Thursday, December 17, 2015

My Thoughts on Strong Encryption

The White House recently asked the public to “Share Your Thoughts on Strong Encryption”  Here is the link to the White House comment form. And here is what I wrote:

Response to the White House request to 
“Share Your Thoughts on Strong Encryption"
Comments by 
Arnold G. Reinhold
December 13, 2015

In September 1999, I wrote a briefing paper for the Cato Institute titled “Strong Cryptography The Global Tide of Change.” It’s available on-line at: 

Back then the Clinton administration wanted encryption systems to include a feature allowing government access to encrypted data, just as the FBI wishes today. Sixteen years ago I wrote:

“Cryptographic technology is so widespread that it is impossible to stop. If any major governments, terrorist organizations, or drug cartels are not now using strong cryptography, it is not because of lack of availability or lack of reliable suppliers. There are many firms overseas that are willing to provide cryptographic software, and, for better or for worse, some of the cryptographic products most widely available on the international market were originally made in the United States.“

Concerning the risks of encryption backdoors, I wrote:

“…key recovery will create new targets for miscreants to attack. Given the enormous value that the data in key repositories represents, it is only a matter of time before they will be compromised. Even the best security arrangements are vulnerable to bribes, blackmail, and threats of bodily harm. Over time, commitment to security will wither under cost pressures and boredom.“

We saw an example of the latter point this year at the Office of Personnel Management when the security clearance forms and data of millions of cleared workers, including all our intelligence agents, were electronically stolen by China.

Tools for surveillance have multiplied since 1999
Since my briefing paper appeared, there have been many changes in technology and legislation that have enhanced the ability of law enforcement and the intelligence community to track terrorists and gather evidence:

o The dramatic drop in the cost of mass storage (by a factor of over 300) has allowed the indefinite retention of almost every detail of each American’s lives. Lower storage and processing costs have enabled the big data movement, which stores and analyzes every financial transaction we make as well as all our interactions with the Internet. As business records, such data is available to the government without search warrants.

o The Patriot Act was passed giving the FBI broader power to demand data through secret National Security Letters, hundreds of thousands of which have been issued. The act was also interpreted by the Bush administration to allow wholesale collection of metadata on every U.S. citizens’ telephone and electronic communications, creating a database that reveals each person and organization with whom we communicate. While recent legislation has moved this database from government data centers to those of the private telecommunication carriers, it is still available for government search.

o The growth of cell phone usage to near ubiquity has, as a by product, allowed the movements of every individual who carries one to be tracked at all times. Newer phones with built-in GPS must, by law, allow tracking to the nearest 50 meters for most calls. While this data is only needed temporarily to route calls and pass on location data to emergency responders, it is being stored indefinitely. Again, as business records, this data is available to the government without search warrants.

o License plate readers have become cheap and reliable, and are being used on traffic signals and roving police patrol cars, providing another means to track our movements. 

o Surveillance video cameras have become common and are being linked in many jurisdictions. Combined with rapidly improving face recognition software, they provide yet a third way to track individuals, even those who avoid cell phones and private automobiles. 

o The rise in social media has placed a vast array of information about individuals on line. Accounts associated with terrorist organizations designed to recruit new terrorists can and no doubt do provide a wealth of intelligence about potential threats.

o We now know that the NSA has actively worked to weaken security standards intended to protect electronic communication systems, many of which are essential to civil safety. 

o We also learned that the NSA has developed an extensive catalog of technologies that can infiltrate computer network systems and circumvent their encryption.

These new technologies have greatly expanded the arsenal of our law enforcement and intelligence agencies, but they also threaten to entrench despotic regimes around the world by creating a totalitarian infrastructure far beyond what George Orwell imagined in 1984. Use of strong encryption to protect our personal records and communications from government snooping is one of the last lines of defense for individuals here and abroad who wish to resist oppressive governments. 

We need stronger security systems, not weaker
Since 1999, the dangers of weak electronic security have become all too clear.

o The have been a long series of massive data breaches affecting even companies in the security industry. Tens of millions of U.S. citizens have been affected.

o Cyber criminals have developed “ransomware” systems so effective that the FBI’s best advice to victims is to pay the ransom. Even police departments have paid.

o Current government officials have warned of the dangers of cyber attack from China, Russia, North Korea, Iran, and even ISIL.

o In particular there is evidence that computers that control critical infrastructure, such as our water supplies and the electric power grid have already been infiltrated by malware controlled by foreign actors.

