back to article WHY can't Silicon Valley create breakable non-breakable encryption, cry US politicians

At last week's RSA security conference, the halls were full of government speakers telling the tech community that it must do the impossible: invent a form of encryption that's strong, but also easy for law enforcement to crack. Ever since Apple and Google enabled full-device encryption by default on their mobile operating …

  1. The_Idiot

    There is...

    ... or may be, the usual possible sub-message here.

    When a US authority says something like this, that the crypto should have an easy way for legal authorities to open anything after 'due legal process', what they seem to mean more often than not is that there should be a an easy way for _US_ legal authorities to open the material after whatever the _US_ thinks is due legal process.

    They appear to see no issue with other country's legal process or authority, since those don;t matter to them.

    I'm also not sure which depresses me more - that they know what they're asking for is impossible, but are asking anyway so the Dear People see them 'doing something' - or that they really think it can be done. Sigh...

    1. Edwin

      Re: There is...

      Hmm... My European personal data housed on an American server by an American company in the USA encrypted by a system that only the American government can pop the lid on.

      What could possibly go wrong?

      (Hint: it's in Mr. Johnson's line about "the privacy rights and expectations of the American public")

      1. Yet Another Anonymous coward Silver badge

        Re: There is...

        > that only the American government can pop the lid on.

        Obviously this would be unworkable, unfair and wrong. Instead the data will also be accessible by your own government, and security forces, and police, and parish council and those of any other Eu country.

        The same keys will also have to be shared with all the agencies where the same software is sold.

        So say 200 countries * 10 layers of three latter agency + 10 different levels of government + 10 different law enforcement agencies + the milk marketing board= 10,000 government depts havign access to your data.

        1. Anonymous Coward
          Anonymous Coward

          Re: There is...

          If I lost my password I could quite possibly be one of the few people left on earth who can no longer access my data.

      2. asdf

        Re: There is...

        >the privacy rights and expectations of the American public"

        Which sadly get such a bad reputation due to the Boomers moving our culture to pure corporatism and the Millennials who think everyone wants to know what they ate for breakfast and what the shit they took after looked like.

        1. Edwin

          @asdf Re: There is...

          While your point about the Boomers and Millennials is spot on (and apparently universally true), my point was rather that the US guvmint acknowledges American citizen's right to privacy, but nobody else's. So while an American's personal information is protected by law in the US, my information is not.

          Yes, there's Safe Harbor, but I don't know that it's bulletproof and in any case only covers a small part of the rest of the world's population.

          1. asdf

            Re: @asdf There is...

            >US guvmint acknowledges American citizen's right to privacy,

            How except in rhetoric? The SCOTUS has whittled the fourth amendment down to a completely literal reading now where the only thing protected is actual paper letters in your own home (better own the property too) and even then they have added lots of loopholes.

          2. Looper
            Flame

            Re: there's Safe Harbor, but I don't know that it's bulletproof...

            It's not. It demostrably failed in the first year of "implementation" and every year subsequently. It is purely a marketing effort to attempt to hoodwink EU citizens that US companies could be trustworthy advocates and handlers of their data. They are not, can not, nor ever will be. The attitude regarding data privacy and security just isn't there in the US landscape. Any further attempts to lie and/or exaggerate how "well" US companies take care of your data will be hopefully met with appropriate derision by all stakeholders.

    2. hutcheson

      Re: There is...

      >When a US authority says something like this, that the crypto should have an easy way for legal authorities to open anything after 'due legal process', what they seem to mean more often than not is that there should be a an easy way for _US_ legal authorities to open the material after whatever the _US_ thinks is due legal process.

      >They appear to see no issue with other country's legal process or authority, since those don;t matter to them.

      >I'm also not sure which depresses me more - that they know what they're asking for is impossible, but are asking anyway so the Dear People see them 'doing something' - or that they really think it can be done. Sigh...

      You're being silly. Indisputably, once you generate math that works differently in the presence of legal paper, it is trivial to make that math work differently only in the presence of U.S. legal paper.

      I propose a different approach: here's a game to introduce at your next party. Call it the "Mike Rogers" Game." The object of the game is to express the maximum amount of obdurate ignorance while simultaneously making the broadest demands--in as few words as possible. Extra credit, of course, if your example is a quotation or precis of something you've actually heard someone say. Herewith a few samples:

      "I don't know anything about Maxwell's Laws, but I don't see why it's impossible to build a refrigerator that generates power instead of consuming it. That would solve all our oil-dependancy problems. I think it CAN be done and it SHOULD be done."

      "I failed second-grade arithmetic, but I don't see why 2 plus 2 always has to be 4. It would solve all our economic problems if accountants could just think outside the box and be more open to alternate ideas."

      "Statistics? I never heard of it. But the average of these numbers would be higher if you just had more numbers."

      The winner, of course, is acclaimed "Mike Rogers For A Day" and gets to peek in everyone else's underwear drawer.

      1. cjb

        Re: There is...

        ... as long as it's not password protected; oh wait ...

  2. Peter Simpson 1
    WTF?

    US politicians want Silicon Valley to create unbreakable encryption?

    But only if they hand the keys over to the government...you know, "for safekeeping".

    Seems like only a short time ago, they were whining that unbreakable encryption would create a playground for pedophiles and terrorists.

    Geez! Make up your minds, already.

    1. Robert Helpmann??
      Childcatcher

      Re: US politicians want Silicon Valley to create unbreakable encryption?

      This is what happens when someone in upper management watches The Expert and uses it as a template for how a project should be planned.

    2. Thorne

      Re: US politicians want Silicon Valley to create unbreakable encryption?

      "But only if they hand the keys over to the government...you know, "for safekeeping".

      Seems like only a short time ago, they were whining that unbreakable encryption would create a playground for pedophiles and terrorists.

      Geez! Make up your minds, already."

      They have. They need the keys to hunt for pedos and terrorists (Not movie pirates and whistleblowers I swear). This is why they should be trusted with the master key........

  3. John H Woods Silver badge

    The only thing that's harder than breakable unbreakable crypto ...

    ... honesty and intelligence in the political classes.

    What has the OK Bomb got to do with it? I mean really? Why wasn't the guy jeered openly when he mentioned it? If we carry on being polite to these people, we're going to be in trouble.

    1. Grikath

      Re: The only thing that's harder than breakable unbreakable crypto ...

      The problem is that a majority of politicians are quite intelligent, especially the ones that stay in the background.

      It's just that they apply that intelligence in a way that makes your average mafioso look honest and respectable.

  4. Anonymous Coward
    Anonymous Coward

    Who's wagging their tale then?

    Aren't the US Spooks decrying that devices like the iPhone encryption is impossible for them to break?

    So what do they want then?

    Encryption that they and only they can break?

    Pah!

    1. Anonymous Coward
      Anonymous Coward

      Re: Who's wagging their tale then?

