You have the right to remain encrypted

Originally published at: https://boingboing.net/2019/08/02/you-have-the-right-to-remain-e.html

…

Good luck banning math.

You can do a Diffie-Hellman key exchange with a pocket calculator. Anyone care to establish a shared secret? Let’s use the 2048-bit MODP Group. My public key (in hexadecimal) is:

0x4a94151f1329624e252f78b7f29fc9790d7862a7a1e43d1a8c1dff56398b5c268ceb90cb3de5ce56c86972af0850e2dcce56aa1aefc77fcd2370e4d6d7964f0b1846f5e08f906efea98199aef765c76996309d73641233793172d7a56442bc19bc0b4bc1d761aa7cd40f22f43229a11b5810b459b280d98da10b32c60e5cfa6822309d573b1023299ac09b4a36da2dda906cc39707cd92b968fe0916714e00f9d307254287c7c4a17990cd65a3a1ee884e6e97f92a92747a66f7b1e22b0dfd4d9e205c7a6807e5928a5f2563cc60d79d24d48572394c3afd93bc983bb49bf5f0eac0b0691589993e3a1a155198aa522991dde1fc3b1793d21186fc61690e1c7e

(I cheated and used Python because my calculator doesn’t like 2048-bit numbers much)

Encryption back doors are simply another way of saying “bad encryption" … Even if a “back door” were cryptographically sound, and it’s not, we would still be creating a single point of failure.

Having a backdoor in your phone’s encryption system is like having an emergency backup password that will unlock it, except that everyone has that same backup password. The password (the information needed to access the backdoor) becomes incredible valuable because it will unlock a huge number of phones and a massive amount of personal data. Bad guys will be motivated to do severe things like kidnap and threaten to kill the families of personnel who have access to it. Will the Federal Government provide round-the-clock security for a huge number of such civilians?

Years ago a t-shirt that had a few lines of LISP code on it that implemented an encryption scheme was declared a strategic munition by the government, and the kid wearing it was not allowed to board an overseas flight. He was threatened with being charged with treason. Politicians apparently haven’t gotten any smarter.

Without strong encryption, police officers can potentially transform our cellphones and computers into a de facto government tracking device.

As opposed to just being the corporate tracking devices we all know and love.

“You have the right to remain silent.” We’ve heard the Miranda warning countless times on TV, but what good is the right to remain silent if our own cellphones testify against us?
This is the age of IoT - your smeggin’ toaster or bathroom scales will rat you out.

Imagine every incriminating and embarrassing secret our devices hold in the hands of prosecutors, simply because you’ve been accused of a minor crime.
Your incriminating and embarrassing secrets stopped being secrets the second they went into your devices and into “the cloud”.

They won’t even have to. Someone will leave it on a post-it note on their monitor. Or email it to themselves. Or share it with a contractor. Any system like this will be compromised within hours, whether publicly known or not.

If truly secure encryption is banned, then only criminals will have truly secure encryption. The rest of us lose the ability to properly secure our sensitive transactions. If you can root your phone, you can have truly secure encryption. But you can only communicate with other criminals. Banks, stock brokers, doctors, etc are forced to use broken encryption so you will have to as well.

Even if some sort of phone hardware is developed that makes it impossible to root (unlikely), there are millions of legacy devices that can be rehabbed and rooted. Criminals have no need to worry. The rest of us do.

All true, but you don’t even need to invoke the fifth amendment. The first is sufficient. If I want to send a random string of digits, or any string of digits at all, to a friend, there is no exception to the first amendment for that. Similarly, if I want to apply a mathematical algorithm, there’s no exception for that either.

Codes and math both existed when the constitution was written, but they didn’t include exceptions for them in the first amendment. In fact, those guys would probably have gathered an armed mob and killed the people responsible long before things got anywhere near the point where an officer of the government was suggesting forbidding using codes.

what to believe…

Should that headline read: “You have the right to remain encrypted unless Bill Barr has his way.”? Looking at the headline on my phone for just a minute there I was thinking Bill Barr made a hard 180 privacy policy wise.

Why do you feel the need to blame the victims here?

With modern encryption you can post your secrets on the front-page of a newspaper and they would still be safe. Using that same encryption your secrets are plenty safe on a personal device, or even on “cloud” storage.

What they are proposing is a way to make the keeping of all kinds of secrets in a digital manner impossible. The problem of keeping your secrets secret is a solved issue, they want to unsolve it.

This topic was automatically closed after 5 days. New replies are no longer allowed.