The Folly of Encryption Backdoors
In the aftermath of the election, many people in the security and privacy communities have expressed renewed concerns about the possibility the federal government might again try to implement backdoors or otherwise weaken encryption. It will likely be months before we see any movement on that front, but for now, a new report from the European Union’s information security agency says in no uncertain terms that backdoored encryption is bad for users and undermines the security of the network for everyone.
Backdoors in cryptosystems have been a pet project for many governments in the last couple of decades. When strong encryption first became available to everyday users in the 1990s, the law enforcement and intelligence communities in the United States said that the widespread use of it could threaten national security. That began a push to find a method for the government to have access to encrypted communications and many ideas for how to get that done emerged, from key escrow to backdoors. None of them succeeded widely, thankfully, but that hasn’t stopped politicians and others from continuing to bring them up.
This isn’t a specifically American issue, either. Many European countries have been dealing with this recently, as concerns about the use of encrypted communications by terrorists and criminals have risen. In a new report released this week, ENISA (European Union Agency for Network and Information Security) analyzed the problem and concluded that encryption backdoors are not the answer.
“One solution that has been put forward by law enforcement to address their diminished operational capability to lawfully intercept communications has been to suggest the implementation of back doors to allow digitally encrypted messages to be decrypted. The principle of the backdoor is that another third party could have a mechanism to independently and without the knowledge of the sending or receiving party decrypt the communication. In an attempt to protect privacy and unlawful use of the back door the concept of key escrow where the covert cooperation of independent parties with law enforcement would be required to facilitate the use of the backdoor to decrypt the communication,” the ENISA report says.
“While this is technically possible, ENISA is of the opinion that the risks to the effective operation of the Digital ecosystem could be undermined by this approach. The very existence of backdoors provides an opportunity for criminals or state actors to undermine the privacy of communications and for users to believe that their communications are not secure.”
The key argument against backdoors, aside from the invasion of privacy, is that attackers eventually would find a way to exploit them. Security experts and cryptographers have said for years that there’s no secure way to implement a back door, so any cryptosystem that has one is compromised for all, whether they’re criminals or innocent users. The same is true for key escrow systems, which depend upon the government holding its own key to decrypt users’ messages when needed. Those keys would be invaluable targets for attackers and would be virtually impossible to defend.
But there’s also the fact that encrypted communications apps aren’t the sole domain of any one country. Encrypted chat, email, text, and voice apps are designed and built in countries around the world, so any one government that mandates the use of a backdoor in one or all of the apps made within its borders would have limited effectiveness. Also, criminals aren’t necessarily known for respecting laws and international borders, and the barriers to them developing their own secure apps are lower than ever.
“Another argument against the provision of backdoors is that the criminal operators may resort to developing their own independent encryption systems which would leave law enforcement with the additional challenge of identifying the encryption system being used and then setting about breaking the encryption algorithm. The expertise to build new encryption tools is readily available and at present strong encryption products are available on the internet free of charge,” ENISA said in its report.
“There is already evidence of custom made digital products for use on the internet being designed and marketed specifically for the criminal community. There is little doubt that undermining the privacy of commercially of freely available encrypted tools will generate a new market for new private encrypted products to serve the criminal community.”
The idea of weakening encryption to eavesdrop on criminals and terrorists is an attractive one, but it’s counterproductive and in the long run it would lead to users being less secure rather than more.