Encryption and Going Dark – Cutting through the Gordian Knot
March 5, 2018
This publication was authored by a non-CSIS-affiliated scholar. CSIS does not take specific policy positions. Accordingly, all views, positions, and conclusions expressed in this publication should be understood to be solely those of the author(s). This paper is an update to the discussion paper produced by the 2017 CSIS Cyber Policy Task Force Working Group on Encryption and Going Dark.
Since the emergence of publicly available, highly secure encryption algorithms in the 1970’s, there has been a continuing debate, both within the United States and around the globe, on their use in supporting individual privacy and the protection of personal information versus the ability of law enforcement and intelligence agencies to lawfully access this information. There has been much debate and controversy over this topic, and recent events have highlighted the lack of a comprehensive policy on the use of encryption within the United States, and its international implications, along with a concise legal framework governing lawful access to encrypted information.
And while the government’s mid-1990’s efforts to recommend a method to embody lawful access through a system involving escrowed key (the CLIPPER Chip) is perhaps the best known example of the contentious debate between privacy advocates and the government, few encryption developments over the past 40 years have been devoid of controversy fueled by suspicion and differing agendas. Indeed, the Data Encryption Standard (DES), established in 1977 as Federal Information Processing Standard (FIPS-46) through a public process by the then National Bureau of Standards (now NIST) was controversial from the beginning. The algorithm that became the DES was originally called Lucifer by its developers at IBM Research, and appropriately referred to by some as the Devil in the Blue Dress. The National Security Agency, serving as the authoritative technical resource for the U.S. Government in the selection process, recommended several changes in the combinatorial logic (known as the S-Boxes) of Lucifer to both IBM and NBS in order to strengthen it against certain types of cryptographic attacks. This engendered suspicion in cryptographic research circles that NSA had put a “back-door” into the algorithm. The futile search to find this alleged back-door by academia and researchers actually significantly advanced the public knowledge of cryptographic design and analysis. DES encryption and its successors, Triple DES and the Advanced Encryption Standard (AES), were eventually adopted world-wide for protecting sensitive information in both Data-in-Motion and Data-at-Rest applications, along with the related hashing, key formation/exchange, and randomizer functions. However, the widespread adoption of encryption has only served to intensify the ongoing controversy over privacy, security, and lawful access.
While often characterized in terms of technology (e.g., a particular implementation of digital encryption), the underlying issues of encryption and ‘going dark’ can be described as the challenge of reconciling three aims:
- The desire by individuals (supported by most governments) for privacy in their communications and data transmitted across or stored on digital devices and networks
- The desire by government organizations to access the communications or personal data of individuals in support of law enforcement or national security (e.g., in pursuit of collective security)
- The desire by technology providers to develop and sustain the confidence of their customers in the robust security of their products (driven by their dual responsibility to customers on the one hand and company shareholders on the other). This desire is particularly acute for companies doing business across differing legal regimes where the balance struck between privacy and collective security is uneven and often unpopular with individual citizens.
Taken individually, each of these three aims can be viewed as a laudable goal. Taken in sum, an unqualified commitment to one of the aims necessarily makes it more challenging to achieve one or more of the other two. Further, the dynamic nature of technology and its creative application to myriad tasks by millions of users greatly increases the difficulty of striking and sustaining a particular balance over time. Keeping up with this ever changing landscape has always been a challenge for the conduct of lawful surveillance by law enforcement or intelligence agencies. This is generally referred to by the law enforcement community as “going dark”. Encryption is but one component of this challenge.
The Apple versus FBI Debate
A prime example of the passions engendered by the encryption topic was the debate which played out in public and in the courts late in the Obama administration, over FBI efforts to recover the data on the iPhone used by Syed Rizwan Farook, one of the perpetrators of the San Bernardino, CA terrorist attack in December 2015. Apple CEO Tim Cook argued that providing technical assistance to the FBI in recovering data from the phone by the method the FBI has suggested would undermine the whole security foundation of the iPhone, and endanger personal privacy globally (not to mention Apple’s market position), teeing up a perceived collision between individual security, collective security and Apple’s pursuit of global markets. The instant legal confrontation between FBI and Apple was obviated (but not resolved) when the FBI hired an unknown party who was able to defeat Apple’s security mechanisms and unlock the phone, and the Justice Department dropped its court proceedings against Apple.
