European Information Security Advisory Says Mandating Encryption Backdoors Will Just Make Everything Worse

from the solving-little,-breaking-lots dept

More and more entities involved in government work are coming out in support of encryption. (Unfortunately, many governments are still periodically entertaining backdoor legislation...) While recognizing the limits it places on law enforcement and surveillance agencies, they're not quite willing to sacrifice the security of everyone to make work easier for certain areas of the government.

The European Union for Network and Information Security (ENISA) has just released its report [PDF] on encryption and finds it to be pretty much essential for everyone's security. Any efforts to undermine this harms the public more than it helps them. (h/t Tom's Hardware)

There is a legitimate need to protect communications among individuals and between individuals and public and private organisations. Cryptography provides the electronic equivalent of letter cover, seal or rubber stamp and signature. In the light of terror attacks and organised crime, law enforcement and intelligence services have requested to create means to circumvent these protection measures. While their aims are legitimate, limiting the use of cryptographic tools will create vulnerabilities that can in turn be used by terrorists and criminals, and lower trust in electronic services, which will eventually damage industry and civil society in the EU.

Mandating backdoors will hurt the countries where they're implemented, sending customers in search of secure computer equipment and services elsewhere. Beyond that, there's the fact that all backdoors can be exploited. Thousands or millions of device users could be negatively affected while very few criminals will suffer adverse effects. If a backdoor exists, it can be exploited by either "side," but only the criminal side will be able to protect itself from unwanted intrusion. Because if you're going to break a few laws, why not break one that forbids you from owning or operating devices with non-backdoored encryption?

Or you could just roll your own...

Technology is changing at a very fast pace. It is questionable if solutions such as backdoors will be effective given that criminals can develop their own encryption technologies.

As ENISA points out, it's not just exploitation by criminals that's the problem. It's also exploitation by government agencies, which may use the handy backdoors to collect/intercept far more than they're legally allowed to.

Judicial oversight may not be a perfect solution as different interpretations of the legislation may occur.

One agent's facially-invalid search warrant is the same agent's legally-unassailable judicial order. This is enough of a problem in the US, where multiple federal districts have resulted in contradictory opinions on identical legal arguments. In the European Union, the problem is only exacerbated. Not only are there multiple courts, but also multiple nations, all with their own laws. Sure, there's an attempt to unify guidance on technical/legal issues under the EU, but only so much can be done. Deciding what is or isn't abusive use of government-mandated backdoors is going to be far from consistent. And that, of course, requires a unified European stance on encryption backdoors, which isn't likely to happen either.

Ultimately, ENISA concludes that tech advancements do pose legitimate challenges to law enforcement/national security efforts, but backdoors are no way to solve the problem. But the solution it does suggest isn't much better. Here in the US, courts routinely defer to Congress when the remedy sought isn't within their power. Over in the EU, ENISA suggests legislative measures are the wrong approach.

Other procedural approaches should be explored that focus on the power of the judicial process to find solutions.

Unfortunately, ENISA does not drop any hints about how EU courts might be able to address government agencies' complaints about encryption. This suggests some sort of All Writs Ordering might be the way around being locked out of devices and computers -- blanket court orders that compel assistance from service providers and manufacturers under the threat of whatever the court can come up with. While this would cause less damage to security than mandated backdoors, a court-ordered backdoor is still a backdoor, and judicial oversight wouldn't be enough to prevent government abuse of these "one time only," purposefully-induced security holes.


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    Seegras (profile), 21 Dec 2016 @ 3:44am

    Surveillance is the biggest threat to security

    The question is simple:

    Do you really want to be responsible for terrorists taking down the electrical grid, using a backdoor you inserted, or a vulnerability you kept secret, because you wanted your surveillance capabilities?

    https://seegras.discordia.ch/Blog/the-biggest-threat-to-cyber-security-is-surveillance/

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 Dec 2016 @ 5:06am

      Re: Surveillance is the biggest threat to security

      "The Electrical Grid" should not be made accessible to the internet. This is basic stuff here, not sure why some people don't get it.

      If it is critical infrastructure, it should remain air gapped and address most sigint precautions.

      reply to this | link to this | view in chronology ]

      • icon
        Arthur Moore (profile), 21 Dec 2016 @ 2:05pm

        Re: Re: Surveillance is the biggest threat to security

        The problem is that costs money.

        Plus, the embedded and process control people are still new to this whole "security" thing. Stuxnet and the IOT security disaster should be proof enough of that.

        No really, I'll bet you good money that if you go to any large plant or refinery and hook into a data bus you'll see large amounts of un-encrypted traffic. That's the data keeping machines and tanks from exploding.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 22 Dec 2016 @ 12:59am

          Re: Re: Re: Surveillance is the biggest threat to security

          I'll bet you good money that if you go to any large plant or refinery and hook into a data bus you'll see large amounts of un-encrypted traffic.

          If that is air gapped from the Internet, it needs physical access to get at, and with physical access data security is the least of their worries. An attacker just needs to know which valve to jam open, or which relay to jam in or out to do a lot of damage, and need not worry about how to use the data bus to do that.

          reply to this | link to this | view in chronology ]

  • icon
    ahmet (profile), 21 Dec 2016 @ 4:01am

    education

    Beylikdüzü Teog Kursu Beylikdüzü’nde butik eğitim, bire bir özel ders merkezi, etüt merkezi, eğitim koçluğu, Butik Dersane hizmetleri veren profesyonel bir eğitim kurumudur. 2011 yılından beri uzman eğitimcilerle hizmet veren kurumumuz her sene başarılarına yenilerini katmaktadır.

    reply to this | link to this | view in chronology ]

  • icon
    Ninja (profile), 21 Dec 2016 @ 5:20am

    "This suggests some sort of All Writs Ordering might be the way around being locked out of devices and computers"

    I call this the "we-the-government-are-damn-lazy-and-reek-of-totalitarianism" option.

    reply to this | link to this | view in chronology ]

  • icon
    Machin Shin (profile), 21 Dec 2016 @ 6:16am

    What really makes this even worse the more I think about it is just how it would have to be put in place. It is bad enough to think about the US wanting a back door, but that is just one country. When you start thinking about it though and thinking about the US, and then EU, then Russia and so on. Suddenly it is not just a little backdoor it is a huge mess.

    Just think about that for a bit. I have serious doubts about the US security agencies being able to protect a backdoor key. You give copies of that key to 30 countries and each of them gives copies to who knows how many agencies inside the country..... suddenly your backdoor key can be found in hundreds of locations and all a hacker needs to do is break into the weakest location and it all falls.

    reply to this | link to this | view in chronology ]

  • icon
    DannyB (profile), 21 Dec 2016 @ 6:21am

    A few nits

    Page 16.

    Conclusion 1.
    "While their [law enforcement] aims are legitimate, . . . ."

    [Citation Needed]
    One should no longer assume that the aims of law enforcement are legitimate. That ship has long since sailed.


    Conclusion 3.
    "given that criminals can develop their own encryption technologies"

    Criminals don't need to develop their own encryption technologies. There are already several good algorithms, well known, published in textbooks, and that do not have a back door and are unlikely to have a trap door.


    Conclusion 4.
    "New technologies which generate once off encryption keys between end users are now being deployed. These keys are not stored centrally by the operator. These types of technologies make lawful interception in a timely manner very difficult. There is every reason to believe that more technology advances will emerge that will continue to erode the possibility of identifying or ecrypting electronic communications."

    Oh, hey! I've got one! Let me try!
    Carry two devices. A regular phone with a mobile plan, just like most people. This provides network access either via WiFi or cellular. A second device, which has no SIM, and is always in Airplane mode, is used to run the communications app which does the encryption. They bad guys [eg, NSA, etc] might hack your phone, but it is only being used to pass already encrypted communications from the other device which has the app you use to communicate, and little else.

    reply to this | link to this | view in chronology ]

  • identicon
    Donal Trump, 21 Dec 2016 @ 6:25am

    WRONG!

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Dec 2016 @ 6:36am

    Online banking – it was good while it lasted.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Dec 2016 @ 6:50am

    I am sick and tired of the need for the terrorist and criminal excuse for every single thing... in this case for NOT getting backdoor encryption!
    Don't get me wrong here, it is great and all, but it should be enough that we, the people, don't want it, and that quite a lot of smart people with extensive knowledge in the area have agreed!
    A majority have spoken and still it seems to require Terrorists and criminals in the reasoning to even be considered valid.

    reply to this | link to this | view in chronology ]

    • icon
      DannyB (profile), 21 Dec 2016 @ 8:10am

      Re:

      Security is always the justification for creating a police state.

      Police work is easy in a police state.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 21 Dec 2016 @ 2:47pm

        Re: Re:

        Here it is being used for a purpose that I like (no holes in encryption), but it just shouldn't be necessary to stoop to the level where we have to use terrorism as an argument.
        An informed people will and have come out against such insane proposals, together with pretty much every expert in the field, and still it seems like "nah, if you don't have terrorists in your wording, we are just gonna do it anyway."

        reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Show Now: Copymouse
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.