My Question To Deputy Attorney General Rod Rosenstein On Encryption Backdoors

from the golden-key-and-databreach dept

Never mind all the other reasons Deputy Attorney General Rod Rosenstein's name has been in the news lately... this post is about his comments at the State of the Net conference in DC on Monday. In particular: his comments on encryption backdoors.

As he and so many other government officials have before, he continued to press for encryption backdoors, as if it were possible to have a backdoor and a functioning encryption system. He allowed that the government would not itself need to have the backdoor key; it could simply be a company holding onto it, he said, as if this qualification would lay all concerns to rest.

But it does not, and so near the end of his talk I asked the question, "What is a company to do if it suffers a data breach and the only thing compromised is the encryption key it was holding onto?"

There were several concerns reflected in this question. One relates to what the poor company is to do. It's bad enough when they experience a data breach and user information is compromised. Not only does a data breach undermine a company's relationship with its users, but, recognizing how serious this problem is, authorities are increasingly developing policy instructing companies on how they are to respond to such a situation, and it can expose the company to significant legal liability if it does not comport with these requirements.

But if an encryption key is taken it is so much more than basic user information, financial details, or even the pool of potentially rich and varied data related to the user's interactions with the company that is at risk. Rather, it is every single bit of information the user has ever depended on the encryption system to secure that stands to be compromised. What is the appropriate response of a company whose data breach has now stripped its users of all the protection they depended on for all this data? How can it even begin to try to mitigate the resulting harm? Just what would government officials, who required the company to keep this backdoor key, now propose it do? Particularly if the government is going to force companies to be in this position of holding onto these keys, these answers are something they are going to need to know if they are going to be able to afford to be in the encryption business at all.

Which leads to the other idea I was hoping the question would capture: that encryption policy and cybersecurity policy are not two distinct subjects. They interrelate. So when government officials worry about what bad actors do, as Rosenstein's comments reflected, it can't lead to the reflexive demand that encryption be weakened simply because, as they reason, bad actors use encryption. Not when the same officials are also worried about bad actors breaching systems, because this sort of weakened encryption so significantly raises the cost of these breaches (as well as potentially makes them easier).

Unfortunately Rosenstein had no good answer. There was lots of equivocation punctuated with the assertion that experts had assured him that it was feasible to create backdoors and keep them safe. Time ran out before anyone could ask the follow-up question of exactly who were these mysterious experts giving him this assurance, especially in light of so many other experts agreeing that such a solution is not possible, but perhaps this answer is something Senator Wyden can find out...

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: cybersecurity, encryption backdoors, going dark, responsible encryption, rod rosenstein

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    Anonymous Coward, 31 Jan 2018 @ 2:18pm

    categorical error, semantics, or false paradigm?

    " as if it were possible to have a backdoor and a functioning encryption system."

    That depends on your categorical definition of where encryption security ends and device security/ legitimate authority begins.

    Are cryptographers, meant to secure entire devices- including hardware and networks they have no access to? How? This is an unreasonable expectation...and therefor on some level, an unreasonable categorization. You're right of course, that encryption cannot reliably perform it's function in the presence of a backdoor.

    There is "ring -3 hardware" installed on nearly every post-2011 device. If this hardware is not considered as part of an encryption systems security- as I pointed out, how can it reasonably be when there is NO ACCESS?- then YES you very much CAN have functioning encryption on a backdoored device. It's categorical error to state otherwise, and a severe misunderstanding of the scope of a cryptographers ability/responsibility.

    Ring -3 hardware has been hacked, numerous times- and subsequently patched- which should inform people of the potentials involved here. The update mechanism itself represents a path to targeted infection even if the hardware itself could not technically be described as a backdoor in OEM configurations. The coders who wrote the software might not even realize what it's being used for- ask Andrew S. Tanenbaum -who recently discovered he'd inadvertently created the most widely deployed OS in the world- Your probably running it right now; Even if not, the servers that delivered this page to you are.

    The cellular baseband co-processor is ring -3, with authority granted to the network provider- it has unencumbered access to ram, where encryption keys are kept. Reporting on encryption backdoors, without mentioning these intimately related technical paradigms is, at best, deeply uninformed and negligent.

    See Ken Tompsons' "Reflections on trusting trust" - to begin to get a sense of how difficult and deep running the backdoor problem really is. There is no panacea- but an informed populous is at least a start- as a journalist, that should be your job, not mine. It's great you're pushing back against backdoors- but to do that effectively, people need to understand the fundamental nature of what a backdoor is- that is a very nuanced and complicated topic.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Essential Reading
Techdirt Insider Chat
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it

Email This

This feature is only available to registered users. Register or sign in to use it.