Coders warn that security backdoor will open a can of worms

Encryption-820x420
By JC Torres/

The US and UK governments continue to push for a VIP backstage access to the world's computers, networks, and devices, sometimes using the most emotional, not to mention deplorable, arguments. But such a security setup is ultimately a technical consideration and should also be driven by technical arguments. A group of industry specialists and luminaries are doing exactly that, releasing a paper that gives the proposal their stamp of disapproval, proving that not only is the backdoor access unfeasible, it will actually put countries at even more risk.

The co-authors of this security paper aren't just your run of the mill security experts. One of them, for example, is Whitfield Diffie, a pioneer of cryptography. Another is Ronald Rivest, one of the inventors of the RSA encryption algorithm in wide use today. Matthew Blaze, who discovered a critical flaw in the Clipper spying chip that Clinton's administration was pushing for, also has a hand in the paper. Many of the authors met back in 1997 to oppose Clinton's push and now they have gathered again to try to appeal to reason, not emotion, once more.

At first glance, what US intelligence agencies are suggesting almost makes sense. A special backdoor key would allow them to quickly hunt down terrorists, criminals, and other miscreants. But even if you disregard for a moment the potential violations to privacy, the paper details why such a method would, in fact, actually have the opposite effect on national security.

As repeated so many times before, there is just no feasible and secure way to have a special key that will be limited to government agents. By mandating that networks, devices, and services have such backdoors, the government is practically announcing to everyone, including hackers, that such a door exists. Once known, it will only take a matter of time for hackers to break it open for themselves. Such a move can also affect foreign relations and international security. If the US and the UK make such a move, other countries, like China and Russia, are likely to follow suit in order to also give them an advantage. This practically makes the whole world's computer systems, networks, and devices totally insecure.

Encryption and security is an all or nothing situation. Either you completely batten down all hatches or remain insecure. Sadly, the paper, though filled with heavyweight names, is just that, an admonition and an appeal based on facts. In the end, it will be up to the government, particularly Congress and the courts to take heed of the warnings.

SOURCE: MIT

VIA: SFGate

Recommended