Weakening the security of our electronic networks is the last thing we should be considering in light of these threats.

We don’t want the terrorists to go silent
The recent attacks in Paris and San Bernardino demonstrate that small, self-sufficient terror cells need not communicate electronically in ways that would reveal their intentions. It does not take much imagination to see how others can do this in the future. U.S. government action to require backdoors in encryption products would only alert terrorists to shun any electronic communication whatsoever in planning their operations. Even if backdoored encryption exposes a few terrorist plots, others intent on evil will soon learn the lesson. But a great deal of valuable information can be gleaned from patterns of electronic communication, even if the messages themselves cannot be read. Requiring backdoors could shut off this valuable intelligence and truly blind us.

Please don’t weaken our security
Weakening the encryption on the computers we use has damaged and will continue to damage the security of our infrastructure, but it won’t stop the terrorists. As I wrote in 1999: 

“… the simple reality that strong encryption is widely available around the globe can rescue us from endless debate.”

Respectfully submitted,

Arnold G. Reinhold

Tuesday, October 20, 2015

It's Back to the Future day!

Tomorrow, October 21, 2015, is Back to the Future day. It's the date when the characters in the 1985 movie Back to the Future, Part !!, arrive in the future, 30 years ahead. 

In the first movie in the trilogy, Back to the Future, Part I, Doc Emit Brown accidentally sends Marty McFly 30 years back to 1955 carrying a 1985 Camcorder. Unable to use the broken time machine DeLorean to get back to ’85, Mary looks up the younger 1955 Doc Brown who marvels at the Camcorder, calling it “astounding, a television studio in a box.’ and is able to hook it up to his 1955 black and white TV. Was that realistic?

The transistor was invented in 1948, and the possibility of integrated circuits was being discussed in the early 1950s. In 1955 TV studios were recording programs on movie film using Kinescope technology. Ampex Corporation sold the first commercial video tape recorder, the $50,000 VR-1000, in 1956, but it is quite possible a know-everything inventor like Doc was already aware of the technology being developed.  The video output from the 1985 Camcorder would have been a clearly marked RCA connector. Those connectors date back to the 1940s, when RCA introduced them to allow record players to be connected to radio consoles. 

Attaching an oscilloscope to the connecter, Brown would quickly recognize a baseband television signal. It would be in “compatible color” NTSC, but that standard came out in 1953. Television receivers of the time did not generally have a video input, but adding one to a vacuum tube receiver would not be hard at all, a capacitor to the grid of the video amplifier stage would do it. And since NTCS color was designed to be compatible with older black and white sets, it all should just work.

Presumably Mary’s camcorder batteries were not completely discharged and it would be simple for Doc Brown to measure their voltage (if it wasn’t clearly marked on the unit) and hook up a suitable low-voltage DC power supply, or even a battery.

So yes, that scene in the film was realistic.

Now suppose the movie was remade 30 years later in 2015, the arrival year in Back the the Future, Part II. Marty would presumably be carrying an iPhone 6s. What would a 1955 Doc brown have made of that? 

Connecting the iPhone to his 1955 TV seems unlikely. The iPhone does not output an NTSC analog TV signal. The video signal it does output was unknown in 1955 and likely too fast for Doc’s oscilloscope to decode. While composite video adaptors are available, there is no reason Marty would have one with him. But of course Doc Brown could have watched the video on the iPhone itself.

Power is a bigger problem. If Marty happened to have a standard USB AC adaptor and Apple Lightning cable, it would plug into a 1955 ungrounded wall outlet, without any adapter. If not, Doc would likely be stumped. The Lightning plug has a chip inside that authenticates itself to the iPhone to prevent cables unauthorized by Apple from working, so there would be no way for Doc to connect external power through that port. The best he could do would be to carefully open the iPhone case, tricky to do without damaging the delicate insides, and charge the battery directly. 

In short, while a 1985 Camcorder would be comprehensible to a 1955 inventor, a 2015 iPhone would be darn close to magic. What will 2045 bring? Will vintage movie buffs be able to understand Back to the Future without interpretive notes?

The lesson for computer security: It's hard to predict the future of technology. Long term security requires very conservative designs.