Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations

3/17/2016
10:45 AM
John B. Dickson
John B. Dickson
Commentary
Connect Directly
Facebook
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

Beyond Back Doors: Recalibrating The Encryption Policy Debate

Three compelling reasons why access to back doors should not be the intelligence and law enforcement community's main policy thrust in the fight against terrorism.

A strange confluence of events has brought encryption to the center of public policy debate in spite of the heated presidential election cycle and other geopolitical current events. Terrorism, Edward Snowden’s NSA leaks, and a constant stream of high-profile breaches that have put citizens’ private data at risk have elevated the discussion that previously existed solely in technical circles. Recent calls by the United States government to gain access to backdoors on  software and sites in order to intercept terrorist communications has increased the emotional volume of the debate, pitting the Administration, intelligence community, and law enforcement against technology companies and privacy advocates.

When focusing on the upside that backdoors provide, government leaders have downplayed the damage to US technology leadership in the world and the economic impact to US technology companies. At the same time, many US technology companies view themselves “above the fray” with international markets key to their businesses. In spite of being US-based companies, they feel that close alignment with the American government puts them at an economic disadvantage. 

This is occurring in what many observers characterize as a policy vacuum surrounding the encryption debate - a victim perhaps of other political issues facing our elected officials. Post-Snowden, Congress has yet to provide clarity to its citizens on the security vs. privacy debate, leaving the Executive Branch unchecked in matters of cybersecurity. In practice, the White House has pushed the policy envelope with regard to citizen privacy. Its engagement with technology companies at the end of 2015 is one example of its attempt to do the right thing, using perceived leverage from heavyweight solutions like backdoors to gain the attention of Silicon Valley.

There is sore need to recalibrate here. I say this from a unique perspective as I come from the intelligence world. But my most recent experiences are with cybersecurity companies that protect United States companies from sophisticated attacks emanating from every corner of the world. I am neither a privacy activist nor corporate executive with vested interests outside the US. I understand that the world is full of bad people who want to do horrible things to our country. Terrorism is a real threat, and the United States needs to maintain its vigilance against future attacks. However, it is imperative that we do so with the understanding of the full set of consequences, both intentended and not.

To put it bluntly, access to backdoors (through escrowed encryption keys or any other technical mechanism) is simply not a viable strategy in the fight against terrorism and should not be our main policy thrust. As tempting as it may be to seak out an “easy” button for this problem, we need more deliberation and more creative options. There are three compelling reasons that we need to eschew backdoors when fighting terrorism:

Reason 1: Providing backdoors to governments – any government – is a bad idea. Engineering students learn early on to avoid single points of failure in their designs. A backdoor provides the most elevated access to any system or software, and can provide that same access to unintended parties, including attackers. Two axioms hold true when dealing with designed backdoors. First, common entry points always get discovered. Once available on the public Internet, systems will be subjected to the constant onslaught from all manner of attackers, including nation-states. Second, the security of systems degrades over time. Once they exist, backdoors will be used, and inevitably someone will make a mistake leading to the (potentially unknown) use of backdoor access by others. This argument doomed the Clipper Chip in the 90’s and highlights the current worry abour the recent Juniper router backdoor disclosure.

Furthermore, what’s to stop other countries from demanding access to these same backdoors? Virtually all the discourse to this point has been in the context of the US government accessing US companies, but imagine the Chinese or Russian government demanding access to the backdoors of Google, Apple, and Facebook as a precondition of these companies selling in their markets? The idea is not far-fetched: in fact, China’s New Network Law is already blurring the line between competition and national security.

Reason 2: Governments have struggled to protect their own data – why give them the keys to all kingdoms? The US Governement currently has a large “trust” problem with its citizens. If we citizens are doubtful that the government can protect its own secrets, why should we entrust them with backdoor access to all of our secrets too? The 21.5 million government workers whose highly sensitive, and damaging, data was lost by OPM are sufficient proof of a crisis in confidence. Even more disconcerting is NSA’s data loss via Snowden. Imagine that rather than publishing gigabytes of NSA memos and presentations, Snowden revealed the private information, collected by NSA, on the Internet. This crisis of confidence in governments is most pronounced in adults below thirty years-old. Any further concentration of government power to access information via backdoors would exacerbate the situation.

Reason 3: Don’t kill the technology goose that lays the golden egg.  US technology product and cloud companies are the economic engine that fills US Treasury coffers. By mandating backdoor access, the US government would put US technology companies at a severe competitive disadvantage, which ultimately weakens their worldwide position of leadership and damages our economy in ways we will never be able to fully quantify. Already, suspicion exists with many international technology buyers. For example, many US companies selling overseas are asked by their prospects to fill out questionnaires that detail how they cooperate with American law enforcement and intelligence agencies. Suffice it to say, it’s doubtful non-US-based companies face the same scrutiny. Eventually, the market will provide more viable alternatives to existing US-based hosting and technology products, but until then much damage can be done.

Backdoors and their many different iterations are not a long-term or viable policy option to fight terrorism. Their intended and unintended consequences far outweigh their benefits. The sooner we move away from any discussion of this approach, the better we will be served. No doubt, we need more creative options from our intelligence and law enforcement community. It’s the implementation of encryption, at either end of the conversation, where opportunities exist for exploitation. This, and other examples, is where our government should focus its efforts – not on the (seemingly) “easy” button. 

Related Content: 

 

Interop 2016 Las VegasFind out more about security threats at Interop 2016, May 2-6, at the Mandalay Bay Convention Center, Las Vegas. Register today and receive an early bird discount of $200.

John Dickson is an internationally recognized security leader, entrepreneur, and Principal at Denim Group Ltd. He has nearly 20 years of hands-on experience in intrusion detection, network security, and application security in the commercial, public, and military sectors. As ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Cybersecurity Team Holiday Guide: 2019 Gag Gift Edition
Ericka Chickowski, Contributing Writer,  12/2/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19647
PUBLISHED: 2019-12-09
radare2 through 4.0.0 lacks validation of the content variable in the function r_asm_pseudo_incbin at libr/asm/asm.c, ultimately leading to an arbitrary write. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted input.
CVE-2019-19648
PUBLISHED: 2019-12-09
In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size. A specially crafted MachO file can cause an out-of-bounds memory access, resulting in Denial of Service (application crash) or potential code execution.
CVE-2019-19642
PUBLISHED: 2019-12-08
On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68, the Virtual Media feature allows OS Command Injection by authenticated attackers who can send HTTP requests to the IPMI IP address. This requires a POST to /rpc/setvmdrive.asp with shell metacharacters in ShareHost or ShareNa...
CVE-2019-19637
PUBLISHED: 2019-12-08
An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixel_decode_raw_impl at fromsixel.c.
CVE-2019-19638
PUBLISHED: 2019-12-08
An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function load_pnm at frompnm.c, due to an integer overflow.