The Doomed Quest For The Golden Key

Some months ago, the Washington Post waded into the debate about the NSA, pervasive surveillance, and end-to-end encryption with a call for Apple and Google to magically “invent a kind of secure golden key they would retain and use only when a court has approved a search warrant.” This was met with a chorus of contempt and opprobrium.

And rightfully so. Because what the WaPo’s editors were really talking about, although they didn’t know the terminology, is a back door; and once a back door exists, everyone knows, it’s essentially impossible to guarantee that you’re the only one who can use it. The negative repercussions of any attempt to weaken strong end-to-end encryption are immense and, apparently, endless.

But. It’s worth noting that, strictly speaking, the wish for a magical golden key actually could be granted. To quote an excellent recent essay by Julian Sanchez:

There is a subfield of cryptography known as “kleptography” that studies the design of “asymmetric backdoors.” The idea is that the designer of a cryptographic algorithm can bake into it a very specific vulnerability that depends on a lengthy mathematical key that is too large to guess and cannot be easily reverse-engineered from the algorithm itself.

To oversimplify, it turns out that you can corrupt crypto key generation — and, apparently, even key exchange (PDF) — such that any given message is encrypted against most eyes, but can be trivially cracked by anyone in possession of a single private key. Voila! The secure golden key, a.k.a. secret back door, as desired.

…Unfortunately, such a back door would be far worse than useless.

Sanchez spends most of his essay (which you should read) explaining why this is so. But he leaves out what is, to my mind, the most obvious point: even if Apple and Google and the entire tech industry were to switch over to NSA-corrupted crypto algorithms which allowed the authorities to use kleptography to crack otherwise encrypted messages, other, incorruptible options would still be out there — and anyone who cares about privacy would flock to them.

The genie of strong encryption is long, long out of the proverbial bottle. Earlier this week, Open WhisperSystems released Signal 2.0 for iOS, offering free, cross-platform, extremely secure end-to-end-encrypted voice calls and text messages to anyone with either an Android or an iPhone. What’s more, all of their code is open-source; anyone can roll their own customized version.

A “secure golden key” is essentially useless, at least against criminals and terrorists, when anyone who doesn’t want to be spied on can, and will, replace the doors issued to them by Apple and Google in favor of ones the government can’t open. (I suppose it would help catch the stupidest of the criminals and terrorists, but by definition the stupidest can easily be caught without such measures.) It would still be useful if you wanted to maintain the capacity to surveil a large majority of the population as a whole, but one presumes — or at least hopes — that that’s not what the NSA and FBI desire.

It is, however, what less laudable governments desire. Governments that would be enormously emboldened if the nation that proclaims itself the arbiter and standard-bearer of liberty and freedom were to demand this kind of cryptographic corruption from the tech industry. As Bruce Schneier puts it, “cyberweapons have no allegiance.” If the US sets the extremely dangerous precedent of requiring government-mandated back doors in modern communications technology, a precedent that will not actually improve American security one whit, many millions around the world will live–if they’re lucky–to regret it.