      "So what do they want then? Encryption that they and only they can break?"

      No. Ignorance. It's obliviousness they've lost and are so desperately trying to (re)create. "Encryption that they and only they can break" is exactly what they believe they've already got in place. Which is exactly why they are saying exactly the oppisite.

      NSA: Never Say Anything.

  5. Anonymous Coward
    Anonymous Coward

    COINTELPRO

    Another wonderful counter-intelegence diatribe from El Reg. The US TLAs imply that they can't break the encryption which they spawned and which they have worked so hard to get us all using... and we're to believe that? Where've you been hiding Reg? Didn't you at least notice "the Snowden revelations"?

    The Register has been brought to you today by the letters M and I and by the number 6

    1. Anonymous Coward
      Anonymous Coward

      Re: COINTELPRO

      COINTELPRO historically was only used on brown people in the US. I guess the times are a changing.

      1. tom dial Silver badge

        Re: COINTELPRO

        I don't think Jane Fonda qualifies as "brown", let alone the Communist party, the great majority of whose members were equally white. J. Edgar Hoover and the numerous presidents for whom he worked, both Democratic and Republican, were largely equal opportunity snoopers.

        Not that the COINTELPRO program has anything to do with the topic at hand.

    2. Steve Todd
      FAIL

      Re: COINTELPRO

      AES was the result of an international competition and international scrutiny. The winning algorithm was created by Belgian cryptographers.

  6. ZSn

    Rubbish

    'if anyone can find a system that does both, Silicon Valley can'

    Rubbish - are there many decent cryptographers in silicon valley? It seems to be populated by hipsters, and caffeine fueled keyboard monkeys. They are the last people you would want to design a reliable cryptographic system. The best cryptographers, unfortunately, are in NSA and GCHQ, and nobody would trust what they would produce so this idea is dead in the water.

    1. Ken Hagan Gold badge

      Re: Rubbish

      "The best cryptographers, unfortunately, are in NSA and GCHQ, and nobody would trust what they would produce so this idea is dead in the water."

      The most depressing thing about this story is that the politicians don't seem to have noticed the immense stupidity of their request.

      Point 1: as Mr Schneier points out, maths works the same way for everyone.

      Point 2: as ZSn points out here, the best cryptographers *probably* work for the NSA and GCHQ and if *they* are the ones complaining then that probably means it can't be done by someone in Silicon Valley.

      Point 3: If it *can* be done in Silicon Valley, why in seven names of fsck is that person able to do something that the government agencies cannot?

      Even if their bizarre maths-of-the-day version of the universe were true, Silicon Valley *still* wouldn't be the place to look for a solution. How stupid do you have to be to be unable to see that?

      1. asdf

        Re: Rubbish

        >"The best cryptographers, unfortunately, are in NSA and GCHQ,

        No they may work with them and a few for them but Belgium seems for whatever reason to put out the best which is probably why the NSA specifically hacked the Belgium Telecom companies and put particular empathizes on hacking several cryptography professors computers.

        1. Anonymous Coward
          Anonymous Coward

          Re: Rubbish

          Don't know about the spooks, but the politicians would think Silicon Valley would be where it's at, because Silicon Valley is about business, which is what they're all in thrall to. It is the only kind of intelligence they respect: the ability to make money!

        2. Morzel
          Boffin

          Re: Rubbish

          That probably had more to do with the fact that BICS (the subsidiary of the telecom company that was hacked) provides quite a lot of roaming hub services to loads of interesting telecom operators (interesting to the NSA/GCHQ, that is).

          I would presume that Langley has other means to keep an eye on our (admittedly very good) cryptologists.

      2. tom dial Silver badge

        Re: Rubbish

        Key escrow systems are not new, and Schneier discussed them in some detail in "Applied Cryptography". Indeed, they were implemented (rather badly) in the Clipper and Capstone chips. Schneier also pointed out the various reasons that having such things, even if well implemented, was a bad idea. Many or most of those reasons are mentioned in the other comments. And then, as now, there was about zero inclination to use them except among the less thoughtful law enforcement officials.

        So it *can* be done, but it *should not* because it (still) is a very bad idea.

        1. P. Lee
          Big Brother

          Re: Rubbish

          >So it *can* be done, but it *should not* because it (still) is a very bad idea.

          Indeed. Or you could force the CA used by your target to sign a dodgy cert for your mitm attack. Or all the CA's for that matter.

          Which is fine as long as your target relies on large CA's, which they would be quite foolish to do. Of course, that would be commercial suicide for the CA, so the government would never suggest that they might already do that. Instead even intelligent and well-briefed personnel would probably loudly complain about unbreakable encryption so that.. oh wait...

          1. blondie101
            Big Brother

            Re: Rubbish

            What make you think that NSA (or other US TLA's) don't have copies of ALL private keys American CA's have signed? I assume they have (because I can imagine it and if I can....). To be safe in a x500 key infrastructure you have to self-sign!

            1. John Robson Silver badge

              Re: Rubbish

              Because a CSR doesn't contain the private key?

              It does contain the public key - but then they can know that anyway...

        2. tom dial Silver badge

          Re: Rubbish

          It is worth noting (credit Schneier for this as well) that various types of key escrow systems have a place as well. Reasonable use cases potentially include businesses where business related email and documents encrypted by individuals must be retrievable in the event of the employee's death, resignation, or retirement.

  7. Anonymous Coward
    Anonymous Coward

    Just clueless...

    That would be the politicians and those who believe authorities are out to get them - unless of course the skeptics are crims. Then the assumption would be true.

    1. Eddy Ito

      Re: Just clueless...

      and those who believe authorities are out to get them

      History teaches them otherwise. They are likely less clueless than well known cattle rancher Frank Oppenheimer and everyone else who had to report to the Loyalty Board or HUAC.

      Доверяй, но проверяй. Sorry Uncle Sam, without the transparency to verify your activities there can be no trust.

  8. asdf

    bah

    I thought they learned their lesson after the Clipper chip fiasco. I guess as good as most Americans in government (and much of the public) are at history (even fairly recent) its no surprise each new generation keeps doing the same dumb shit as the ones before it (Vietnam meets Iraq for example).

    1. Vendicar Decarian1

      The Republican half.

      50% of Americans are incapable of learning.

      They don't need to.

      Their Conservative political ideology tells them exactly how the world works.

      1. asdf

        Re: The Republican half.

        As much I enjoy ripping on especially the religious right and their ridiculous ideological and religious dogma some of the libertarian types are actually on the right side of this issue. Perhaps for the wrong reasons but the end result is correct.

      2. Anonymous Coward
        Stop

        Re: The Republican half.

        @Vendicar

        The problem is not just Republicans. Note that our current FBI and NSA leaders who are riffing on how easy "encryption for me, but not for thee" should be were appointed by a certain powerful Democrat who lives on Pennsylvania Avenue in DC.

