Old news is good news
Key escrow is fundamentally broken and can't be fixed. RFC1984 explains why.
More than a quarter century after its introduction, the failed rollout of hardware deliberately backdoored by the NSA is still having an impact on the modern encryption debate. Known as Clipper, the encryption chipset developed and championed by the US government only lasted a few years, from 1993 to 1996. However, the project …
Valuable as RFC1984 is as a position statement, I don't think it does explain why "key escrow is fundamentally broken". It expresses a position which is fundamentally opposed to key escrow, but while I agree with that position for most applications,1 I don't see how it constitutes an argument that escrow is "broken". In cryptographic research, "broken" is a term of art that implies a rather stronger test than "no sir, I don't like it".
1There are a number of specialized applications where key escrow is a useful aspect of the protocol, under certain threat models that are reasonable for those applications. Filesystem encryption of organization-owned equipment, where keys are held in escrow by the organization's IT department, is one example. Private communication among private citizens is not one of those applications.
Put yourself in their place. For years their work was made easier by the large amount of intelligence and evidence they could gather by simply monitoring communications - since the telephone became a easily accessible medium - and then accessing data stored electronically when not on other more accessible media.
It's quite clear their job will become far more difficult and they will need to adapt and work a lot more, and in more intelligent ways, to achieve the same results.
Evidently the advantages of encryption outweighs the disadvantages - like the advantages of transport vehicles outweighs the fact they can be used to commit crimes more efficiently than without - and you can't ask for cars able only to make at most 4mph so a cop can follow them by foot, even when they get away with Reg journos laptops. Nor you can ask for any car to be left open so a cop can look inside - when obviously crooks will do the same.
Authoritarian regimes will solve the issue mandating the installation of "government applications" that will have total access to the system data, and mandating data storage on government approved systems - which will give them access. Trying to game the system will have dire consequences, of course.
Others may be more subtle - for example there has been a stir when the an Italian minister proposed to extend the "digital identity" system (called "SPID") used to access government services, to other services including private ones (i.e. banking, but not only, even your Amazon access, for example).
Beyond the big issue of having all eggs in one basket (so if your account is compromised everything becomes accessible at once), you would need to trust a government issued key with the assurance they didn't keep a copy, for matters that should be not within government reach without a warrant - but they did try to make it appealing by extolling the virtues and easiness of a single sign-on system....
"For years their work was made easier by the large amount of intelligence and evidence they could gather by simply monitoring communications"
I see nothing wrong in forcing law enforcement agencies to either return to their roots and rely on boots-on-the-ground for intelligence gathering. This also implies that limited resources are focused on high-value targets.
Detailed intelligence gathering including all sorts of electronic real-time high-tech surveillance are always available for a SPECIFIC target and approved by a warrant.
"For years their work was made easier by the large amount of intelligence and evidence they could gather by simply monitoring communications"
It seems that every terrorist incident over the past few years, at least as far as European experience has been concerned, has been committed by someone known to the security services. The problem has been that, through lack of staff time, they have been ignored in favour of other targets. If the services are unable to process what data they have already it seems very unlikely that they'll be helped by having more.
"the pace of innovation and unpredictability of how technologies will develop makes it incredibly difficult to legislate an approach to encryption and backdoors"
But that doesn't stop legislators from walking out of a presentation on how the concept of a "secure" backdoor is mathematically impossible - literally arational - and throwing their collective hands in the air and saying that "we can put a man on the moon but we can't figure out a way to read a text message" or something similar. Since it's such a convenient way to cast the tech industry as the "bad guys", the stalwart protectors of child pornography, terrorism, and drug trafficking, I'm not entirely sure that the legislators don't view this perennial conversation as a way to burnish their tough-on-crime credentials and get an easy jab in at Silicon Valley.
Well, that explains why every politician/minister etc. is only a quarterwit or, more likely, far less!
And, going by the complete numpties currently in power on both sides of the pond, it probably takes a collection of at least 6 of them combined together to accumulate as much as a tenthwit!
Seems to me the easiest solution is to do just what criminals do when they want information on a target that uses encryption. Simply get a virus/malware on the target system, and surveil the subject that way. All the LEOs would have to do is get a court order to place this "malware" on the target's system to gather the required information. Time limits could be ordered by judges, and the malware could self destruct along that court's guidelines. Am I missing anything here? Encryption has not stopped nation state bad actors, why should it stop the Law Enforcement Officers?
the same idiots whine about GUN CONTROL too, same logic.
Only now, in SOME places, it's even *KNIFE CONTROL*. Go fig.
Nothing like a "solution" in search of a "problem" to EMPOWER POLITICIANS and CONTROL OUR LIVES EVEN MORE...
