Last December, I had the opportunity to travel to the Netherlands to meet with multiple European tech companies, web hosts, and other infrastructure providers. The topic of intelligence agency backdoors and US corporate involvement with such policies came up more than once, often in not-entirely-friendly ways. It's therefore refreshing to see the head of the NSA, Admiral Michael S. Rogers, state up front that the NSA isn't interested in a backdoor solution to digital surveillance. Instead, he wants a so-called "front-door" solution -- which could be even worse.
Instead of handing the NSA a unilateral window into encrypted communications taking place at Google or Apple, Rogers suggested a future in which the encryption keys to access such information would be divided between at least two groups -- possibly more. In the simplest example, Google would retain half the key, while the NSA held the other half. Thus, the agency wouldn't be able to unilaterally snoop inside anyone's files -- it would need Google's support.
"I don’t want a back door,” Rogers, the director of the nation’s top electronic spy agency, said during a speech at Princeton University, according to the Washington Post(Opens in a new window). “I want a front door. And I want the front door to have multiple locks. Big locks.”The systemic flaws in the front-door solution
The first problem with Rogers proposed front-door solution is that it's a meaningless feel-good measure given the current regulatory structure of our national security system. Before the Snowden leaks, Google, Microsoft, and other digital providers were forbidden from disclosing that they'd received national security letters, even in aggregate. Thanks to Snowden, we now know that Yahoo went to bat for users, challenging the legality and authority of the NSA -- and lost, every time.
Giving half a key to Google or Yahoo would be meaningless unless the company possesses the authority to refuse to use it. In theory, the court system offers robust oversight of how such capabilities are used. In practice, the FISA court has operated more like a rubber stamp body than an organization devoted to judicial oversight. The government, as a whole, doesn't currently have a great track record of respecting suspects' rights -- the FBI is on record as ordering local police departments to drop cases rather than disclose how secret stingray hardware may have been used in ways that fundamentally violate those suspects' Fourth Amendment rights.
The other systemic problem with Rogers' suggestion is that it assumes a degree of trust between corporations and government at a time when such good feelings are at an all-time low. The NSA has demonstrated no practical ability to differentiate between friend and foe. Its decision to hoover up data running across Google's transatlantic cables may have been legal, but it illustrated a total lack of respect for Google -- and a willingness to resort to extrajudicial methods when it was convenient.
The NSA could avoid this problem by sharing the key with government-appointed escrows rather than corporations, but this simply hides the process from public view. That's already extremely problematic.Can front doors be secure?
The technological problems with the NSA's front-door policy are formidable. The "divide the key among trusted parties," approach isn't new -- the NSA proposed exactly this method of securing its ill-fated Clipper Chip in the early 1990s. At the time, the newly-formed EFF and other consumer advocacy agencies battled the NSA's proposed system, noting that it exposed citizens to increased surveillance while providing no assurance that the cryptographic standard, dubbed Skipjack, was actually secure.
Thanks to
Many of these questions would remain in any escrow system the government dreamed up today. “The basic question is, is it possible to design a completely secure system” to hold a master key available to the U.S. government but not adversaries, said Donna Dodson, chief cybersecurity adviser at the Commerce Department’s National Institute of Standards and Technologies. “There’s no way to do this where you don’t have unintentional vulnerabilities.”
Hackers, generally speaking, don't go after the code itself or attempt to brute-force it -- instead, they work to compromise the organizations that hold the keys, or find other avenues of attack. Splitting the key into parts is only an advantage if the parts can't be combined or analyzed for clues to the final key structure. In order to function properly, every escrow needs to be secure, and every one-time access key needs to be destroyed.
Image Credit: The Washington Post
The problem here isn't technical, it's theoretical. In theory, a one-time pad, if used correctly, creates encryption that cannot be cracked -- and it was invented in 1882. The problem with the OTP is that it's exceptionally difficult to use correctly. Therein lies the NSA's problem: The best-laid security plans can be undone by design flaws and human imperfection. Given that the NSA is designed to take advantage of those imperfections and flaws, you can bet the organization knows it.
The NSA is searching for a rhetorical solution to what privacy advocates and civil libertarians view as a profound structural problem. The agency is loath to give up its ability to spy on American citizens, or even make meaningful concessions to it -- which means whatever system it ultimately backs will be designed to preserve as much of its current capabilities as it can. Individual encryption is one option, as we recently covered in our examination of privacy-enhancing tools. But what's needed in this instance is structural change.