      3. tom dial Silver badge

        Re: The Republican half.

        Conservatives, so called, are not alone in having an ideology that tells them how the world works. The Liberals have the same degree of knowledge, but with different content.

      4. Rick Giles
        FAIL

        Re: The Republican half.

        "50% of Americans are incapable of learning.

        They don't need to.

        Their Conservative political ideology tells them exactly how the world works."

        And the other half doesn't need to either.

        They believe the Government we take care of everything that it feels they might need to know.

        And if you aren't in the States, you are probably basing your opinion off of your state run media.

  9. Tubz Silver badge

    Never Happen

    What company or person in their right mind would use encryption that the US of Ass agencies has the keys to and then expect every other company and user in the world to trust that they or their lap dogs in other agencies like GCHQ wouldn't abuse it on their behalf to bypass home privacey laws ?

    1. Vendicar Decarian1

      Re: Never Happen

      Where is the encryption plugins for Email?

  10. Vendicar Decarian1

    Republican Moron.

    former Michigan congressman Mike Rogers – an ex-FBI agent who once headed the Senate Intelligence Committee – insisted that there has to be an encryption system that is both strong against everyone and, if a law enforcement official shows up with a court-obtained warrant, can be broken open to reveal the content.

    "I don't understand why we can't have both," he complained. "I think we can have both, and we should have it."

    Living in Republican La-La land otherwise known as Planet ConservaTard.

    1. asdf

      Re: Republican Moron.

      >Living in Republican La-La land otherwise known as Planet ConservaTard.

      Hmm you name call just like they do. Whenever I hear such things I often assume its some righty trolling the boogieman liberals.

      1. Destroy All Monsters Silver badge
        Holmes

        Re: Republican Moron.

        Especially as President Clingon presided the administration that came up with the harebrained scheme of escrow keys and the Clipper chip (I won't go into summary execution of US citizens by "law enforcement" which saw a righteous uptick back in the Reno/Freeh days...)

        1. asdf

          Re: Republican Moron.

          >summary execution of US citizens by "law enforcement"

          How 1990s, now such things are done by intelligence services. Less oversight that way. Bipartisanship is not dead when it comes to trampling the peon's rights (Patriot act, forgoing due process, ignoring fourth amendment, etc).

    2. Annihilator
      Meh

      Re: Republican Moron.

      "I don't understand why we can't have both ... I think we can have both, and we should have it."

      And I think this guy sums up the problem...

  11. Anonymous Coward
    Joke

    My Lord, I have a cunning plan...

    I have the perfect solution. Clearly having a second encryption key known only to the authorities will fail - because that just downgrades the whole system to one of security through obscurity. No, instead I have a much better proposal, which I call CITM encryption or Court In The Middle encryption.

    In order to send an encrypted message you must first send it to a special Court appointed website, which will encrypt it for you. You then download the encrypted version and send it by standard email as now. Recipients repeat the process in order to receive a decrypted version.

    The beauty of this scheme is that if the 3 letter agencies want to read someone's email, they need only apply to the Court which simply _stops encrypting that person's email_. The agency can then easily read the plain text with no need for decryption at all! Simples!

    Now, how do I get in touch with this Mike Rogers?

    1. Grikath

      Re: My Lord, I have a cunning plan...

      I don't know.... there's no mention of turnips at all!!

      1. Anonymous Coward
        Anonymous Coward

        Re: My Lord, I have a cunning plan...

        > I don't know.... there's no mention of turnips at all!!

        The default encryption key is 'turnipshapedlikeathingy'.

      2. Martin 47

        Re: My Lord, I have a cunning plan...

        Have an upvote for the Blackadder reference

    2. Anonymous Coward
      Anonymous Coward

      Re: My Lord, I have a cunning plan...

      How does this stop the message being encrypted by a proprietary (if not homegrown—impossible to stop because knowledge of cryptography is already public domain) system prior to if not instead of through the courts?

    3. Anonymous Coward
      Anonymous Coward

      Re: My Lord, I have a cunning plan...

      Treat yourself to a Mrs Miggins celebratory pie in the shape of a, pie.

  12. Tony Haines

    asymmetric-key decryption

    You know how password cracking is mitigated with a slow-to-compute hash?

    How about the same sort of deal for encryption?

    Data can be encrypted in a manner which can be decrypted using two independent keys. I don't pretend to understand the maths behind that.

    But would it be possible to massively sway the processing intensity such that one key was 'easy' (i.e. as compute-intensive as strong encryption is today) and the other is, say, a trillion times harder?

    Then the device manufacturer could generate a hard key (per device), give it to the government, and we could all relax, secure in the knowledge that they could only decrypt our files if they really wanted to - so they'd have to target their search.

    Obviously this only provides protection until processing power increases in the future.

    Ideally there would be an untamperable device into which the hard password would be entered, then that could be passed off to law enforcement. If there were only one machine able to decrypt data (per manufacturer, say), then they'd have to prioritise what to run past it. But the untamperable nature would always be a little bit suspect.

    1. phil dude
      Boffin

      Re: asymmetric-key decryption

      Unfortunately, we already have it - it is public-key encryption.

      Multiplication , easy. Factoring hard.

      One of the reasons tri-stability doesn't exist, is due to the basics of mathematical logic that pivot on true/false.

      I other words you would need an algorithm that was easy one way, and hard another way unless you have a secret. The secret is the backdoor, and as with all secrets once it is out....

      P.

      1. Antonymous Coward
        Thumb Up

        Re: asymmetric-key decryption

        *EXACTLY* what PD said... and that's *EXACTLY* we're so vehemently discouraged from generating keys greater than 4kb in size, even though *EVERYONE* with any expertise in the field *AGREES* that you *NEED* a key of at least 6kb-8kb to stand any chance of attaining long term security.

        1. tom dial Silver badge

          Re: asymmetric-key decryption

          Citation, please, along with definition of "long term"?

          1. Antonymous Coward

            Re: asymmetric-key decryption

            Citation, please, along with definition of "long term"?

            Really?

            That will last or have an effect over a long period of time.

            That is not likely to change or be solved quickly.

            In the context of encryption as I used it above, I personally consider the terms of "terms" to be something in the region of

            short term: >5yrs

            medium term: ~5-20yrs

            long term: ~20-50yrs

            or thereabouts. With people often living for around a century a good argument can be made for doubling those figures but in the context of "classical" asymmetric ciphers things get a bit (even more) sketchy: I doubt you'll find *ANYONE* competent who'd recommend anything other than "well, 2kB if you must but you really should be using something symmetrical" for a 40-100 year range.