Just keep the source files for *STRONG* public key encryption available to EVERYONE AROUND THE WORLD, and make it SO easy to use with FREE open source applications, specifically ones that do not track nor advertise, that the genie can NEVER be put back into the bottle, and ANYONE can have strong, un-crackable encryption IN SPITE OF *THEM*.
posting to USENET, open source OS projects, and the various www archive servers is a good start...
[at one time the BEST encryption resources were FTP sites in FINLAND - back in the 90's]
it would be somewhat trivial to write an Android application to provide strong encryption for use in a mounted file system using existing algorithms, let's say PGP and IDEA for starters. All it would need to do is look like an external storage device plugged in via USB. Not that hard to do with Linux. I think there are already file-baed mountable file system drivers already for Linux. Just adapt one of those... run it in userland (like Fuse FS) and voila!
dunno if you'd have to jail-break a phone to do that... but it would certainly be possible if you did.
/me has experimented with native libs on Android already. The next step is a userland file system like Fuse FS and the ability to mount them. Then *ANY* application could store files in an encrypted file system with strong un-crackable non-back-doored protection, a HUGE hash-based key, and maybe even biometrics and/or bibliograhical pass phrases - your favorite book chapter X and paragraph N, as an example!
I know I shouldn't rise to your trolling, but after your misleading leading statement, you actually made some good points. Gun control has been demonstrated to be effective in reducing death rates everywhere it has been introduced, even in the US. Your opinion doesn't change the facts.
Fake news from someone who is unaware of John Lott's book -
"More guns, less crime".
Gun deaths have gone down when things like "must issue" concealed carry has been put in law.
Fact, checkable - and not in dispute by anyone in touch with the real numbers.
The tools don't control the motivation of sick humans either way. There was even a move to ban glass beer mugs on that side of the pond due to their use to disfigure, and north, one to ban baseball bats. How far does it have to go before admitting humans are messed up and once even used rocks and sticks to do harm to one another -
John Lott work Is a biased, unreliable one.
”Fabricated evidence in the first edition, cited as "national survey" which the author admitted could not be sourced, see Adam Winkler in "Gunfight". Author was also a Olin Foundation recipient, a paleo-conservative foundation. This being the third edition, I'm hopeful that these errors were corrected but I'm not sure, hence the one star."
Mr. Lott's book is chock full of undeniable facts and is a great read. It relies on far, far more than one "national survey" (which is hardly "fabricated evidence"). It is not "biased" nor is it "unreliable" and using the writings of a leftist California lawyer to attempt to prove otherwise is simply intellectual dishonesty.
But, the article was about Clipper and its affect on today's encryption arguments. The Clipper chip was pushed quite hard by the Clinton administration. The scheme was faulty then and continues to be faulty today. The only people who push Clipper-like systems and techniques are the mass surveillance types that can't stand people having private thoughts and seek to control everything and everyone.
Well the USA seems to have many times more gun deaths that the UK, taking into account the population size.
I think the UK has about 60-80 deaths for the WHOLE of the UK per year. U.S.A about 39,000. Now the UK has a population of 63 milion and the USA abour 260 million. So you figure the stats. The statement that guns saves lives seems to be a load of BS.
Now If Americans are happy with the death rate (at least it keeps the population down) then so be it. but NEVER try and make out that "Guns save lives".
I am not saying "ban all guns" but as people in the USA keep spouting "It not the guns that kill it's the poeple". True so why allow so people who clearly should not be allowed to have a gun the "rtight" to hold one. Being able to own a firearm, (which is a VERY dangerous weapon who sole purpose is to KILL) should be a privilege NOT a right!
"Gun control has been demonstrated to be effective in reducing death rates everywhere it has been introduced"
Not in the UK where we have been increasingly restricting gun ownership while homicide rates have increased from 300ish per year in the 1960s to 800 per year in the 2000s. Figures are from the ONS. Correlation clearly does not equal causation, and it is very possible that homicide rates would have been even higher with less gun control, but we should be careful making blanket statements.
Overall homicide rates are a different thing to total gun deaths and suicide by gun deaths.
so we have 800 homicides in the UK per year, the USA has for GUN crimes alone (2017) 23,854 were by suicide and 14,542 were homicides.
UK Homicides per 100,000 - 1.20 total = 803 (2017)
USA Homcides per 100,000 5.30 total 17,284 (2017)
However you slice it the USA is a lot less safe as a place to visit or live than the UK.
Note: I have been to the USA only once (Mainly N.Y.) and ALL the people were freindly and I will be visiting again. It is just the American obsession, because that is what it is, an obsession, with owning guns and sometime LOTS of guns that is unsettling. I have no idea how many people have been "saved" by owning a firearm in the USA but i am sure a lot more have died because of one.
