Reply to post:

Obama edges toward full support for encryption – but does he understand what that means?

tom dial Silver badge

Encryption is not the be all/end all of security; it is only one of many tools. Furthermore, it is not up to the US alone, as the allegedly leaked memo of uncertain provenance notes, to make all decisions about legal constraints on encryption or requirements for back doors or key escrow systems. The NSA and the world's other SigInt agencies will be happy if any major government requires authorized government access to encrypted data and communication streams.

In fact, though, these agencies will not care enormously about government constraints or requirements governing encryption and encryption standards, because the weak points of nearly all encryption systems are the people who use them and the hardware and software systems that implement them and on which they operate.

It has not been clear to me since the early 1990s, when the US government was going after Philip Zimmerman, restricting export of strong encryption products, and developing the Clipper and Capstone chips, just why any government would entertain the notion that they would be able to prevent criminals from encrypting communications if they chose to do so. Before PGP source code was available, before Bruce Schneier's first book on cryptography was published, the essential secrets of good encryption were available to enough smart and clever people outside government that hope of preventing its criminal use was squashed. That apparently intelligent people continue even to think about it, let alone talk about it in public, boggles the mind.

In the US, law enforcement authorities have and will continue to have substantial power to compel disclosure of encrypted data. It will not matter that the manufacturers or communication providers do not have the key and therefore cannot assist them effectively. With properly issued warrants they have the full power of the local, state, or federal government, to direct whoever does possess the decryption key to either give it up or use it to reveal the message. That is the same power they now have to compel disclosure of information encoded by procedures not implemented using computers. Some who are gulity will not be prosecuted and some who are will not be convicted as a result, although the number of cases in which encryption is at issue is small and likely to remain so. That always has been true, and it has not brought us down as much as excessive criminal legislation, prosecutor overreach, overconviction, and oversentencing.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon