More than two years after the December 2015 shooting deaths of 14 people in San Bernardino made the question of police access to encrypted data on personal devices a front-page issue, FBI director Christopher A. Wray is continuing the call for what critics call a “back door,” and what government calls “exceptional access.”
Wray says FBI investigators were frozen out of almost 7,800 encrypted devices in 2017, despite having “lawful authority” to examine them. But a group of security and encryption experts has warned that there is no way to enable exceptional access without undercutting personal security and privacy.
The National Academies of Science, Engineering and Medicine (NAS) has examined the issue and says that legislators and policy makers must carefully weigh the benefits of allowing access against the risks. It warns that “there are no easy answers to and many uncertainties in responding to these questions.”
Going dark
Wray spoke of the problem of “going dark”—bad guys using encrypted communications and devices—in his Jan. 9 keynote address to the Fordham-FBI International Conference on Cyber Security. He called on private industry to give law enforcement the tools it needs to investigate crime in a technically sophisticated world.
“We are not looking for a ‘back door,’” he said, but for “the ability to access the device once we’ve obtained a warrant from an independent judge, who has said we have probable cause.”
He did not explain how this would work or how it differed from a back door. A group of cryptology and cybersecurity experts has said there is no difference, and whether it is called a back door or exceptional access, it is a “flawed policy that would harm American security, liberty, and our economy.”
In a letter to Sen. Ron Wyden (D-Oregon), a critic of back door policies, four experts (Martin E. Hellman, Professor Emeritus at Sanford University; Steven M. Bellovin of Columbia University; Paul C. Kocher of the NAS and a crypto developer; and Bruce Schneier, fellow at the Harvard Kennedy School) spelled out the difficulties and dangers. “The FBI is asking engineers to design a highly complex, yet secure, system. Just because a non-technical person believes that such a system can be developed does not make it so,” they wrote. They warn that “security would be weakened.”
“The FBI needs to present the cryptographic research community with a detailed description of the technology that it would like implemented,” they continued. “That would allow the technology to be analyzed in an open and transparent manner so that its advantages and disadvantages can be weighed.”
Trade-offs
In a report released this month the NAS does not take a position on whether government should require the tech industry to provide government access to encrypted data, but notes that “Some computer scientists have reacted with concern to renewed proposals to regulate the use of encryption, citing the security risks.”
The report acknowledges that “encryption complicates law enforcement and intelligence investigations,” but said that government ability to decrypt personal devices is not necessarily needed. Although the use of strong encryption is growing, the volume of accessible unencrypted data is growing even faster, so that “there is more data than ever of relevance to investigations.”
The NAS leaves to question of whether to require exceptional access for policy makers to answer, and sets out a framework in the form of a set of questions that should be answered in making encryption policy:
• Would a proposed approach actually work?
• Would it undermine security of the devices and cybersecurity in general?
• Would it impinge on privacy and other civil liberties?
• How would it affect commerce, economic competitiveness and innovation?
• What would it cost and who would pay?
• Is it consistent with existing law and other government priorities?
• What would the international impact be?
• Would there be effective ongoing evaluation and oversight?
There won’t be clear-cut answer to many of these questions, NAS warned, and policy makers will have to deal with trade-offs rather than absolutes. “One of the fundamental trade-offs is that adding an exceptional access capability to encryption schemes necessarily weakens their security to some degree, while the absence of an exceptional access mechanism necessarily hampers government investigations to some degree.”