You HAVE to consider overall rates because removing low-hanging fruit can simply make people seek other trees. Consider that neither the UK nor the US are very high in the per-capita suicide rates overall while two of the worst (Japan and South Korea) have strict gun-control laws. If they can't shoot themselves, they'll throw themselves in front of cars and trains, off of buildings, or just poison themselves. Frankly, crime rates and suicide rates can probably correlate more to environment and culture than anything else (the countries with the highest suicide rates, for example, are either broken socially or have crazy high social standards for success--for overall homicide rates, look for hotspots like southern California that inflate the stats for the rest of the country).
The 2nd Amendment isn't about the abuse of people's rights, it is about the undeniable reason to have that right - just because dirt bags abuse them doesn't excuse removing them. It is about having the tools to avert tyranny, and that can happen quickly in history - the US came close during the Great Depression; it could tip over in the future - in fact many think Trump is the US version of Hitler - no US citizen wants to give up all their rights just to be safe - it ISN"T worth it!
Besides this fact my friends and relatives across the pond tell me it is easy peasy to get an illegal firearm. What good was having the law if any bad guy can get a gun if he wants too? There is a data map of the world that shows that the US is not the dangerous place in per-capita deaths by violence committed by firearms that many would have you believe. In fact it is the more dictatorial countries that not only outlaw personal firearm possession, but will do so violently at the drop of a hat. Many of them are a hot bed of violence by firearm, compared to the rest of the world.
25 years ago there were FTP sites in Finland that had source code and various white papers [in English] on encryption methods.
Dur, dur-dur-dur. Dur-dur. Dur-dur (can't touch this)
I propose something very very similar, "in the cloud" or just EVERYWHERE in EVERY open source OS distro that exists, as a free GPL'd application with no back doors or tracking, etc.. kinda like libdvdcss [which for some reason is no longer easily available for windows... but certainly there for Linux and FreeBSD!!!]
Politicians have forgotten that it's not there job to give police etc anything they want but to tell them they can't have it and have to make do with what they have. No police force (or similar) in history have ever thought they have had enough rights and always complain that they need to be allowed to do X or that no one should be allowed to do Y because it makes it harder for them. if they are allowed anything they want we would end up with random people dragged off the street and tortured just because they maybe knows of some wrongdoing somewhere far sooner then anyone can imagine. The job of politicians is to tell them that they can't have everything they want and make sure they do get a painful smack if they step out of line.
The argument boils down to simply this: They (collectively) have an abysmal record with keeping anything secret and any backdoor would compromise a static system to the level of the vigilance of the lowliest .gov spook with an IQ in double figures, an appointment with Ms Whiplash and a pen drive left in a taxi.
It. Won't. Work. You either have total (to the extent the current technology allows) encryption or you have none.
We also don't trust 'em but that's not a technical reason. Remind me again how many rozzers/CSOs have been found misusing the PNC and then try to tell me that this proposal would not be used on anyone whose face doesn't fit - before it falls over, leaks and ruins everything anyway.
isn't this a philosophical issue, and a long running one?
After years of bitter violence and fear across Britain and Europe Elizabeth I had the wisdom to say, "I have no desire to make windows into mens' souls" and gave people space (relatively) to think and believe as they wished, without 'the state' feeling the need to intrude or to 'know'.
Politicians and societies need to make fundamental decisions about the boundaries of 'state' interference and knowledge, accepting that there are places they will not and should not go, and accept the cost of doing that for the sake of the greater good.
On the whole we seem to lack politicians (and others) with the capacity or the will to be big enough to step back and consider the bigger picture and put issues of the day into some kind of context.
Nah, power, money, fear and loathing - much more fun.
"Politicians and societies need to make fundamental decisions about the boundaries of 'state' interference and knowledge, accepting that there are places they will not and should not go, and accept the cost of doing that for the sake of the greater good.
On the whole we seem to lack politicians (and others) with the capacity or the will to be big enough to step back and consider the bigger picture and put issues of the day into some kind of context."
Because can you say political suicide? What do you do when the voters demand unicorns?
'What do you do when the voters demand unicorns?'
Tell them politely to STFU, treat them as adults and explain simply and clearly that unicorns are fantasy beasts, and that for the well being of as many as possible we will be doing this, in this way because we have sat down and listened and thought and are determined to discharge our responsibility to serve the needs and well being of the people of the nation (regardless of whether they voted for us or not).
Some will not like it.
But then you can't please everyone.
"Some will not like it.
But then you can't please everyone."
But if you don't, you end up with people like Donald Trump up top. See the problem? If the voters demand unicorns and you tell them STFU, the next person to come along with a horn glued to a horse gets people voted out, and then you get what we're seeing now: solid proof that your approach doesn't work.
There's no arguing with stupid. We either have a system that ensures some kind of dictatorship (benign or otherwise); or allow that 'stupid' will occasionally/often win the day and live with the consequences.
As far as I am concerned, the latter is preferable, but that doesn't excuse 'politicians' from a duty of honesty, integrity, truth telling, and being 'servants' to the general well being, not masters (which obviously takes us off into dictatorship territory).
Trump et al maybe the embodiment of lowest common denominator politics, but at least we all get to experience the consequences and have the 'freedom' to respond and do something about it (however much we may wring our hands and pound our keyboards in outraged disgust and despair).
"We either have a system that ensures some kind of dictatorship (benign or otherwise); or allow that 'stupid' will occasionally/often win the day and live with the consequences."
Consequences including taking the rest of us with them. Thus why you can't escape American imperialism or Facebook: because you get caught up by Stupid even without your intervention. So I say you MUST find a way to argue with Stupid. Otherwise, you're basically conceding we're stranded up the mountain, staring up at the avalanche and realizing the only option left is to curl up and pray.
"... conceding we're stranded up the mountain, staring up at the avalanche and realizing the only option left is to curl up and pray."
You've nailed reality there, I think. After ten thousand years plus of human civilization there is no evidence that we are any better at dealing with stupid (including in ourselves) than we ever have been. It's that 'human condition' thing.
Pray - yes, that conversation is always worth having. Curl up - never! Stand and face the avalanche and keep heading in the opposite direction. Stupid is as stupid does, but it is a choice. Jeremiah never gave up speaking the truth, even as stupid carried him away to the doom he was warning about.
The chaps from GCHQ that briefed parliament at one point appeared utterly unconcerned about the uptake of encryption by way of VPN's etc when questioned.
This leaves two possibilities. Either GCHQ had sent somebody utterly unbreifed who didn't know this would be a problem, or that they had sent somebody fully briefed that knew that this wasn't a problem.
Just imagine that GCHQ had a way to break current encryption. Would they be admitting this, or claiming that current encryption was unbreakable? My general view is that it doesn't really matter that much to me, while i'm not 100% certain that GCHQ can't break my encryption i'm not actually doing anything that I need to protect from the government in any way.
" i'm not actually doing anything that I need to protect from the government in any way."
Until something you are doing is no longer liked by the government. You seem to be veering towards the nothing to hide argument. We all have something we would rather not be public I suspect. I don't think I have anything that the government might be interested in, but I still don't like that they want to break encryption that I need for e.g. accessing my bank account.
There was another problem with the Clipper chip. How do you persuade people in other countries to use computer kit that the US can spy on at whim?
"Only the government can decrypt it" - which government? If you mandate it in your country, what do you do about visitors? Force them not to use their own tech?
Even if you use it among the 'friendly' Five Eyes, they are promptly going to spy on each other.
What do big international firms do? Their executives are flying from country to country carrying kit that contains extremely valuable information. Which governments where and when can grab that for industrial espionage?
Some of the people on the Clipper team were so alarmed they secretly briefed opponents of the project, alerting them to insecurities in the design, The Register understands.
Some of us remember who was that clipper team.
More seriously, whistleblowers like this are our best safeguard against covert snoops. Which is why govt/TLAs put so much effort into vetting and intimidating people working on sensitive projects, and sometimes get upset at projects and technologies outside their control.
Govts. seem to want the tech industry to develop this magical system for free.
They have the option of putting
their our money where their mouth is and offering the tech industrymoney to develop a workable scheme. Perhaps an initial competition for a contract to develop it. The bulk of the money would only be paid when the result had passed scrutiny by industry experts - who would also scrutinize the competition offerings.
If they can't get a workable system out of it they might finally reflect on what it was they were wanting and why nobody in the industry has attempted to do it on their own initiative.
I think it's well established that they are not able or honest enough to be the ones who decide what workable is. As has been shown many times, "Industry experts" can easily be chosen to promote whatever view you want promoted.
And once money is allocated, the fact that something, however flawed, will be adopted is right around 100%.
.....because anyone with communications to keep secret has some options:
1. Avoid electronic communications - couriers, dead letter boxes, and so on.
2. Use private cipher schemes BEFORE the messages enter an electronic channel.
3. Use channels which do not have end points which are identified with individuals (throw away email addresses, burner phones, comments in El Reg, and so on).
And before anyone comments that item #2 is widely thought to be "weak" or "very weak", remember that the spooks will take time (maybe a long time) to figure out a private cipher, while the users of the private cipher get real time messaging. Take a look the Beale Papers....one of them still hasn't been deciphered after more than a century!
See below for a combination of items #2 and #3.
Biting the hand that feeds IT © 1998–2021