Susan Landau, professor of cybersecurity policy at Worcester Polytechnic Institute (WPI), is one of 15 pre-eminent experts on electronic security and privacy who in a report issued today argue against demands by the FBI and other federal agencies for "exceptional access" to encrypted communications, noting not only that such access is technically infeasible, but that it would actually increase the risk of foreign governments, criminals, and terrorists gaining access to confidential information, critical infrastructure, and government secrets.
The report is in response to concerns raised by FBI director James Comey Jr. and others in the federal government over announcements last year by Apple, Google, and other technology companies that they would build strong encryption into smartphones and other electronic communications technologies and would not maintain the keys that might enable the government to gain access to encrypted communications as part of criminal and national security investigations. In public statements, Comey has expressed fears that without this so-called "exceptional access," the government risks "going dark," leaving it unable to effectively monitor communications by terrorists, organized criminals, and adversarial governments.
Comey and Sally Yates, deputy attorney general at the Justice Department, will testify about these concerns before the Senate Judiciary Committee tomorrow.
The report is authored by 15 computer scientists and cybersecurity experts who include, in addition to Landau, Whitfield Diffie, who helped develop public-key cryptography in the 1970s (and co-authored, with Landau, of Privacy on the Line: The Politics of Wiretapping and Encryption (1998, MIT Press) , and Ronald Rivest, one of the inventors of RSA, the first practical public-key encryption algorithm. They argue that it is technically infeasible to give the government exceptional access to encrypted information without creating serious security vulnerabilities that others could take advantage of to gain access to the same information. In an essay posted today on the security blog Lawfare, Landau notes that the government, while arguing loudly for exceptional access, has been relatively silent on how that access would work.
"There's good reason for the silence," she writes. "The difficulty is that as soon as an actual proposal for getting at the plaintext of encrypted data—whether in motion or at rest—is presented, the problems with the 'solution' are exposed."
Possible solutions include building "front doors" into communications technology that would allow an authorized law enforcement official to unlock an encrypted device, and secure storage of the keys that can be used to decrypt secure communications. But experience has shown that front doors become attractive targets for hackers, and the question of who would hold the encryption keys— and how they could be kept secure over long periods of time—has yet to be answered. "The problem is that once one gets into the nitty gritty of how exceptional access might actually work," Landau writes, "the idea of exceptional access looks more like magical thinking than a realistic solution to a complex technical problem."
Beyond the technical issues, Landau and the other authors note that rather than reducing security, the widespread availability of strong, end-to-end encryption is actually vital to ensuring both security and privacy in an era when virtually all communications are carried out electronically, over unsecure networks; when all manner of information, from government records, to corporate intellectual property, to our personal and financial data, are transmitted electronically and stored in the cloud; and when the growing "Internet of things" is placing millions of devices, from industrial machinery to implanted medical devices to the elements of the power grid, online.
In a Lawfare essay posted in January 2015, written in response to a call by British Prime Minister David Cameron for a ban on strong encryption in the wake of the attack on the offices of Charlie Hebdo in Paris, Landau argues against Cameron's claim that increased government access to information increases security. "Complexity and experience show that in practice, the situation doesn't work out that way. Given the risks posed to infrastructure and industry—both crucial aspects of any nation's security—the security argument works in favor of permitting secure communications broadly."
The report issued today notes that the position of FBI director Comey echoes arguments made by the federal government in the late 1990s, when the Clinton Administration proposed requiring that devices that used strong encryption be equipped with a Clipper Chip, which would contain keys the government could use to decrypt the information. Many of the report's authors, including Landau (who testified in 2011 against the FBI general counsel on this topic before the House Judiciary Committee), demonstrated back then that the proposal was infeasible due to technical issues with the chips, serious questions about how the keys would be controlled, and the risks that the chips created for unauthorized access to encrusted information. "We have found that the damage that could be caused by law enforcement exceptional access requirements would be even greater today than it would have been 20 years ago," the report notes.
In her 2011 book Surveillance or Security: The Risks Posed by New Wiretapping Technologies (MIT Press), Landau notes that by embedding the ability for the government to eavesdrop on our communications into "the very fabric of our lives," we are putting into place something for our enemies that they could not afford to do on their own." She adds, "Communications surveillance when pursued properly will enable innovation and growth and protect the nation. The issue before us is whether our policies are doing that or creating a major security risk in the name of greater security."
- Read the report, "Keys Under Doormats: Mandating Insecurity by Requiring Government Access to All Data and Communications."
- Read Landau's Lawfare post on the report.
- Read her previous Lawfare post on calls for an encryption ban in Britain.
- Read coverage of today's report in the New York Times, the Guardian, and NPR's The Takeaway.
- Watch Landau discussing the need for strong encryption on the PBS NewsHour.
- Read coverage of the Senate hearings in the Guardian.