Security Market Segment LS
Wednesday, 24 July 2019 10:24

US calls for backdoors in apps that use encryption

US calls for backdoors in apps that use encryption Pixabay

The United States has called for the creation of backdoors in apps that use encryption, arguing that consumers should accept this risk to allow law enforcement access to encrypted communications.

In a speech to an international conference on cyber security in New York on Tuesday, attorney-general William Barr said: "While we should not hesitate to deploy encryption to protect ourselves from cyber criminals, this should not be done in a way that eviscerates society’s ability to defend itself against other types of criminal threats.

"In other words, making our virtual world more secure should not come at the expense of making us more vulnerable in the real world. But, unfortunately, this is what we are seeing today."

Barr called on technology firms to do more to provide government in gaining access to devices once they had a legal order to do so.

He did not rule out the passing of legislation to force technology companies to create backdoors, in the same way that Australia has done.

Barr's speech ran to more than 4000 words. He cited three ways in which encryption can be bypassed, all of which have been raised before.

One envisions the addition of an account to an encrypted chat channel, with the provider of a service doing so to enable a law enforcement official to snoop.

The second was proposed some years by Microsoft's Ray Ozzie: the creation of a key escrow system where a dedicated hardware device stores encryption keys that would be accessible only by law enforcement. No solution has yet been proposed that meets these specifications.

A third idea, first proposed by Matt Tait, a former employee of GCHQ, is for so-called layered cryptographic envelopes.

In Barr's words, "Our colleagues from GCHQ have proposed 'Virtual Alligator Clips' which allow a provider to respond to a warrant by adding a silent law enforcement recipient to an otherwise secure chat.

"Ray Ozzie has tabled a proposal for 'Exceptional Access Keys' for locked, encrypted phones so they can be unlocked pursuant to a warrant. Matt Tait has proposed Layered Cryptographic Envelopes to allow lawful access to encrypted data-at-rest on disks or other storage devices."

And he added: "I am suggesting that it is well past time for some in the tech community to abandon the indefensible posture that a technical solution is not worth exploring and instead turn their considerable talent and ingenuity to developing products that will reconcile good cyber security to the imperative of public safety and national security.

"As Microsoft’s Bill Gates has observed, '[t]here’s no question of ability; it’s the question of willingness'.”


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments