.

The problem with government access is that it introduces a
(presumably) trusted third-party. I can see a few problems with that:

Whoever that third-party is, there is a possibility that it is a
central point of failure.
Good security is hard to achieve, and I have my doubts that
governments can provide it.

Besides, we are assuming the government is not malicious. Depending on
the country, this may be a reasonable assertion. But in many
countries, it is not.

In the end government access doesn't really solve anything. For those
who wish to hide their communications a few additional steps suffice,
e.g.:
- - - Rely on an additional layer of strong cryptography.
- - - Use good stenography.
- - - Use communication channels that are not being monitored.
It would be very naive and dangerous to assume that those with
malicious intentions are not able to put together the above list.
This is exactly the difference between the risk of adding new code and
third-party access: the former has benefits, the latter does not.

A significant portion of cryptographic work intends to eliminate third
parties from protocols.
This is a reasonable goal, because in an environment where trust is
important, it is wise to minimize the number of participants.
Many cryptographic protocols are broken by third-party access. I do
not mean to say "possibly broken" because the entire goal of these
protocol is not to have a third-party at all.

Overall, giving access to the government seems like a step backwards.
It's too late to stop what's coming, whether you like it or not.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJVpOTwAAoJEAkb1qZVZhiOzj0P/i8IPl14HOxW2g0iO0P3BOrh
lKGmRfCsUfZtkScAeFOSDw09EH/7o3A9ya+uAES0lk51oLdUlgPDlAV2Ax4c37Ba
jF7g2QYqg+OnCcfW1sMu2QMRit+oye7NBun0cGPRmasUbBoshaQscZ0IK2e0o5La
wgR9nw5vlyjaZyppd4JelSxQ+GhoIjBTNqRK5afAlkkCytNUPjcwk3iNBKljbK19
uI68dK7Nboj6626lgjpV0YxN3DV3o+l3u4i3f4+S0PczIFQ11M2c3aejBlUijGAw
8H39BBXoyGGOzaHv1ZbInCONOWnpqSRtrmlM/PR5QG1DkSUkXDT/7KuBSqwPAKAS
6iNjLjpK5dxciXzVYUmKs4xq2fL6u2UPeb/gH+SrjO71DHK2DKxvTn/UvQhFvBgE
4ayfS1Mn4v3jjUNEFSGTQPWtJ0T7baoRytzmk2xt0U78j0BxFMVyGryIMsMCDxfT
DiKnfI1TL+b/fdcIZ5RPgvRzrIOEi+0aslyCPnZkX/tXQBRYx1Ylsy3HMY5XGufn
d3kYwdq+Qi3yKai0E9OdKjURlywoySRa93+qxhoPGitl7jb6bq/uiThwV7f+Atyv
kifTQt12NbuWqxN9Nr2OmIXZIFnmlUZaambj4F7stNj2HT3OalTbYogXJP2ooTyl
HEba+ZpB2f+WObuGGT3a
=/DtB
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x5566188E.asc
Type: application/pgp-keys
Size: 3104 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150714/db16e2d2/attachment.key>

More information about the cryptography mailing list