            "Citation"? Is your Google broken? There are hundreds. All remarkably similar. Here's a nice succinct table from 2012 presenting NIST recommendations with all the pertinent data in one place:

            http://www.arpapress.com/Volumes/Vol10Issue2/IJRRAS_10_2_16.pdf (page 7)

            1. tom dial Silver badge

              Re: asymmetric-key decryption

              Thanks for the reference.

      2. Tony Haines

        Re: asymmetric-key decryption

        //Unfortunately, we already have it - it is public-key encryption.//

        Could I have some clarification on this please? Because I'm unsure whether you're pointing out something I don't understand, or you just didn't understand what I was proposing.

        I was describing a system which

        a) I can decrypt easily using my key

        b) the government can decrypt using their key, but it requires an industrial-scale infrastructure a day to do so.

        c) without either key, can't be decrypted before the heat-death of the universe.

        //One of the reasons tri-stability doesn't exist, is due to the basics of mathematical logic that pivot on true/false.//

        Are you suggesting here that it's impossible to have a crypto system to have two keys with different complexities of decryption?

        Because given that we already have satisfactory sub-systems:

        1) crypto systems where the plaintext can be recovered using two independent keys (I think these basically just encrypt a random 'true key' using each key and store them all along with the encoded message)

        2) crypto systems where encryption and decryption have different keys (i.e. public key encryption)

        3) proof of work functions with selectable difficulty, which (3b) can be iterated to smooth out the success rate

        I reckon that combining them together is essentially an engineering exercise. One could bodge it together using existing functions (see below), so it can't be impossible. A more elegant synthesis would be desirable.

        If (1) works how I suggest above, it trivially works with public key encryption(2). And we could not store quite all the government's encoding of the true key to get (3). So they'd have to attempt decryption multiple times (which they could do in parallel). Then we repeat this multiple times, so a smaller facility wouldn't occasionally get lucky (3b).

        Of course others have pointed out that it's not going to be something the smart crims use, but that's not what they asked for.

  13. rjmx
    FAIL

    What about current crypto?

    And even if they do find this Holey Grail (misspelling intentional), what are they going to do about all the current crypto systems that they can't crack? Make them illegal?

    Yeah, that's gonna work. The horse has not only left the stable, it's half-way across the valley by now.

    1. Eddy Ito

      Re: What about current crypto?

      Actually I think that horse has even foaled a few times since it left.

    2. Vector

      Re: What about current crypto?

      "And even if they do find this Holey Grail (misspelling intentional), what are they going to do about all the current crypto systems that they can't crack? Make them illegal?"

      Sadly, with the government mindset outlined in the article, here's how it may well play out:

      1) TLA's continue their search for this "Holey Grail"

      2) Some charlatan comes along with a system that appears to fit the bill and works passably well without close scrutiny.

      3) TLA's lobby congress to make this the only legal encryption system or, barring that, the system required for any government contractor.

      4) Hacker's get their hands on the keys.

      5) We're all pwned.

      I guess the silver lining in this thundercloud is that those politicians and TLA's would be among the first to get their boxers aired.

    3. Charles 9

      Re: What about current crypto?

      "And even if they do find this Holey Grail (misspelling intentional), what are they going to do about all the current crypto systems that they can't crack? Make them illegal?"

      No, most of them are susceptible to Shor's algorithm. And while we know about public progress with quantum computing, that says nothing about black projects (like perhaps one in Utah being covered up by the big data dump project) where they're already breaking early crypto. Meanwhile, most post-quantum crypto systems have problems of their own (very slow, easier to break, etc.).

  14. Doctor Syntax Silver badge

    OK, let's assume it could be done

    If such a system were devised and mandated for appliances on sale in the US, UK or wherever what good would it do? The complaints tell us that there are unbreakable cyphers already out there. So if I were a criminal wanting to communicate with my organisation what would I do?

    1. Rent a server somewhere out of reach.

    2. One of the unbreakable cyphers to encrypt the message with a suitable key (see below).

    3. Wrap the encrypted message up as data within a decryption program to make a file which will self-decrypt once supplied with the key (cf self-unzipping files) and post to the server. For extra points make the file install a selection of nasty malware if supplied with the wrong key.

    4. Organisation members download, supply they key, read the message & then delete.

    5. The key would be some innocent looking message gleaned from the net by some agreed method. For instance if the intended recipient were a British Muslim of Pakistani origin the key might be taken from a forum specialising in Pakistani cricket. The sender would select some suitably long post, find a comment to it and post a reply under an agreed handle. The key wouldn't be anything the sender wrote but a perfectly innocent message some distance removed. If the recipient were in IT the key could be the first page of Dabbsie's weekly offering.

    The recipients would need to exercise some communications discipline, downloading from open wifi, downloading key & message from separate access points etc.

    Maybe the scheme is already in use with amanfrommars's posts as they key. It would explain a lot.

    The significant point is that encryption technology is generally available. Constraining commercial products to use something broken doesn't inhibit its use by those who want to be secure. Making its use illegal would have no effect. If you're already doing illegal things are you really going to be put off by having your communication channels made illegal? The only people who will be affected are the innocent users of commercial products who will have their privacy invaded.

    1. Cliff

      Re: OK, let's assume it could be done

      It's the same mindset that forced legitimate DVD purchasers to sit through an unskippable FBI warning that pirates didn't think worthy of recreating thereby punishing only the innocent customers, not the enemy freeloaders.

      Strong crypto exists, so that's what people are going to use, there's only disadvantages to using nobbled crypto.

  15. Anonymous Coward
  16. Anonymous Coward
    Anonymous Coward

    Perhap he should have invoked a case this would make a difference instead of the OKC bombing. As this would do jack shit with someone talking to others in person and paying cash for items under fake names.

  17. Destroy All Monsters Silver badge
    Trollface

    Government wants P=NP, but only for itself!

    Math says this is impossible? Hold Math in contempt of court!

    1. Anonymous Coward
      Anonymous Coward

      Re: Government wants P=NP, but only for itself!

      Math is just a tool of the devil that leads one to improper dangerous thoughts. Darn no joke alert as AC sorry.

  18. Chris G

    Imagine a world without the Interthingy

    What on earth would terrorist and spies do then?

    Perhaps they could use old fasioned telephones, dead letter boxes, use a cell system, actually talk to someone, microdots, snail mail or shipping such as DHL and FedEx to name just a few.

    The dumb terrorists are the ones we know about, the smart ones are already using secure fieldcraft and probably don't rely on the internet for anything really sensitive.

    1. Anonymous Coward
      Anonymous Coward

      Re: Imagine a world without the Interthingy

      Telephones can be tapped and dead drops observed. Moles can infiltrate face-to-face encounters, and snail mail can be intercepted. Al Queda was no idiot group and even THEY got infiltrated, which in turn led to bin Laden's demise.

