Should governments be allowed to keep the keys to encryption backdoors?
The short answer, according to a group of computer scientists who helped created modern encryption, is not only no, but resoundingly no, no, a thousand times no.
Providing encryption backdoors in any form weakens encryption across the board for everyone -- including the good guys, argue the authors of a new research paper released today.
Keys under doormats
In "Keys Under Doormats: Mandating insecurity by requiring government access to all data and communications," 14 computer scientists and encryption experts fiercely rebut the latest attempts to make encrypted information more accessible to law enforcement.
Among the paper's authors are pivotal names in their respective fields: MIT computer science professor Harold Abelson; security researcher Bruce Schneier; computer scientist Peter G. Neumann; Ronald Rivest, co-creator of the RSA encryption algorithm; and Whitfield Diffie, one of the co-creators of public-key cryptography.
So-called key escrow schemes "force a U-turn from the best practices now being deployed to make the Internet more secure;" make encryption systems more difficult to build and debug; and would create known weaknesses in encryption that would simply attract concentrated efforts to break them, according to the paper.
"If law enforcement's keys guaranteed access to everything, an attacker who gained access to these keys would enjoy the same privilege," the paper argues.
Blasts from the past
Government's previous efforts to weaken encryption -- both above- and below-board -- ended badly. The Clipper chip, a key escrow system for voice communications created in the 1990s, met with strong resistance from both privacy advocates and cryptographers, with the latter demonstrating that the chip was demonstrably insecure on its own terms. In 2013, word surfaced that the NSA had subtly weakened NIST-supported encryption standards to make them more amenable to automated attack -- a strategy that would only serve the NSA as long as no one else knew of the weakness.
Today's renewed calls for law-enforcement access to encryption keys proffer the same arguments as earlier efforts -- mainly, that encryption enables criminals to evade law enforcement. However, the crucial question to ask about key escrow schemes, the authors argue, is whether granting such access creates problems at least as large as the ones they claim to solve.
The stakes involved in weakening encryption today are far higher than they were in the 1990s, the paper insists. Far more real-world infrastructure depends on encryption than ever before, and switching those systems over to key-escrow encryption makes them more vulnerable to attackers.
"Lawmakers should not risk the real economic, geopolitical, and strategic benefits of an open and secure Internet for law enforcement gains that are at best minor and tactical," the paper's authors write.