Sign In

Communications of the ACM

Communications of the ACM

The Strength of Encryption


View as: Print Mobile App ACM Digital Library Full Text (PDF) In the Digital Edition Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Eugene H. Spafford

Eugene H. Spafford is an at-large member of ACM Council.

Credit: Purdue University

Some of the most perplexing and frustrating experiences that technologists have are with politics and social policy. There are issues that have overwhelming data and scientific analyses to support a position, but value systems based on economics, religion, and/or misinformation are relied upon insteadusually to the consternation of the scientists and engineers. Examples abound, from issues such as the anthropogenic contributions to climate change, the safety of childhood inoculations, and the nature of evolution. Amazing to most of us, there are even those who are certain the Earth is flat! Furthermore, to hold some of these positions requires also believing that scientists are either ignorant or corrupt.

Computing is not immune to these conflicts. One that is currently playing out involves encryption, and what (if anything) should be done to regulate it. Some officials involved in law enforcement and in government are concerned about the potential impact of encryption and wish to restrict how and where it can be used. Many computing professionals have a different set of views, and stress that restrictions to weaken encryption will be much more harmful than helpful.

Conflicts over encryption are not new, with historical examples stretching back many centuries. What has made it a more pressing issue in recent decades is the strength of encryption used with computers, and the immediacy and scope of digital communication. Some 20 years ago, the U.S. had an active controversy over the role of allowing encryption in commercial products. Elements of law enforcement were concerned about the potential for criminalsparticularly child pornographers and drug traffickersto hide evidence of their activities from authorized investigations. Some in the national intelligence community were also worried that export of strong encryption technology might harm national intelligence capabilities.

Efforts by technologists and civil libertarians (including ACM's U.S. Public Policy Committee) helped shape the discussion in the U.S., as did an extensive study by the National Academies. The outcome was a Presidential decision to not interfere with use of encryption, with some limits on the strength of exported technologies. There was considerable grumbling by some in the law enforcement community, but the decision proved to be soundin the decades since then we have not been overrun by criminals using encryption (although some exist). Meanwhile, organizations around the globe have had the benefit of strong encryption to protect their information resources.

The evolution of the technology we use regularly has incorporated stronger, built-in encryption. This is especially the case in personal devices such as smartphones and tablets, and in systems supported by some ISPs. The encryption that is present is there to protect the user community from information theft and abuse. However, these same mechanisms may prevent law enforcement from accessing information during their authorized investigations. Globally, we have seen increasing instances of sophisticated crime involving computer-based resources. Terrorism is effective when it induces fear, and unfortunately, recent terrorist events (and political opportunism around them) have generated heightened public concern. In response, law enforcement officials in several countries have felt greater urgency to investigate and forestall any new such activity. To accomplish this, they wish to be able to intercept and monitor communications of suspects, and to be able to capture and analyze their stored data. As such, they are seeking to mandate products incorporating some authorized encryption circumvention technique, colloquially called a "backdoor."

Here is where the conflict with technologists comes about. Those of us who have studied encryption know that inclusions of "backdoors" weaken encryption schemes, and do not know of any practical way of enabling any such circumvention in a manner that is itself sufficiently robust. Having any sort of alternate key mechanism often makes the encryption weaker. It would also highlight the holders of that key as targets to attack, as well as enable insider abuse. Furthermore, once compromised everyone would be endangeredand there is little doubt such a scheme would be compromised or leaked eventually. Unfortunately, some policymakers, perhaps conditioned by TV shows and movies with unrealistic portrayals of computing, do not believe the warnings. A few national governments, such as the Netherlands, have taken the position that encryption should not be weakened. However, othersincluding the U.S. and the U.K.appear to be on paths toward legislating weakening of commercially available encryption sold within their borders.

Ironically, the results of the "crypto wars" of 20 years ago means anyone who really wants strong encryption can obtain it and layer it on their regular platforms (superencryption). The Daesh (ISIL) already has crypto applications they provide to some of their operatives that do exactly that. Thus, any restrictions will only weaken the protections for the rest of us against criminal activities, economic espionage, and overly intrusive governments. Once lost, it may take a long time to regain the privacy and security afforded by strong encryption.

What will it take to resolve this conflict? To start, it would help if all sides accepted that their counterparts are neither fundamentally venal nor oblivious to the issues involved. There are genuine concerns all around, but education and exploration of issues is required. ACM, as the preeminent computing association globally, has the potential to have a strong voice in mediating this discussion. As ACM members, we should seek to help clarify the issues with our political representatives in such a way as to define a workable way forward ... and that won't need to be revisited in another two decades.

Back to Top

Author

Eugene H. Spafford (spaf@acm.org) is an at-large member of ACM Council.


Copyright held by author.

The Digital Library is published by the Association for Computing Machinery. Copyright © 2016 ACM, Inc.


Comments


CACM Administrator

The following letter was published in the Letters to the Editor of the June 2016 CACM (http://cacm.acm.org/magazines/2016/6/202652).
--CACM Administrator

I was disappointed by Eugene H. Spafford's column "The Strength of Encryption" (Mar. 2016) in which Spafford conflated law enforcement requests for access to the contents of specific smartphones with the prospect of the government requiring backdoors through which any device could be penetrated. These are separate issues. Even if the methods the FBI ultimately used to unlock a particular Apple iPhone 5C earlier this year are too elaborate for the hundreds of encrypted or code-protected phones now in police custody, the principle that it is a moral if not legal responsibility for those with the competence to open the phones do so would still be relevant.

Unlocking an individual phone would not legally compel a backdoor into all Apple devices. Rather, Apple would have to create and download into a particular target phone only a version of iOS that does two things return to requesting password entry after a failed attempt, without invoking the standard iOS delay-and-attempt-count code and allow password attempts at guessing the correct password be submitted electronically rather than through physical taps on the phone's keypad. The first is clearly trivial, and the second is, I expect, easily achieved.

The FBI would then observe, at an Apple facility, the modified iOS being downloaded and be able to run multiple brute-force password attempts against it. When the phone is eventually unlocked, the FBI would have the former user's correct password. Apple could then reload the original iOS, and the FBI could take away the phone and the password and access the phone's contents without further Apple involvement.

No backdoor would have been released. No existing encryption security would have been compromised. Other law-enforcement agencies, armed with judicial orders, would likewise expect compliance and should receive it.

The secondary argument that should Apple comply and authoritarian regimes worldwide would demand the same sort of compliance from Apple, as well as from other manufacturersis a straw man. Since Apple and other manufacturers, as well as researchers, have acknowledged they are able to gain access to the contents of encrypted phones, other regimes are already able to make such demands, independent of the outcome of any specific case.

R. Gary Marquart
Austin, TX

---------------------------------------------------------
AUTHOR'S RESPONSE

My column was written and published before the FBI vs. Apple lawsuit occurred and was on the general issue of encryption strength and backdoors. Nowhere in it did I mention either Apple or the FBI. I also made no mention of "unlocking" cellphones, iOS, or passwords. I am thus unable to provide any reasonable response to Marquart's objections as to items not in it.

Eugene H. Spafford
West Lafayette, IN


Displaying 1 comment

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account
Article Contents:
  • Article
  • Author