Congress is hearing testimony today about mandating backdoors in security products so law enforcement can access encrypted communications.
James Comey, the director of the FBI, and Sally Quillian Yates, the deputy U.S. attorney general, are scheduled to testify about the need for such power in order to fight criminals. In the past they have cited child pornographers and terrorists among the targets. Comey says that without backdoors intelligence about criminal plots is going dark.
For a variety of reasons, though, mandating backdoors into encrypted communications is a bad idea.
It’s bad for the security of encryption, it’s bad for businesses and individuals that legitimately rely on encryption, and it’s bad for businesses that sell encryption products.
I talked with Paul Kocher, president and chief scientist of Cryptography Research, about a report issued yesterday by panel of other distinguished cryptographers and privacy experts. The report and Kocher’s commentary make good arguments for caution before granting backdoor powers to law enforcement because the consequences could be devastating.
Backdoors can be called many things, but they represent a weakness in cryptography. Despite being intentional and meant only for certain good uses, they are still weaknesses, and weaknesses in security get exploited by someone eventually.
The consequences for businesses are enormous. Encrypted messages that detail ongoing commerce or transmit intellectual property would be at greater risk of theft. Stolen trade secrets can mean financial disaster for victims.
If the U.S. were the only country to require backdoors, U.S. manufacturers would be put at a disadvantage selling anywhere outside the U.S., Kocher says, and asks whether a potential corporate customer in Germany want to buy encryption technology that the FBI could defeat. Probably not.
A law requiring backdoors for products used in the U.S. and authorizing use of those backdoors would likely inspire similar laws in other countries, he says. Potential decryption of private-message content would quickly broaden.
Given the international nature of product manufacture, distribution, use and movement after sale, a simple email could fall subject to multiple jurisdictions. Kocher’s example: A Gmail sent to Japan from France by a laptop bought in Canada and made in China could be subject to decryption by law enforcement in five different countries.
Technical challenges to create products that meet requirements of multiple laws would be daunting.
Legal decryption of communications would force bad actors to avoid using the technology. They would build their own, backdoor-free technology readily available how-to resources, Kocher says. That would violate proposed laws, but they’re already engaged in criminal activity so what’s one more thing?
Beyond technical, legal and economic challenges, privacy and human rights issues also come into play. Just as backdoors are a threat to security itself, they endanger privacy because those backdoors can be abused. Nations that disregard human rights could use decryption capabilities to intercept confidential communications to abuse their citizens. Even in countries with good human rights records rogues in positions of authority could abuse the right to decrypt.
From a law enforcement perspective, backdoors represent a tool to find out what criminals are plotting. Intelligence agencies already gather data about who is communicating with whom.
If those lines of communication are known, law enforcement agencies can seek authorization to tap those communications for content using means that don’t leave all communications vulnerable, Kocher says. It’s more work; it’s slower but that may be worth avoiding the widespread and major negative consequences of implementing such backdoors.
The FBI seeks broad powers without specifying what form they would take. That leaves no room for informed discussion about the practical pros and cons of implementing them.
Given the dangers of such backdoor proposals, the FBI or any agency seeking to require encryption backdoors and legal authority to use them needs to put forward specific plans for public discussion.
That way potential upsides and downsides can be weighed before incurring actual consequences. There will be enough unforeseen outcomes even with thorough informed discussion. Skipping that dialogue makes no sense.