We now know how the United States government would thwart encryption, if it chose to do so.
U.S. officials considering ways to let law enforcement bypass encryption determined that several approaches were “technically feasible” but concluded that their ideas would become “a focal point for attacks,” according to a newly published memo on the subject produced by an interagency working group.
“Rather than sparking more discussion, government-proposed technical approaches would almost certainly be perceived as proposals to introduce ‘backdoors’ or vulnerabilities in technology products and services and increase tensions rather [than] build cooperation,” reads the memo, published Thursday morning by the Washington Post.
Encryption has frustrated law-enforcement officials for decades, dating back to the “Crypto Wars” of the 1990s. But the widespread availability of easy-to-use secure communications recently reemerged as the premier point of tension between privacy activists and technical experts on one side and the intelligence and law-enforcement communities on the other.
President Barack Obama has yet to publicly take a side in the debate, but his FBI director, James Comey, has vehemently rebuked companies like Apple for pursuing encryption that even they cannot break when presented with a warrant.
The group of government officials studying encryption came up with four approaches for bypassing it.
The first approach would require tech companies to build a special port on their devices that would provide access to encrypted data if a company applied its special key. Law enforcement would need to seize the device and present a warrant to a company in order for they key to be applied. The memo noted that this approach “would impose significant cost” on tech companies, but it also said that a physical port “substantially reduces the cybersecurity risk” of a backdoor approach, such as “abuse by malicious actors and foreign government entities.”
The memo also proposed legally compelling companies to apply software backdoors—special channels through onboard encryption that could be accessed pursuant to a warrant—using their devices’ automatic update process. Government officials were quick to note, however, that using automatic updates to apply a backdoor “could call into question the trustworthiness of established software update channels.” Users, the memo warned, might turn off automatic updates altogether, potentially exposing themselves to new forms of malware.
The memo’s third proposal is a “split-key system,” where multiple parties would hold pieces of the key that had to be combined for some decryption process—left unspecified in the memo—to take place. Officials noted that this process would guard against abuse by raising the bar for malicious actors, but they acknowledged that it “would be complex to implement and maintain” because of the strain it would place on participants.
The fourth proposal, one that has not been discussed as frequently as the first and third options, is a “forced backup.” Companies would download all of the data that their customers generated on their devices to an unencrypted backup site. Left unsaid in the memo was the significant security risk that such a backup would create—a secret server full of unencrypted data would be like an unmarked but unlocked bank vault, protected only by its obscurity but accessible to anyone who located it.
The Department of Justice, the FBI, and the Office of the Director of National Intelligence, which oversees the intelligence community, did not respond to requests for comment about whether they still favored any of these proposals. But civil-liberties advocates were quick to denounce the memo’s ideas.
Boo! White House memo's proposals for bypassing encryption are horrifying. Yay! WH is publicly rejecting the ideas. https://t.co/N1N0dOIFtG
— Kevin Bankston (@KevinBankston) September 24, 2015