      1. Anonymous Coward
        Anonymous Coward

        Re: Imagine a world without the Interthingy

        While what you say is true (though you didn't mention one time pads). If you believe the official version Bin Laden was killed because of some old fashioned spycraft, specifically a vaccination program run by an NGO was used to identify the bin laden family DNA which led to his location, not infiltration per se. (Also led to the unintended consequences of numerous WHO and other NGO staff being killed by the Taliban / Al Q, but hey we got teh BAD GUYtm so Hooahh).

        1. Charles 9

          Re: Imagine a world without the Interthingy

          One-time pads are impractical, even today, and especially in areas where computers are unavailable. There's just too much upkeep involved, and that upkeep raises the possibility of the pad being intercepted.

          As for how they found bin Laden, I recall the method was sleuthing and a bit of luck (they got a lead on a trusted lieutenant and carefully tracked him).

    2. SolidSquid

      Re: Imagine a world without the Interthingy

      Pretty sure I remember a story a few years back where it was discovered Al Quaeda had been using steganography to hide messages in innocuous images and then just posting them publically, and because of the way staganography works none of the FBI's tools for detecting illicit communications had been picking it up.

      So they are using the internet, just being smart about it

  19. Mike 16

    Call in some theologians

    Haven't they been working on the "Can God make a stone so heavy He cannot lift it" problem for a while? Time for a status report.

    1. DNTP

      Re: Call in some theologians

      If we assume an object described as "heavy" and "stone" has intrinsic mass-per-volume properties typical of the common material, then beyond a certain mass, the stone will start collapsing under its own gravitational force, thus increasing it's density. Since infinitely dense objects of limited size (singularities) are known to exist, and universe-sized objects of limited density are known to exist (the Universe), we must postulate that a stone large enough to approach the so-called "God Limit" of a literally omnipotent being must be both infinitely dense and infinitely large. Such an object would obviously dominate the gravitational reference frame of the known universe, and be incapable of movement without carrying the entire frame in total, thus from any point in the frame it would be unmovable. However, from God's point of view, God could still move that object.

      The tie-in to the encryption story, of course, is that even a mythic stone of infinite density and volume can't compare to the density of some of these idiot politicians, and whenever they decide to move on a technological issue they drag everything else around them in stupid directions.

  20. Old Handle

    It's not a technological problem, it's a political one

    The technological half is simple, give one key to the user and one the the feds. The political problem is for the government to make itself trustworthy enough that this solution is acceptable.

  21. Anonymous Coward
    Stop

    Throw away bathwater (baby removal optional)

    "encryption is making it harder for your government to find criminal activity, and potential terrorist activity"

    And as long as 90% plus of encryption is used for things like making it harder for criminal activity to be directed against my bank accounts, I vote that we leave things the way they are.

  22. Rick Giles
    Black Helicopters

    Ummm, say what now?

    "The head of the FBI issued dire warnings of children dying if the crypto trend was allowed to continue."

    So... kids weren't dying before we had encryption?

    Fecking government.

    1. Anonymous Coward
      Childcatcher

      Re: Ummm, say what now?

      Well, the good news is that the FBI no longer wastes our time with warnings about the communists who are under every bed.

    2. tom dial Silver badge

      Re: Ummm, say what now?

      Children probably will die, facilitated by encryption that law enforcement officials cannot decrypt, although the number will be quite small. More common will be exploitation in the form of kiddie porn, similarly facilitated. The fact that nearly everyone given a choice probably will prefer to use encryption that the authorities cannot break should not blind us to the fact that this will lead to occasional bad outcomes. Like most choices, this one involves competing values, costs, and benefits. The fundamental problem with what the law enforcement people say they want is that the costs, actual but mostly potential, are far too high and the benefits are both far too low and far too easy to circumvent.

  23. Anonymous Coward
    Anonymous Coward

    I thought they already had what they wanted

    It is called AES. Easy to build giant government financed crackers with billions of nodes, hard for everyone else. Of course the local plods can't gain access (because the GC (giant cracker) is secret) but if the government specifies static keys and bans perfect forward secrecy at least they could chase the few terrorists who aren't the proverbial low hanging fruits.

  24. Six_Degrees

    If you want access, go get a court order. That allows you to threaten the withholder with prison if they refuse to comply. It's strong leverage, and it has worked extremely well in the past on many other fronts.

    Giving police carte blanche to pry into your information is a bad idea right from the outset, and weakening encryption implementations to facilitate it just makes it that much worse.

    1. Anonymous Coward
      Anonymous Coward

      "If you want access, go get a court order. That allows you to threaten the withholder with prison if they refuse to comply. It's strong leverage, and it has worked extremely well in the past on many other fronts.

      Giving police carte blanche to pry into your information is a bad idea right from the outset, and weakening encryption implementations to facilitate it just makes it that much worse."

      Assuming the suspect is within the reach of law enforcement. If not (and many paedos and the like tend to live in foreign lands), then you'll need to convince whoever houses the suspect to turn him or her over, and that will likely require more than what it takes to get a warrant. So what now?

      1. Anonymous Coward
        Anonymous Coward

        likely require more than what it takes to get a warrant. So what now?

        They get away with it for a while, that's life. You want perfect security go lock yourself up in a sealed box somewhere.

      2. SolidSquid

        In this case though it's... kind of out of juristiction? I mean the FBI can assist the local law enforcement in whatever country the offender is in, but if they're outside of the US and committing crimes then it really should be the country they're in who enforce the law against them (assuming whatever it is is against the law in that country)

        If you're talking about someone committing a crime in one country then leaving to go live in another (whether the one they were originally from or not), then the evidence which got them a warrant plus evidence they were in the country at the time should be sufficient for extradition

        1. Anonymous Coward
          Anonymous Coward

          "If you're talking about someone committing a crime in one country then leaving to go live in another (whether the one they were originally from or not), then the evidence which got them a warrant plus evidence they were in the country at the time should be sufficient for extradition"

          No, they're living out of the country but sending stuff back in. In this case, the plods are trying to nail the mastermind (the producer) after they take the mules (which are easy to replace), only to learn he's in another country: one not wholly interested in listening to you unless you can make one hell of a case. Consider why many paedos tend to live in countries like Thailand and Cambodia: not only supply but lax law enforcement unless you raise the matter to the level of international stink (then they'll look into nailing them and extraditing them, but not before then).

  25. chivo243 Silver badge

    Sniff?

    Really smells like the King asking for the keys to his kingdom when he can't be trusted with them in the first place... or remember where he last saw them.

  26. Henry Wertz 1 Gold badge

    Read about Clipper chip.

    "Daniel stressed that this must be a balancing act."

    Whenever someone talks about a "balancing act", look out, they are looking to take away your rights!

