Over the past 30 years, many law enforcement agencies like FBI and NSA have argued for weaker encryptions standards that ultimately allows them to break encrypted data with minimal computing power and effort. This has been done in the 1970s, with NIST and NSA introducing the Data Encryption Standards “DES”, a encryption algorithm that originally was designed for 64 bit keys but later weaken to 56 bit keys making it vulnerable to brute force attacks. In 1993, law enforcement agencies promoted a chipset called clipper chip intended to be a built-in hardware backdoor to prevent any encryption communication. Initially,the intention was for clipper chip to be adopted by telecommunications companies and for it to become a standard practice across all digital devices.
Based on public caution, government intentions and the rise of the Internet , new stronger encryption standards were developed from academia and private enterprise that require infeasible amount of computing power to brute force the keys of encrypted data. Many algorithms like AES and B-crypt achieve this level of security, yet many companies like Microsoft, Apple and Google had not initially implemented or conform to any form of cryptographic security. However over the past few weeks, Apple has implemented “full disk encryption” and has enabled it by default stating that Apple “...cannot bypass your passcode and therefore cannot access this data. So it's not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8.” In addition Google and Microsoft have follow implementing and enable full disk encryption by default in Android and Windows 8.
In a speech given at the Brookings Institute in Washington DC, the FBI Director James B. Comey raised concern over the expanding options for communicating over the Internet and the increasing adoption of encryption technologies. Comey has claim that the expansion of encryption could leave law enforcement agents “in the dark” and unable to collect evidence against criminals. He argues that default encryption schemes give child predators, violent criminals, and crafty terrorists the upper hand and unintentionally provide protection and privacy against evidence collection. In addition Comey uresh companies to build surveillance capabilities into the design of their products and allow lawful interception of communications. He argued.“Those charged with protecting our people aren’t always able to access the evidence we need to prosecute crime and prevent terrorism even with lawful authority,” Comey said in the published speech. “We have the legal authority to intercept and access communications and information pursuant to court order, but we often lack the technical ability to do so.” In essences, law enforcement agencies want citizens to accept spying as a possibility and to rely on policy, rather than on encryption technologies.
According to Laura W. Murphy, director of the Washington Legislative Office of the American Civil Liberties Union, “ALCU” “Whether the FBI calls it a front door or a backdoor, any effort by the FBI to weaken encryption leaves our highly personal information and our business information vulnerable to hacking by foreign governments and criminals,”
From my perspective, we have seen the same debate and actions from law enforcement agencies over 30 years due to computational encryption.
No comments:
Post a Comment