Home / Blogs

Crypto Back Doors Are Still a Bad Idea

John Levine

In the always interesting Lawfare blog, former FBI counsel Jim Baker in a piece called Rethinking Encryption reiterates his take on the encryption debates. There's a certain amount that makes me want to bang my head against the wall, e.g.

After working on the going dark problem for years, I'm confident that this problem can be addressed from a technical perspective. In most cases, it's just software, and software can be rewritten.

But it's worth reading to remind us of what the other side is thinking, even with a lot of motivated reasoning that makes him conclude that Congress can pass some laws and the going dark problem will be solved.

A reader who is relatively new to this fight asked me is there's a short and accessible explanation of why crypto back doors can't work.

The usual source is the Keys Under Doormats paper written in 2015. Nothing of importance has changed since then, or for that matter since the Clipper chip arguments in 1994.

The essential point is that either a crypto system is secure or it isn't. No software can tell whether a back door key is being used by the FBI, or by the Russian FSB, or a venal version of Ed Snowden who's selling it to the highest bidder. Beyond that, more complexity means more bugs, and back doors are complex. One of the reasons the Clipper chip failed was that people quickly found ways to circumvent the key escrow feature despite it having been carefully designed by the NSA.

The response by law enforcement has always been that we should nerd harder. Their faith in our skill is touching, but their arrogance that they understand what we can do better than we do is not. Crypto is math, not engineering, and they're telling us that if we just try hard enough, we can make 2+2 = 3¾.

By John Levine, Author, Consultant & Speaker
Follow CircleID on
Related topics: Cybercrime, Cybersecurity
SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Share your comments

To post comments, please login or create an account.

Related

Topics

DNS Security

Sponsored byAfilias

New TLDs

Sponsored byAfilias

Whois

Sponsored byWhoisXML API

Cybersecurity

Sponsored byVerisign

Cybercrime

Sponsored byThreat Intelligence Platform

Domain Names

Sponsored byVerisign

IP Addressing

Sponsored byAvenue4 LLC