    Anyway... why don't these jokers read up about the Clipper chip. The best and brightest at the NSA came up with this at the behest of clueless Feds at the time, who requested a crypto system that would be "secure" until the Feds wanted it not to be. This involved a (secret at the time) 80-bit-key crypto system, a crypto key, and an "escrow" key where 1/2 was stored with NIST, 1/2 with the Dept. of Treasury, and on request *WITH A WARRANT* (yes they still cared about warrants then...) these two 1/2s would be fed into specialized decryption hardware (supposedly with an expiration date so the system would automatically quit decrypting if the Feds did not properly extend their warrant.)

    Well, you can guess what happened -- well maybe not, you'd expect the master key was immediately found or something. But actually... mind you, this was by pure cryptoanalysis on a chip where the algorithms were not disclosed -- an algorithm design flaw was found so the chip could be made to use different keys, making the "key escrow" key useless for snooping.

    I can't find any info on this now, but my recollection was over the next year or so, other anomalies were found suggesting protocol weaknesses (i.e. it wasn't cracked, but made people suspicious of weaknesses), to the point that even those who trusted the Feds were no longer trusting the Clipper chip -- and this was before any hardware with one of these chips had actually shipped. About a year later, they gave up trying to rope vendors into shipping hardware with Clipper chips, and released the specs for the Skipjack crypto algorithm. It took *1* day for analysts to find weaknesses in this algorithm (although not fully break it.)

    Finally, they were using a relatively weak 80-bit key, while assuring everyone involved this should be fine for 30-40 years. This of course underestimated computer technology -- by 2010 (15 years later) all recommendations were to quit using any algorithm using that short of a key, because it's trivial to break using brute force.

    If you are using your own crypto, you can crank up the key length, and use newer algorithms, as you wish... if you are roped into using some federally mandated, backdoored, crypto, you know this is not going to happen (even if they had the best of intentions, they'd probably get mired in political processes to long to actually roll out new cryptosystems as needed.)

    1. Anonymous Coward
      Anonymous Coward

      Re: Read about Clipper chip.

      "Finally, they were using a relatively weak 80-bit key, while assuring everyone involved this should be fine for 30-40 years. This of course underestimated computer technology -- by 2010 (15 years later) all recommendations were to quit using any algorithm using that short of a key, because it's trivial to break using brute force."

      I think that was mainly due to existing restrictions on crypto tech (which was considered munitions and a matter of state; recall this was just after the Cold War). That's why DES ended up the way it did. The crypto restriction bit kinda had to take a back seat when foreigners (like the Israelis) managed to produce crypto under no such restrictions.

  27. GBE

    Just because some guy doesn't understand...

    former Michigan congressman Mike Rogers:

    "I don't understand why we can't have both," he complained. "I think we can have both, and we should have it."

    What an amazingly, astoundly stupid and arrogant thing to say in public. [OK, maybe if I knew the guy, I wouldn't be as amazed.]

    Some random Joe (or Mike) doesn't understand why something is impossible, therefore it must be possible.

    Hey! I don't understand why nuclear fusion isn't cheap and easy! I think it can be, and we should have it!

    Well, Mike how about you "don't understand" in one hand and sh*t in the other. We'll see which hand gets full.

  28. Jamie Jones Silver badge

    Before the internet, no criminals could communicate in private

    Yes, before the internet, all terrorists, pædos, and other assorted bogeymen were unable to plan their dastardly deeds without being collarred by old bill.

    It was impossible for said nogooders to have private conversations in their houses, in parks, in their vehicles, on the beach..

    No such rascals could send coded messages via any other means, and basic one-time-pad mathematics was only invented (not simply 'discovered') when the hoodlums got broadband.

    Yes, before the internet, all this was impossible, and good old plod knew everything everyone (but only if they were a baddie) knew/thought/wrote/spoke, and times were good.

    We lived in a time of total Big Brother (but only for miscreants) and now that's all been ruined by the internet, encryption, and that new-fangled 'maths'

    1. Anonymous Coward
      Anonymous Coward

      Re: Before the internet, no criminals could communicate in private

      Not so much impossible as much more difficult to facilitate, especially during the critical "first contact" phase. Moles were easiest to insert during these phases. First contact also limited the avenues of covert communications due to the Hard problem of Alice and Bob trying to establish a mutual trust when they've never met before (and the problem of trusting a Trent who could really be a Gene).

      With less electronic communications, contact of a personal nature usually involved expensive and open travel plans that could be subject to investigation and so on.

      And while one-time pads were known for decades, even TODAY they're hard to implement properly, owing mainly to the fallibility of the human brain. And anything not in the brain could be intercepted.

      Put it this way. Criminal enterprises may have existed prior to the Internet, but did they exist to the same breadth and extent they do NOW?

      1. Jamie Jones Silver badge

        Re: Before the internet, no criminals could communicate in private

        Fair points, and you are, of course, correct.

        I guess my exageration/over-simplification is my reaction to the over-sensualised rhetoric coming from politicians etc. who act as if the sky was falling in.

        I'm sure similar arguments were made when privately owned vehicles became mainstream, and when the telephone was invented etc!

    2. Vic

      Re: Before the internet, no criminals could communicate in private

      good old plod knew everything everyone (but only if they were a baddie) knew/thought/wrote/spoke

      Actually, Plod *did* know quite a bit.

      Information leaks over short distances. When we actually had a community, the Bad Guys often got caught because their friends and neighbours knew what was going on, and disapproved. It wasn't 100% effective, but better than we have now.

      But current Law Enforcement personnel no longer try to be part of that community - they are aloof, and even to go near a copper can be hazardous to oneself (since none of us are quite as innocent as we might wish to be[1]). And so Plod's own attitude towards the community is the reason it no longer knows what is going on. The solution is relatively simple, but I suspect it would make Police recruitment rather harder :-(

      Vic.

      [1] For example, there's no way I'm going to come forward to make a statement about another driver's behavior if to do so would demonstrate that I was speeding. So the cops will have to do their own surveillance - and they'll get neither of us lawbreakers, because they won't settle for the more egregious case; they want both.

      1. Anonymous Coward
        Anonymous Coward

        Re: Before the internet, no criminals could communicate in private

        "So the cops will have to do their own surveillance - and they'll get neither of us lawbreakers, because they won't settle for the more egregious case; they want both."

        Because we demand no less from them. If they get one but let the other get away (especially if the one that got away goes on to commit vehicular homicide), they get railed. Perfection is the only way to keep a panicked public sated, so you can imagine what happens: a public that's never satisfied because they either let crooks get away or pry too much (and the medium is UNhappy because the cops end up doing BOTH instead).

        1. Vic

          Re: Before the internet, no criminals could communicate in private

          Because we demand no less from them.

          You might. I don't. I'd much rather they caught some bad guys, rather than catching none because they insisted on going for every little thing they could.

          Vic.

          1. Anonymous Coward
            Anonymous Coward

            Re: Before the internet, no criminals could communicate in private

            You don't, but you're in the minority and are basically outvoted. One smart vote vs. ten stupid votes. Guess the outcome.

