Friday, November 20, 2015

Encryption backdoors are a fool's errand

It's no secret that the government wants encryption backdoors. But will they really help in the fight against terror?  A convincing argument can be made that implementing encryption backdoors will actually hurt intelligence operations.

Today it seems reasonable to assume that any well-funded intelligence organization has some practical attacks against modern mainstream cryptography.  What they likely don't have is unlimited time and resources to reverse engineer thousands of new custom cryptographic implementations.  But if we backdoor cryptography, that's exactly what we'll get.

More custom crypto - is that a good thing?
The very people who lawmakers want to spy on with encryption backdoors will turn to custom solutions. Cryptographers may initially say this is good. The road is littered with the bodies of the many who have tried and failed to implement secure custom encryption systems. In tech we even have the phrase "don't roll your own crypto."

At Rendition Infosec, custom crypto implementations (and poor configurations of existing implementations) are always findings in any software assessment. In the current landscape where good crypto is unbreakable by anyone other than dedicated intelligence organizations (and even then, only with significant effort), rolling your own crypto almost always a mistake.

Almost always a mistake... That is unless you KNOW that your adversary can circumvent existing solutions.  In that case, rolling your own crypto is the only sane thing to do.  If we change the playing field, we must expect the players to adapt.

But will we get better intelligence?
Placing backdoors in encryption will lead to some intelligence gains. But they will be among low level assets of little Intel value who practice bad OPSEC.  Those with good OPSEC (the really dangerous guys), will turn to custom solutions developed in house.  Terrorists will employ mathematicians and computer scientists who share their views to help develop custom crypto solutions.  There's some evidence that Al Qaeda is already doing this.

While custom implementations may have structural weaknesses, they won't be standards based.  Each solution will require dedicated reverse engineering, and this is hard work.  Remember, we aren't talking about standards based crypto here.  EVERYTHING has to be reverse engineered from the ground up, totally black box. If they roll out new algorithms periodically, all the worse for intelligence agencies trying to monitor the terrorist communication.

What then? Just exploit the endpoint so we don't need to reverse engineer the custom cdatao?  Yes, that sounds like a good plan... Or does it? If we can reliably attack terrorist endpoints today, then why worry about backdooring encryption?

Do something, do anything
In the wake of any terrorist attack, it's easy to feel like soemthing must be done.  We drive on emotion and doing anything is better than nothing. But remember, that's how we got warrantless bulk collection programs in the first place.  Perhaps "something" should be better sharing of intelligence data. According to open source reporting, several of the Paris attackers were on US intelligence watch lists.

Closing Thoughts
I'm not a terrorism expert. But I am computer security expert.  I know that putting backdoors in encryption won't serve the original stated goals of monitoring only terrorist organizations. And that's because terrorist organizations won't use the backdoored cryptography.  They'll know better. But after the expense of the backdoor projects, intelligence agencies will be forced to show results.  They'll use the capability for parallel construction, much like the DEA is revealed to have done with other data.  In the end, the crypto will only make all of our communucations weaker.

1 comment:

Note: Only a member of this blog may post a comment.