While this is certainly an important part of the encryption puzzle, recovering the data on a client device, whether it is encrypted or not, is only one part of the issue. In fact, the energetic food fight over retrieving the data on a dead terrorist’s phone in the physical position of the FBI and the polarization it has engendered may actually be a distraction to addressing the larger set of issues in a thoughtful and balanced way. It is absolutely ironic that all of this collective energy has being expended on a relatively small portion of the overall cybersecurity and encryption equation. It appears that Apple has done an excellent job of embedding data-at-rest security into its most recent devices while locked; however, this data is certainly at greater risk (as with any mobile device) when the phone is unlocked by the legitimate user or a particular application is invoked (either of which automatically decrypts the data stored on the device) and connected via the wireless network to the Internet at large.
Putting Encryption in Context
While a complete and comprehensive “solution” that satisfies all sides in the debate may never be possible, it is useful to break the problem set into manageable portions. Much confusion is caused by the different ways encryption can be used for protecting data-in-motion and data-at rest, and the terminology involved. In particular, many privacy advocates frequently use the somewhat pejorative term “back-door” when discussing encryption, without defining what they mean. For example, where user or enterprise data is stored in the cloud and encrypted for security, the cloud provider will necessarily provide several ways of backing up and recovering/decrypting the data in case of failure. No user wants to risk losing their data due to a failure anywhere in the system, including forgetting a password or the loss or theft of a client device. Thus the ability to recover data is an essential element of the security design, and not a “back-door”, i.e., an unacknowledged feature allowing surreptitious access. Any security design, whether employing encryption or other measures, will always have vulnerabilities of some sort. The question then becomes is the risk of the vulnerabilities being exploited sufficiently low given the application. Like all other aspects of digital design, the encryption schema and other security measures being contemplated involve a series of tradeoffs. The security design must fit the way the device will be employed and not have unacceptable consequences, such as greatly reduced battery life, a significant increase in device size and weight, or unacceptable performance in the basic functions and applications of the device.
In the situation of an unlocked mobile device (or any other client device) connected to the Internet, the threats to the data stored on the device include international crime syndicates, adversary intelligence agencies, terrorist groups, and the full collective of hacker and hactivist groups around world, not just a US law enforcement agency which has the device and a valid probable-cause warrant. Further when discussing the encryption paradox, the continuing evolution of the underlying technology must be considered. While current mobile devices have become more and more capable as end-point devices, and are largely replacing personal computers and laptops for many users, this is likely to change over the next several years at the strong trend to virtualization and cloud continues. Mobile devices will more and more become portals to cloud based applications and information, with individual user and enterprise data stored in the cloud as a matter of course, enhancing capability, flexibility, security and privacy. In the overall security equation, moving all the data off the mobile device and into the cloud provides significant advantages, and in effect will moot the narrower issue over lawful access to data on the device. Of course, all data moved between the device and the cloud will be encrypted while in transit, and the data stored in the cloud will be separately encrypted while at rest, presenting other challenges and issues for lawful access.
For discussion purposes, we would identify the components of the problem as:
1. Establishing the value proposition:
- In the absence of a shared commitment to pursuing solutions that deliver individual privacy protection, the ability of government(s) to pursue lawful access for legitimate collective security purposes, and the ability of companies to set and meet global expectations for their products, no particular implementation will end the controversy
2. Going Dark:
- New forms of communications technology, e.g., fusion of cellular and Wi-Fi communications via 5G/LTE, emergence of Internet of Things.
- Evolution of social media allowing new forms of communications.
- Locating and accessing communications or stored information of specific individuals or enterprises in a virtual, cloud based environment.
- Full Disk/Memory Encryption of Client Devices
- Full Disk/Memory Encryption of Servers/Hosts
- Encryption of Cloud Data in a Virtual Environment
- Peer-to-Peer client applications with embedded encryption
- Network layer encryption between Client Devices or Client to Server Scenarios
- VPN Encryption between Enterprise Enclaves
- VPN Encryption Client to Cloud
Overall Trends in Technology, and Implications for Going Dark & Encryption
First and foremost, one of the dominant trends in technology is the move to a cloud-based virtual environment for the hosting of applications and data. Individual or enterprise users will securely store and process their information in virtual containers in the cloud, providing flexible communications and computing capabilities on-demand as required. Virtual environments provide better overall performance at lower cost, and can be made highly secure and resilient for the full range of applications. Open source virtual environments such as OpenStack and the Docker/Open Container Initiative are being widely adopted by cloud service providers for both public and private clouds because of their inherent performance, cost, and security attributes over traditional hardware-based dedicated computing platforms. With these approaches, each application or data set can be deployed in its own protected computing environment, surrounded by an individual security policy and boundary. Stored data will be automatically encrypted as an integral part of the security environment, and further protected with strong authentication, sophisticated intrusion/malware detection, and comprehensive transaction logging at the individual container level.