  29. Boatdocster

    Sign seen on the back of a horse trailer -

    "The floor of this trailer is covered with political promises"....

  30. Stevie

    Bah!

    Mike Rogers must know the woman who just demanded I produce a report of which tapes our silo unloaded the night before it actually does so.

  31. dan1980

    "I don't understand why we can't have both," he complained.

    Couldn't agree more - he doesn't understand.

  32. Adrian Tawse

    "I don't understand why we can't have both,"

    The reason is you are stupid!

    How many times have I heard "I don't understand why... " from Project Mangers and oh so many times have I bit my lip rather than make this reply.

  33. naive

    We have something to defend

    The challenge is clear, design an encryption scheme so that when Bob and Alice exchange information, a third party Gov, has access to information so Gov can easily read the plaintext of the exchange between Bob and Alice. For any other parties outside Bob, Alice and Gov it should be hard to get access to the plaintext information exchanged between Alice and Bob. Further the encryption scheme should allow easy update in case that the secret information Gov uses to decrypt the communications between Bob and Alice becomes public by mistake.

    It seems rigged, but outside US and Europe, the world is mostly a pretty sad place to live in, so we have something to defend against millions who think they can steal. If designed well, such an algorithm can even divide the world in regions, so the Chinese can spy on their own, but not on us.

  34. Anonymous Coward
    Anonymous Coward

    But what about...

    I'm going to go out on a limb here and point out that it's quite easily possible to create this sort of encryption.

    It would involve sending the decryption key along with the data, but encrypting it with the NSA's public key.

    Of course, it's still a stupid idea. If Iran / N. Korea / China is willing to spend billions on building nuclear plants then they're going to be willing to spend even more on a supercomputer plant the likes of which the world has never seen, with just the hope of factoring the global "master key".

    1. Vic

      Re: But what about...

      It would involve sending the decryption key along with the data, but encrypting it with the NSA's public key.

      OK, so Alice sends Bob a message so encrypted.

      How does Bob get the decryption key out again, unless he knows the NSA's private key?

      Vic.

      1. Anonymous Coward
        Anonymous Coward

        Re: But what about...

        The same way he would now.

        You encrypt the stream using a session key, but you'd also have to send the session key in the clear (of the encrypted stream), but encrypted using the NSA public key.

        ByteCount(AES(SessionKey, NSA-Public)) + RSA(SessionKey,NSA-Public) + AES(PlainText,SessionKey)

        That way you can capture the packets, decrypt the session key with the NSA private key, and read the contents of the original message, the two endpoints having already established their shared secret state box and thus being able to decrypt it themselves.

        Kinda the same way as multiple recipients works; you encrypt the sole session key with the recipients public keys, one message, multiple people able to unlock it.

        1. Anonymous Coward
          Anonymous Coward

          Re: But what about...

          Sorry for double post, that should be:

          ByteCount(RSA(SessionKey, NSA-Public)) + RSA(SessionKey,NSA-Public) + AES(PlainText,SessionKey)

          Basically whatever you need to know how much of the payload is the RSA key.

        2. Vic

          Re: But what about...

          The same way he would now.

          That could only possibly work for a small subsection of the encryption that goes on, then.

          Currently, Alice will encrypt a messge with Bob's ublic key, and he will decrypt it with his private key. For Alice to send the decryption key with the message - she would need Bob's private key. That means it's not private any longer.

          You encrypt the stream using a session key

          So your system can only possibly work in a mechanism whereby a symmetric session key is negotiated between the endpoints. That cuts out the bulk of such messages. It also means that - were one to want to do something nefarious - it would be trivially easy just to send something other than that session key as the purported decryption key - which would only be discovered much later, when the transmission is decrypted by Law Enforcement. Thus it will be a hindrance to people going about their normal lives, but won't touch anyone who is prepared to fake the session key. And if someone's happy to blow up a building, I doubt there'll be much compunction over lying about a decryption key.

          TL;DR: your mechanism is, like so many others, entirely useless when it comes to law enforcement, despite requiring significant intrusion into the private lives of innocent people.

          Vic.

          1. Charles 9

            Re: But what about...

            "So your system can only possibly work in a mechanism whereby a symmetric session key is negotiated between the endpoints."

            Look, it's basically how PGP-encrypted messages work. The message itself is encrypted using a one-time symmetric session key. This is done for reasons of speed (symmetric encryption is much quicker than asymmetric) and to allow for multiple recipient, which I'll elaborate. This session key is then encrypted using the PUBLIC keys of all the recipients: one copy per recipient. In such a scheme, all the plods need is to always be on the recipient list; a copy of the key is encrypted for them. Anyone who's a targeted recipient can then decrypt the message by using their private key to decrypt the session key from one of the key blocks.

            Not saying it's infallible (who's going to have the plods' private keys is the key mistrust here), but it's a tried-and-tested system.

            1. Vic

              Re: But what about...

              Look, it's basically how PGP-encrypted messages work.

              But it isn't how Diffie-Helman-encrypted messages work. ITYF one of these is used more than the other, since PGP is a hybrid that incorporates DH...

              Vic.

              1. dan1980

                Re: But what about...

                @Vic

                "But it isn't how Diffie-Helman-encrypted messages work."

                Sure, but, again, this is largely irrelevant. As you pointed out, the onus is on the sender to encrypt things appropriately and thus getting around this only requires the sender to do it in such a way that that the government can't read it.

                But there are other complications too. Starting from a position that the certain government agencies should have access to data (a position I do not at all agree with), we instantly come to a problem: which agencies should have access to what data?

                When sending data that you are encrypting with a government key (so they can also decrypt it), the question becomes: "whose key"? The FBI? The NSA? The DEA? SEC? The police? If so, which jurisdiction?

                Given the idea of 'use a government key', that implies that it would be one agency responsible for decrypting this stuff and then providing the plaintext version to the relevant authorities. So who are we putting in charge of this?

                But, again, all that is moot because given that this encryption can be performed at the user end, what's to stop someone just not using the gov key? I mean, if someone is planning a serious 'terrorist' attack - the kind that apparently warrants this level of big-brother - then why on earth would they use an encryption standard that the government can decrypt?

                You could bake this into phones and perhaps websites and so forth but those who want to get around it can. The result is then that ordinary people are having their conversations and data recorded and decrypted but those actually 'up to no good' aren't.

                This argument alone should be enough to make those clamouring for this access understand why it won't fulfill their stated goal. But then then know it won't do that and that's not a problem because what they really want is to snoop on ordinary people.

                In other words, arguing that a data collection proposal will only affect normal, innocent people will never dissuade the government or the agencies because that's exactly the type of data they want.

                1. dan1980

                  Re: But what about...

                  And then you can add another level of complications - what about different countries?

