[Cryptography] What if (ir)Responsible Encryption Back-Doors Were Possible?

[Henry Baker]

At 02:21 PM 12/7/2018, Ray Dillinger wrote:
>From: Ray Dillinger <bear at sonic.net>
>For what it's worth I believe the only "responsible" backdoor suitable
>for government use - particularly if it is something that can be
>automated - is one that does not allow even one single use of that
>backdoor to remain indefinitely secret.
>
>We need a system for accessing the systems of a few dangerous criminals
>that allows the government to PROVE at any point that it has not been
>invasively scooping absolutely everything that belongs to absolutely
>everybody.
>
>In Broad Fuzzy Outlines leaving a million hard details and a hundred
>refinements to be designed....
>
>In order to get their backdoor key, perhaps, they have to interact with
>a public block chain creating a blinded transaction.  And no valid block
>can be created without unblinding the access transactions of blocks that
>are turning more than (say) 180 days old.
>
>Because I get the idea that sometimes you have to have covert access for
>the sake of a specific investigation, of a specific person for evidence
>of a specific crime.  But if that access never becomes known to the
>public, or if people CAN use it in the belief that their use of it will
>never be known, then it is guaranteed to be abused.
>
>Every morning, political and business reporters (and inevitably gossip
>and tabloid reporters) and courtroom attorneys (and inevitably mobsters)
>should be waking up, having a healthy breakfast, and consulting the
>chain to see the backdoor accesses unmasked this morning.
>
>Every morning, paranoids and tinfoil-hats who irrationally fear the
>government (and inevitably mobsters and shysters and spies who have good
>cause to fear the government) should be able to reassure themselves by
>checking the chain to see whether it reveals today that a while ago
>their own data was accessed.
>
>Unmasking shouldn't be required for accesses less than 6 months old, so
>that a legitimate law enforcement purpose can be served before the
>targets become aware.  But unmasking must become absolutely certain
>after some time so that people cannot be deceived about the extent or
>nature of the access.
>
>Unmasking a backdoor access should reveal whose data was accessed, who
>accessed it, when it was accessed, what specifically they were looking
>for, why they had probable cause to believe it was there, and what judge
>signed the search warrant.
>
>Even the masked transactions on the chain must be known to exist; Nobody
>should ever be able to authorize some program that harvests 330 million
>people's data one morning without it becoming known, on the same
>morning, that 330 million accesses were made.

Why don't we call a spade a spade?

The proper term is "IRresponsible encryption", since it opens up a
vulnerability to essentially *everyone*, regardless of their situation
or culpability.  But, of course, this proposal follows the age-old
rule that the *name of a bill/law* is precisely the opposite of its
intended purpose, which is why everyone thinks that legislators are
all liars.

Re: "2) No one wants to be in a position where a mass murderer has
encrypted data that cannot be revealed to law enforcement"

Joe Stalin said "a single death is a tragedy; a million deaths is a
statistic".

We've seen Stalin's rule operate recently with the murder of Khashoggi,
where the press is all up in arms about a single murder, when more
than 50,000 people have already died as a result of Saudi's attacks
in Yemen.  Apparently, more than just one person thinks that there
are 110 billion reasons why 50,000 people don't matter.

To better understand the FBI's "mass murderer" fetish, you also
have to understand the concept of *bootleggers and Baptists*, as
explained by Bruce Yandle to Russ Roberts on his Econtalk podcast
back in 2007.

Basically, Prohibition was made possible in 1919 by a combination
of the interests of bootleggers (who would make huge profits from
the lack of legal competition) and Baptists (who don't believe in
drinking alcohol).  While the reality was more complicated than
this, "bootleggers and Baptists" has become the label for strange
bedfellows who get together to pass a law otherwise unthinkable
for the rest of the population.  Thus, the bootleggers put forward
Baptists to carry their water, because no one is going to (publicly)
support bootleggers. 

http://www.econtalk.org/bruce-yandle-on-bootleggers-and-baptists/

Another similar situation was that of mothers who voted for Wilson
in 1916 because "he kept [our sons] out of war (so far)" (yes, women
were allowed to vote in 6 western states; see Michael Beschloss's
book on Presidents of War).  Alice Paul, the radical suffragette,
effectively traded her support for Wilson's war for Wilson's
support for the 19th Amendment -- she presumed that the ~117k
deaths and ~320k wounded were costs worth paying for its passage.

Yet another example is that of U.S. gun deaths, where ~34k people
were killed in 2013, *2/3's of which were suicides*.  To keep
things in perspective, ~33k people died in auto accidents in 2013.
Yet gun control advocates continue to inflate gun deaths with
suicide statistics, while simultaneously voting against physician-
assisted suicide.

The FBI and its apologists are attempting to use Joe Stalin's
rule and create a "Megan's Law" for encryption backdoors by pulling
out a single sympathetic individual to sway public opinion, when
the losers from such are *all the rest of us*.  The plural of
"anecdote" is not "data" !  (The plural of "backdoor" is not
"responsible" ?!?)

The FBI is also playing the Baptist for the Deep State "bootleggers"
who want to continue unrestricted & unwarranted mass surveillance.
Such bootleggers include the subject of a now-playing movie which
just won 6 Golden Globe nominations, and a judge who recently joined
the Supreme Court.

We're currently asking the designers of autonomous vehicles to
solve the "Trolley Problem", wherein a runaway trolley (or
autonomous vehicle) gets into a situation where 1 or 5 people
will die, and the autonomous vehicle must decide who will die.
Yet legislators themselves continuously pass laws which benefit
a vanishly small percentage of the electorate, while disadvantaging
everyone else.

https://en.wikipedia.org/wiki/Trolley_problem

I'm sorry, but the tradeoff of making billions of cellphones,
laptops, routers, and other IoT devices vulnerable to save a
handful of people isn't worth it; among other reasons, we can
be sure that the vulnerabilities themselves will cause
additional deaths -- dead reporters, dead dissidents, dead
spies, etc.

One supreme court justice is supposed to have suggested that a
flush toilet is the drug dealer's best friend.  Yet not even
the FBI is suggesting that toilet manufacturers include a
"back door" in every toilet to catch a handful of drug dealers.