As the enabling infrastructure for end devices evolves, so will the end devices themselves. With the advent of 5G/LTE wireless capability coupled with the integration of Wi-Fi capability into a seamless wireless environment, the available bandwidth for end-devices will dramatically expand, with numerous new end devices emerging via the Internet of things. This will allow the compute and storage capabilities to move into the cloud, making the end-devices considerably simpler and less costly. All user data will be securely stored in the cloud as described above, with connectivity between the end-device and the data or application container in the cloud encrypted at either the application or network level.
We also can expect with high confidence that various forms of social media will continue to expand and evolve, as well as new applications emerge for mobile devices. This will be coupled by the ubiquitous use of strong authentication and identity management services, engendered by the spread of mobile devices for electronic payment (e.g. ApplePay, Android Pay, etc.), digital wallet, and other on-the-go payment and financial applications.
As a result of this evolution, the law enforcement and national security community will continue to be challenged to stay ahead of, or even keep pace with, the technology curve. The good news is that the trend to cloud-based storage of data, with the necessary back-up and resiliency to eliminate single-points-of failure, will ameliorate some of the current concerns about gaining lawful access to encrypted data on the end-device. At the same time, identifying and locating the relevant data under a warrant in the cloud, or even getting enough information to support issuance of a warrant or other lawful means, will be more considerably more complex. Also, the challenge of identifying and accessing encrypted data in motion will continue to expand rapidly, particularly in the over-the-top, peer to peer space. Meta data on the communications will continue to be available, as the underlying transport networks cannot function without it, but locating and interpreting it will be orders of magnitude more difficult.
What all this means is that an unprecedented level of cooperation between law enforcement and the technology providers will be required to provide lawful access in the future, bounded and supported by a legal framework that carefully balances the three factors cited earlier: individual privacy in their communications and data; governments access to the communications and data for collective security; and the desire of technology providers to develop and sustain the confidence of their customers in their products’ security.
Moving Towards a Pragmatic Strategy for the Global Marketplace
Perhaps the biggest inhibitor in finding common ground in the encryption and going dark challenge is the lack of a clear and relevant U.S. policy and legal framework, as evidenced by the Apple/FBI legal debate. Given this situation, technology companies are essentially put in a no-win position when asked for assistance by national security or law enforcement authorities, conflicted between their desire to protect their reputations of upholding their customer’s privacy and to be successful in the global marketplace (and the anticipation of like requests by other governments), and their desire to help in legitimate efforts to thwart criminal and terrorist activities, either because they believe it is the right thing to do, or being legally compelled which gives them top cover.
Recommendations on Encryption and Going Dark
Since the change in Administrations, there has been little focus on encryption until recently, with Deputy Attorney General Rod Rosenstein making public remarks on the need for “responsible encryption”. To be effective, any US policy and legal framework must be developed in the context of the global environment and a US strategy for international cyber security. Lack of a clear U.S. policy and framework on encryption will continue to damage cooperative relations between law enforcement and the technology industry, and inhibit national and international progress on cyber security.
Accordingly, we offer the following recommendations:
- The President should clearly articulate the governing principles for US and international cyber security, along with attendant US National Policy on Encryption and other relevant security technologies as they relate to the alignment of individual security (to include privacy concerns), collective security (to include law enforcement concerns), and economic vitality. This policy should support the use of strong encryption for privacy and security while specifying the conditions under which assistance from the private sector for lawful access to data will be required, along with the legal processes for obtaining such assistance.
- Working in collaboration with the leading technology and security service providers, internet service providers, privacy advocates, and in consultation with key allies, the President should draft appropriate legislation to submit to Congress for consideration in implementation of the National Policy. While legislation will not have a direct impact on foreign government determinations, it should be consistent with US strategy to effect a global regime for the alignment of individual security, collective security and economic vitality interests.
- In keeping with the trend to cloud-based applications and data storage accessed from mobile devices, the President should task NIST to work with encryption experts, technology providers, and Internet Service Providers to develop standards and methods for protecting applications and data in end devices and the cloud, and provide secure methods for data resiliency and recovery. These standards for data resiliency and recovery should be equal to or exceed the security provided the encryption and key management processes for the basic protection of the applications and data. Implementation of these standards by the technology providers and ISPs should be driven by market demand, and not by policy or legislation.
- The President should include in future budget submissions to the Congress, sufficient resources for the FBI and the US intelligence agencies to develop new investigative and technical capabilities for execution of their missions in the face of ever evolving technologies and applications.