                  I wonder how some in the EU would respond if (e.g.) Apple had their phones all sending encrypted data to the US and providing keys. Presumably they would insist that no such phone be some in their countries. The result is a different device (or service) be made for that location. And any other.

                  Even more complication if, say, the UK wants its own keys for UK phones and China theirs. And France. And Australia.

    2. tom dial Silver badge

      Re: But what about...

      As I recall it the Clipper and Capstone chip had a better key management system, in which the key information shared with public agencies was encrypted with a key unique to the device. The device key was split and the pieces distributed to different escrow agencies, to be reassembled and used based on issue of a search warrant.

  35. Catfitz

    Oh, come now. El Reg needs to talk to more experts than these two cadres who are operatives in the crypto-anarchist movement. Obviously *they* will tell you that it is "impossible" -- just like for years these same people told us that it was "impossible" to digitally protect copyright because anything can be copied or cracked -- and yet now tell us there is invincible code that can't allow law-enforcers *even with a warrant* to enter.

    There's something deeply criminal and sinister here and I would expect El Reg, with its long and illustrious history of crying foul on all the copyleftist nonsense coming out of Silicon Valley, to cry foul on crypto-anarchy.

    There are all kinds of ways this can be done starting with the obvious, the skeleton key that works on all phones which the hysterics keep telling us "can't" be done because Russians or Chinese or Al Qaeda will hack it.

    That's funny, you said nothing could crack this code, and yet if you lock up the skeleton key really well, that can be hacked because...Internet. But we all live in an environment of massive hacking and people devise all kinds of systems every day, organic and mechanic, to cope to deter and at least mitigate the situation if not cure it.

    The same approach can be taken to the skeleton key protection. Make a skeleton key that allows for changing or obfuscation or a range that hackers can't figure out, or a pattern they can't figure out.

    Then there's two-factor keys that have been discussed which we're always told is "hard." Well, allowing criminals to roam free is hard, too, so work on it.

    We're told by young Matt Apuzzo that in fact the feds can wiretap real-time phone calls. Oh? So if they can do that, why can't they also get into this black closed box?

    The cryptos were allowed to win the first two rounds of the crypto wars -- Clipper Chip and PGP. They can't be allowed to win this one or we will live under the tyranny of anarchy -- which we increasingly do anyway because of Manning, Snowden, Anonymous, etc.

    And they don't to win it in order for all of us to have privacy but with some capacity for law-enforcement in a democratic society to be able to control crime. Otherwise, we are handing over the Internet and all things digital -- and here comes the Internet of Things -- to people who under cover of privacy rights instigate crime, terrorism, and anarchy to destroy states. I'm serious.

    1. Anonymous Coward
      Anonymous Coward

      "The cryptos were allowed to win the first two rounds of the crypto wars -- Clipper Chip and PGP. They can't be allowed to win this one or we will live under the tyranny of anarchy -- which we increasingly do anyway because of Manning, Snowden, Anonymous, etc."

      There are those who would prefer anarchy to tyranny. At least with no government, you know who's responsible for your skin.

    2. Anonymous Coward
      Anonymous Coward

      @Catfitz - have you ever considered that in this case the experts might be right?

      Do want a proof for it? Unfortunately, although it is much more accessible than the proof for Fermat's Third Theorem, it still runs to about 80 pages of Mathematics. While some of us read this and think it poetry (for me it is much more beautiful and affecting than poetry), most people find it intensely tedious and boring.

      Or is reality pandering to the crypto-anarchist movement?

  36. Catfitz

    I guess you never read this?

    http://apps.washingtonpost.com/g/page/world/encryption-techniques-and-the-access-they-give/1665/

    Of course it's possible. The two people you've interviewed here don't think it is because they don't *want* any government capacity for access to digital communications and devices. They are activists -- of course they think that.

    You need to ask more adults about this who have a greater understanding about the need for cooperation with law enforcement.

    1. gazthejourno (Written by Reg staff)

      And your position is?

      1. Anonymous Coward
        Anonymous Coward

        @gazthejourno

        I went to the link, and guess what? Catfitz1 had the following comment:

        <quote>We cannot let the crypto-anarchists decide this public policy by riot - or big companies like Apple catering to crypto-anarchist users, either.

        The FBI needs to have access to phones -- full stop. What's the plan to stop crime otherwise?! </quote>

        What a surprise...

  37. Crisp

    Remember when the DVD encryption key got leaked?

    They couldn't stuff that genie back in bottle, what makes them think that they can do the same with a law enforcement encryption key when it gets leaked?

    1. tom dial Silver badge

      Re: Remember when the DVD encryption key got leaked?

      As this suggests, key distribution and control is one of the hard problems in cryptographic system design. A master key or a set of individual device keys for a crypto system would be an extremely high value target that a wide variety of baddies would spend large amounts of time, money, and effort to obtain. Assuming a lack of scruples, they would use cyber attacks, bribery, extortion, and all other methods that criminals and spies use to obtain secrets. It is likely that eventually some of the data would be compromised.

      Given the undeniable skills available to agencies like the NSA and in the private sector, it is quite likely that they could produce a system that would be secure far longer than the lifetime of any device that exists or is contemplated. It also is possible that a key management system could be devised that provides oversight and security against compromise that reasonably can be expected to extend beyond the expected life of current and proposed devices and includes reasonable precautions against misuse of escrowed key information by those who would, under proper supervision, be authorized to collect and decrypt communication and data.

      The real problems are political, and are quite difficult to solve under democratic regimes where the electorate is variably ignorant, indifferent, and politically inert; where the tiny fraction of politically active extremists of all persuasions get highly disproportionate publicity and attention.

      1. Charles 9

        Re: Remember when the DVD encryption key got leaked?

        "Given the undeniable skills available to agencies like the NSA and in the private sector, it is quite likely that they could produce a system that would be secure far longer than the lifetime of any device that exists or is contemplated."

        I don't think you can. This becomes similar to the Siege Problem. Basically, ANY system you come up with becomes a moving target much like a castle is. In a siege situation, time dictates that the besiegers will win out over the besieged because the besiegers are more flexible. And given that many of the NSA's adversaries are states themselves who would be even more motivated than the NSA to break through, and given that in most security, the intruder only has to be lucky ONCE...

  38. quartzie
    Coffee/keyboard

    No new research necessary at all

    Since the good fellow wants to have his cake and eat it too, I suggest we mandate a simple substitution cipher for all his private email.

    Given that the weakest link in any encryption system is the human element, having a human-controlled backdoor to cryptography is akin to sending a partially sealed envelope.

    Given their track record, it is unreasonable to trust any government to look out for the people. The US govt is just a case in point, openly paying homage to the highest bidders (er... lobbying parties).

  39. Anonymous Coward
    Anonymous Coward

    Clipper

    Does anyone remember the Clipper Chip??

    They still have the dream, and will not let go.

    My only comment is that they really need to join the reality-based community.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like