US government wants “keys under doormat” approach to encryption

No, Assistant US Attorney General Rod Rosenstein did not call for tech giants like Apple, Google and Microsoft to keep plaintext copies of all your communications lying around just in case the FBI or other law enforcement agencies come calling with a warrant.

Unfortunately, that is the way some reports spun Rosenstein’s latest salvo in the encryption wars, which came at the end of a speech delivered Monday at the North American International Cyber Summit in Detroit.

Unfortunate because Rosenstein could complain that his comments were distorted, which would distract from the fact that what he did say didn’t improve on either the practicality or the privacy implications of what he said several weeks earlier in speeches at a cybersecurity conference in Boston and at the Naval Academy.

The Assistant AG, echoing former FBI director James Comey, had argued then that unbreakable encryption is allowing criminals to “go dark,” preventing law enforcement from doing its job by denying it the ability to detect, prevent and collect evidence of crimes.

This week the message was slightly modified. Rosenstein said encryption serves, “a valuable purpose.” He called it, “a foundational element of data security and essential to safeguarding data against cyber-attacks.”

And he said he supports, “strong and responsible encryption.” Which to him means, “effective, secure encryption, coupled with access capabilities.”

I simply maintain that companies should retain the capability to provide the government unencrypted copies of communications and data stored on devices, when a court orders them to do so… When a court issues a search warrant or wiretap order to collect evidence of crime, the company should be able to help.  The government does not need to hold the key.

According to The Register, this meant Rosenstein was proposing to, “let people send stuff encrypted as normal, but a plaintext copy of everything – from communications to files on devices – must be retained in an unencrypted form for investigators to delve into as needed.”

Not exactly. Companies don’t have to store everything in plaintext. They just need to have a key – which they can keep – to render data in plaintext when law enforcement comes bearing a warrant. Tufts University professor-Susan Landau, writing on the Lawfare blog last week, called this the “Keys Under Doormat” concept.

Two years ago, Landau was among more than a dozen coauthors of a lengthy paper in the Oxford Academic Journal of Cybersecurity by that title, which presents multiple reasons why such a concept won’t work. The very short version is that, “there is no safe way to do this; any system that provides a way in for law enforcement will inevitably be subverted by hackers.”

Still, Rosenstein also argued that tech companies already circumvent encryption to provide access to data for other reasons. He mentioned, as he has in previous speeches:

… systems that include central management of security keys and operating system updates; scanning of content, like your e-mails, for advertising purposes; simulcast of messages to multiple destinations at once; and key recovery when a user forgets the password to decrypt a laptop.  No one calls any of those functions a “backdoor.” In fact, those very capabilities are marketed and sought out.

Bruce Schneier, CTO of IBM Resilient Systems, another coauthor with Landau of the “Keys Under Doormat” paper, mocked that logic several weeks ago. He noted that that it is absurd to think that encryption can be made to, “work well unless there is a certain piece of paper (a warrant) sitting nearby, in which case it should not work.”

Mathematically, of course, this is ridiculous. You don’t get an option where the FBI can break encryption but organized crime can’t. It’s not available technologically.

Schneier said this week that Rosenstein’s latest speech doesn’t improve on that absurdity.

He can get a warrant for any of those less secure services already. He doesn’t want that. He wants access to the more secure services that don’t have that corporate back door.

Why do we care if he modifies his rhetoric in order to more successfully hoodwink his listeners?

Rosenstein also sought to persuade with a collection of alarming statistics (reproduced here so that you know what he said, not as an endorsement of their veracity by Naked Security):

  • DDoS attacks can amount to 18% of a country’s total internet traffic.
  • The global cost of cybercrime is expected to spike from $3 trillion in 2015 to $6 trillion in 2021.
  • Ransomware attacks are up from 1,000 per day in 2015 to 4,000 per day since the start of 2016. The FBI says ransomware infects more than 100,000 computers per day worldwide.
  • The “WannaCry” ransomware, besides infecting hundreds of thousands of computers, paralyzed Britain’s National Health Service.

Privacy advocates have heard all that and more, and say they take seriously the need for law enforcement to have the tools it needs to bring criminals to justice. But they contend that law enforcement already has vast surveillance capabilities – what Schneier has more than once called, “a golden age of surveillance” – and complying with government demands to defeat encryption even in allegedly selective circumstances will damage public safety rather than improve it.

Gary McGraw, vice president of security technology at Synopsys, scoffs at Rosenstein’s claim that everybody’s privacy will be protected as long as companies, not government, hold the key to unlock encrypted data (key escrow). That simply demonstrates that he doesn’t understand encryption. “He’s an idiot,” McGraw said.

Kurt Opsahl, general counsel of the Electronic Frontier Foundation, in a blog post earlier this month, said Rosenstein has it wrong from the start when he contends that society has never before had a system where, “evidence of criminal wrongdoing was totally impervious to detection.”

Rosenstein is apparently unaware of in-person conversations and, until a couple of decades ago, pay phones, he said.

And he is as scornful as McGraw about what he calls Rosenstein’s “magical dream of secure golden keys.”

First, perfect security is an unsolved problem. No one, not even the NSA, knows how to protect information with zero chance of leaks. Second, the security challenge of protecting a signing key, used only to sign software updates, is much less than the challenge of protecting a system which needs access to the keys for communications at the push of a button, for millions of users around the globe.

Opsahl notes that the Department of Justice has called for an “adult conversation” about encryption.

“This is not it,” he said. “The DoJ needs to understand that secure, end-to-end encryption is a responsible security measure that helps protect people.”