by Joe Levy On Aug 24, 2016
Depending on your position, encryption simultaneously makes us both more and less secure.
Photo credit: (Image courtesy istockphoto.com/peterhowell)
In his recent paper, "The Moral Character of Cryptographic Work," cryptographer and UC Davis professor Dr. Phillip Rogaway wrote that, “Cryptography rearranges power: it configures who can do what, from what. This makes cryptography an inherently political tool, and it confers on the field an intrinsically moral dimension.” Put simply, encryption is more than a matter for technologists and politicians – it is an emotionally charged topic, subject to the fluctuations of current events and as divisive as any other debate that is rooted in our moral foundations.
Consider how some statistics and recent events might affect your thinking on the matter. According to the Identity Theft Resource Center (ITRC), cyber-attackers in 2015 stole nearly 170 million confidential records from businesses, government agencies and healthcare providers. According to the same source, there were 781 data breaches in the U.S. in 2015 – that’s more than two breaches a day. The number of exposed records doubled from about 85 million in 2014 to nearly 170 million last year. With this reality front and center, encryption has been viewed as a crucial tool to protect sensitive data, ranging from credit card information, to even sensitive personal credentials housed on government systems (in the case of last year’s breach of the U.S. Office of Personnel Management). But last year also saw the horror of the high-profile terror attacks in Paris and San Bernardino that caused many politicians and law enforcement agencies to call for "backdoors" to help them identify and stop terrorists before they can carry out their next attack.
Public sector and private sector organizations are acutely aware of the threat and risk posed by cyber-crime. As organizations deploy encryption more broadly to necessarily protect themselves and their customers against damaging data breach, they are actually creating two issues: First, IT departments may struggle to monitor who is trying to access information and therefore become overwhelmed with data, and second, law enforcement agencies are concerned that they are becoming less able to identify potential terrorists or criminal activity because more information is “going dark.”
This is what I call the paradox of encryption. Depending on your position, it simultaneously makes us both more and less secure. While I understand what drives the calls for backdoors, even a rudimentary understanding of how modern encryption works concludes that backdoors should never be considered a viable option.
Clearly, strong encryption that cannot be exploited by external or internal actors is a must for any organization that holds the personal data of individuals. For this reason, Sophos stands firmly by its position of strongly opposing any mandate or request by any government, intelligence or law enforcement agency to put backdoors or shared keys in our products. We base our position on the following principles:
- Encryption protects the fundamental rights individuals should have to privacy and security.
Encryption protects individuals from identity theft, extortion and political or religious persecution. Backdoors in encryption would undermine freedom of speech and the freedom to conduct our affairs without interference or fear.
- Encryption is essential for effective cybersecurity.
In today’s connected society, even with all the sophisticated technology used to defend against online threats, we cannot be sufficiently protected against cyberattacks without strong encryption. Today’s cyberattacks are becoming more complex, with sophisticated attackers using multiple points of entry and creative, persistent attacks in their efforts to penetrate even very capable security systems. Encryption is the last line of defense in a holistic cybersecurity strategy that requires multiple layers of protection.
- Encryption is vital for our modern, Internet-driven global economy.
Strong encryption is essential to the integrity of Internet commerce and banking. It protects organizations from industrial espionage and damaging data loss. Ubiquitous, strong encryption ensures consumer trust by preventing online fraud and theft of financial and personal information. Encryption is a key element of the communications technologies that foster economic growth, enable dramatic gains in efficiency and productivity and expand access to and participation in the global economy. The implementation, enforcement and management of backdoors would be impractical and enormously costly to technology companies, stifling innovation and harming their competitiveness in the global economy.
- Governments should not undermine the effectiveness of legitimate technology.
No one government has the ability to ensure that backdoors be inserted into all legitimate encryption software. But far more at issue is that even if every government in the world somehow agreed that every legitimate encryption vendor include backdoors, this would not solve the problem. The bad guys will find non-legitimate encryption tools they can use, or they will simply build one themselves. So now you have the worst of both worlds: law-abiding citizens are now much less secure, because backdoors for some mean backdoors for all, including repressive regimes, malicious insiders, foreign spies and criminal hackers. And at the same time, serious criminals and terrorists can continue to deploy encryption at will. This is why so many industry experts have warned that either outlawing encryption or introducing backdoors will only cause criminals and terrorists to create and use proprietary forms of uncontrolled encryption, subjecting only the law abiding among us to eavesdropping or compromise.
Recent advances in homomorphic cryptography have produced proposals such as PrivaTegrity from David Chaum, which promises strong encryption that can only be reversed by a specially chosen council of nine. Putting aside the opaque matter of how the members of the council would be selected, as well as the concern that this might only marginally deter the ability to compromise the backdoor, there is one simple reason why this is not a solution: the bad guys won’t use it – they’ll find something else.
- Technologists, academia and governments need to work together against terrorism without compromising the security and privacy of all.
The unfortunate truth is that mandating commercial vendors to weaken the security of their software will not prevent bad people from doing bad things. But that doesn’t mean we are out of ideas or viable alternatives for how to address this serious problem. We are pleased to see governments collaborating with industry and academia to better understand the practical limitations and implications of various proposals. Only by working together will we find the pragmatic solutions that will improve our collective security without compromising the privacy and integrity of the individual.