Top security experts have published a collaborative paper discussing the US governments encryption backdoor demands while Capitol Hill holds congressional hearings on this very topic:
The authors of the 34-page paper [PDF] read like a who’s who of computer security: they are Whitfield Diffie (who along with Martin Hellman invented public key encryption); crypto guru Bruce Schneier; Ronald Rivest (the R in RSA), Matt Blaze, the killer of the Clipper Chip; Professor Ross Anderson from Cambridge University; and 11 other senior figures in the field.
The writers examine attempts in the early 1990s to allow the Feds to access to encrypted communications, referring back to the infamous Clipper chip proposed by Bill Clinton’s administration. Clipper, developed by the NSA, would have allowed the government to unlock encrypted messages, but was shown to be both easily broken and counterproductive.
Back then the internet was in its infancy and encryption was used sparingly. Nowadays the entire e-commerce system relies on encryption, as does much of the mobile telephony industry and corporate systems. Introducing flaws would cause more harm than good, they argue, and would cripple US businesses, since who wants to buy technology with a back door?
The paper also points out that there are massive technical challenges in instituting an encryption key escrow service, such as the one suggested by the director of the FBI, James Comey. Such a system would lock the industry into a specific crypto system and poses a major question – who holds the master decryption key?
Any body, public or private, holding such keys would be an instant target for hacking attacks, the authors point out. As we’ve seen with cases like the Office of Personnel hack, the White House hack, and various successful hacks against US military targets, there are no government servers where such powerful tools would be safe and yet speedily accessible to law enforcement.