AP and others are reporting that FBI director James Comey has asked for “an adult conversation about encryption.” As I’ve previously opined, we need just such a dialog between policy makers, the technical community, and the law enforcement community, so that the technical community has a clear understanding of what it is that investigators really want, and policy makers and law enforcement have a clear understanding of the limits of technology. At the moment, however, it cannot be about give and take. Just as no one cannot legislate that π = 3, no one can legislate that lawful intercept can be done in a perfectly secure way. Mr. Comey’s comments do not quite seem to grasp that notion. At the same time, some in the technical community do not want to give policy makers to even evaluate the risks for themselves. We have recently seen stories of the government stockpiling malware kits. This should not be too surprising, given that at the moment there are few alternatives to accomplish their goals (whatever they are).
So where to start? It would be helpful to have from Mr. Comey and friends a concise statement as to what access they believe they need, and what problem they think they are solving with that access. Throughout All of This, such a statement has been conspicuous in its absence. In its place we have seen sweeping assertions about grand bargains involving the Fourth Amendment. We need to be specific about what the actual demand from the LI community is before we can have those sorts of debates. Does Mr. Comey want to be able to crack traffic on the wire? Does he want access to end user devices? Does he want access to data that has been encrypted in the cloud? It would be helpful for him to clarify.
Once we have such a statement, the technical community can provide a view as to what the risks of various mechanisms to accomplish policy goals are. We’ve assuredly been around the block on this a few times. The law enforcement community will never obtain a perfect solution. They may not need perfection. So what’s good enough for them and what is safe enough for the Internet? How can we implement such a mechanism in a global context? And how would the mechanism be abused by adversaries?
The devil is assuredly in the details.