On Backdoors and Encryption
September 6, 2013
There is a general myth that the “geeks” defeated the Feds in the “crypto wars” of the 1990s, blocking efforts to prevent the sale and export of advanced encryption products. This is an article of faith with some people, particularly on the West Coast, and if you interview them you will get this story presented as an accurate account of what happened.
An article in the New York Times hinted at a more accurate picture. The geeks did not win the crypto war. They were deluded into thinking they had done so, producing a false sense of security. Now, wounded that their cherished myth has been punctured like a balloon, they claim that the NSA coerced IT companies to build back doors into encryption products and this is what let it defeat encryption. This is wishful thinking.
Wishful because the backdoor argument points to what is one central myth of the internet – that it is possible to use technology to make it secure. If only there weren’t back doors put in by coercion, then we could be safe. Sorry, but while security measures can make it harder to steal data, there are perhaps half a dozen intelligence agencies in the world with the resources and skills to defeat any internet security measure without the need for backdoors. The internet can be made more secure, but it will never be fully secure.
The notion of back doors leads immediately to bad policy, and this was the one point that gave me pause in writing this piece. Should I tell them that their proposed fix is useless? If the capabilities that let an intelligence agency defeat encryption do not rely on back doors, switching to foreign products will not make you any safer, although it may provide a degree of comfort rather like an umbrella in a hurricane.
Back to how to defeat encryption without back doors. Encryption products take “plain text,” and use mathematical formulas to scramble it into unintelligible chunks. But many encryption products have design flaws. Companies say they use a “key” used to encrypt text that is 126 or 256 bits long.
In fact, through mis-implementation, it might be much less. A company may say it uses a “random number generator” but truly random number generators are hard to build. One company dealt with the problem by using a fixed list of numbers from which they randomly selected. These design errors are detectable and provide a way in.
Implementation of a crypto program is a problem. Key management is a problem. People cut corners or take short cuts to deal with these problems and that provides a way in. A variety of techniques to crack passwords have existed for twenty years. As any good “phisher” knows, you can always count on human error.
An email, for example, has a standard format. Somewhere early in the text there will be the date (finding the encrypted date was one way the British broke high end German encryption in World War Two). There will be a greeting, often with the recipient’s name. You now can match plain text with the text that emerges from the encryption program. With some hard work and skill, this provides a way in.
Now suppose an agency employs several hundred of the best mathematicians in the country, has the world’s most powerful super computer, and brings seventy years of experience and an immense library of crypto products dating back to the 1940s to the decryption problem. It collects masses of traffic (all major signal intelligence agencies do this), and in that traffic there may be a pattern or error that will let it defeat encryption (this was in part how the U.S. defeated Soviet encryption in the “Venona” program). An agency can build special purpose machines or write special purpose programs designed to overcome specific encryption programs. You may use PGP, for example but several countries probably have “anti-PGP” machines that automatically break your encrypted message. With resources, persistence and skill, any defense can be defeated.
In the U.S. this effort to deal with encryption began in the mid 1990s, when it was clear that the newly commercialized internet would need to be made more secure. The Clinton Administration, yielding in part to political pressure, decided that the short term loss of intelligence that would occur if encryption was “decontrolled” would be offset by the benefit to U.S. security from making American companies harder to penetrate and help U.S. companies be more competitive. When the United States released encryption, it hoped that it would be used widely, making the internet safe from all but a handful of opponents. This widespread use did not occur – in this the first internet security policy failed, something we continue to pay for.
Administration officials also knew that intelligence agencies were working on new approaches to defeat encryption and this made them comfortable with releasing it. This was neither easy nor cheap, but it is not a fluke that the internet has created what one senior NSA official has called “the golden age of signals intelligence.”
Sometimes crypto or privacy advocates argue that there are technological solutions like encryption that allow dissidents to operate without interference. The plain truth is that such technological safeguards work only if the government of the country in which the dissidents reside let them work, and it is constrained by law from using the range to techniques that can defeat any technology. Civil liberties are protected in the United States not because people use encryption or Tor or pseudonyms, but because the NSA does not use its capabilities to stifle free speech or political opposition. You can use encryption in Russia and still not have any civil liberties because the FSB, Russia’s domestic intelligence service, is untrammeled. Neither agency needs a backdoor. A lack of faith in technology is disturbing, but the limits of technology point to the central policy needed for cyber security, the core of which is to extend the rule of law into cyberspace.
James A. Lewis is a senior fellow at the Center for Strategic and International Studies in Washington, D.C. and drafted the first two regulations decontrolling encryption in the late 1990s.
Commentary is produced by the Center for Strategic and International Studies (CSIS), a private, tax-exempt institution focusing on international public policy issues. Its research is nonpartisan and nonproprietary. CSIS does not take specific policy positions. Accordingly, all views, positions, and conclusions expressed in this publication should be understood to be solely those of the author(s).
© 2013 by the Center for Strategic and International Studies. All rights reserved.