I’m not saying that it’s a good idea. I’m just saying that it’s technically feasible. Multikey encryption isn’t the same as a Backdoor that would bypass encryption. It would be just as secure as normal private key encryption as long as those keys remain private.
What I am saying is that suggesting that that we look at those options is not “technically impossible” nor is it being a “math denialist”.
Please explain how you propose to implement something better than key escrow using MPC, because it is not obvious at all.
The design of Dual_EC_DRBG fits one definition of “secure backdoor” very well, it also gives the NSA a master key to break everything, and it poses exactly the same issues as any backdoor.
A subset of the request is technically possible.
Keeping the secret keys secret is what is truly impossible. Forcing the users to be compliant with this crap as well; I think the Clipper Chip got its key escrow part spoofed so it escrowed a wrong key.
I for one would greatly hesitate to use such system.
The moment they are used, of course, there is a risk that they will cease to be private.
A consequence of the creation of the ultra-wealthy is that there are non-State actors who have the resources to overcome the moral scruples of just about any employee of any government. The present tax system means that various corporations have large assets outside the US, hidden away by ingenious tax schemes. So, Mr. NSA person with access to the key, how about a billion dollars and a new identity?
And then there’s Snowden who would have done it for free.
I agree with the comments that this is a Bad Idea™ and there would certainly be issues with keeping a gov’t key secure. But that doesn’t make it impossible - we’ve done a fine job using air gapping in the military to keep secure information from ever connecting to outside networks.
Given that one of the frustrations of his presidency was certain peoples obsession with the text of one 225 year old sentence this really should be no surprise to him.
Especially that bit at the end about using decks of cards as one time pads. They’ll be coming for @frauenfelder’s Bycicle decks next…
I think there were some airgapped installations in Iran that got Stuxnet-infected.
There are ways to exfiltrate things even through air gap. I can imagine a Stuxnet-like sneak attack to infiltrate the network, then exfiltrate the data by e.g. EMI/Tempest (see “Tempest fur Elize”, and you can do the same with memory bus, PCI bus, and other ways, not just the screen). Or bribe somebody to plug in a thumbdrive for just a moment.
“the kind of balance we have lived with for 200, 300 years”
I’d say that that balance was blown away by the invention of smartphones and their use as ubiquitous life-logging and -recording devices, and that always-on, rock-solid, black box encryption helps restore the balance. I’m sure he’s thought of that, he’s just choosing not to acknowledge it because it doesn’t support his argument.
(Not to mention: drones large and small, stingrays, dirtbox planes, Gorgon Stare, traffic light cameras, area monitoring cams, cameras the size of shirt buttons and microphones the size of pen points, hi-res look-down satellite imagery, GPS, device location tracking, automotive black boxes, whatever we do with autonomous vehicles, the Cloud, lives lived online, thumbprints to get into the gym, fusion centers, eternal databases and the processing power to use them, etc., etc., etc., none of which existed 200 or 300 years ago. If you want to talk about balance.)
What if there was a viable backdoor into our brains? Should we all be required to have one installed to only be used at the discretion of the government? Could solve a lot of crimes… (I’m sure there is a sci-fi story examining this already ie are our brains employing a type of warrant proof encryption, legally speaking?)
I’m one of those “encryption absolutists”. We’re in a LOT more danger if our secure communications are routinely hacked by our enemies than if the State is unable to drop the hammer on a few sexting teenagers (the most common form of “child pornographers”, these days), drug dealers or anti-government activists. Because you all KNOW that the State isn’t interested in cracking Syed Farrook’s phone as much as they are interested in breaking into the dozen “alleged” drug dealers’ phones currently in possession of the New York district attorney’s office.
Most real-world analogies to the iPhone encryption issue stink, but this may be closer than most. Imagine that Dupont or Firestone were to invent an INVULNERABLE tire that CANNOT be punctured. Is the State going to ban this tire just because the Highway Patrol will no longer be able to use tack strips to stop fleeing criminals?
But Obama is a big believer in the power of the almighty State; he was ALWAYS a communist. He was a Red Diaper baby, always trying to destroy the United States. If you haven’t see this before, please WAKE UP and realize that HE is the enemy of liberty.
If Obama is a communist, he’s completely hopeless at it.
BTW, I’m pro encryption and a borderline anarcho-communist.
Valerie made him do it.
I didn’t say he was COMPETENT - I said he was a COMMUNIST. “Communist” has historically been implemented incompetently.
But I’ll grant you this; he is UNUSUALLY incompetent at everything he has done.
Dear @Kenneth_Mitchell. I feel you should be aware that some asshole is appending crazy paragraphs to the end of posts with your name on them.
He literally has no communist policies. Literally none. I think you need to read up on a) what communists in the 20th century actually did and b) what communists theories are.
No, the point in both cases is that relevant technical experts should make the decisions on technical decisions, and government should implement the decisions. In the case of crypto, cryptologists, in the case of vaccinations, immunologists and related biomedical scientists. Government interference isn’t the problem – it only is a problem when it isn’t based on the opinions of the vast majority of relevant experts.
Obama is taking an absolutist position here, insisting that the government must always be able to get into everything.
Petraeus.
