From Real-Time Intercepts to Stored Records: Why

advertisement
“From Real-Time Intercepts to Stored Records:
Why Encryption Drives the Government
to Seek Access to the Cloud”
Peter Swire
Moritz College of Law
Ohio State University
TPRC 2012
September 22, 2012
Current Research:
Crypto & De-Identification
Encryption and Globalization
• India, China, and first full legal/policy analysis
since the crypto wars
Going Dark vs. a Golden Age of Surveillance
From Real-Time Intercepts to Stored Records:
Why Encryption Drives the Government to Seek
Access to the Cloud (today’s paper)
Next: De-ID project with Future of Privacy Forum
• Law and policy of masking technologies
• The articles available online
Setting the Context …
1990’s FBI and NSA worry that encryption
would block lawful surveillance
1999 White House shift to permit strong
encryption
“Why Johnny Can’t Encrypt”
• Whitten & Tygar, 1999
• Low encryption adoption
• Tech literature had not shifted from that view
Encryption Adoption
Now Widespread
VPNs
Skype & other VoIP
Blackberry email
Gmail now, other webmail soon
SSL pervasive (credit card numbers)
• Dropbox & many more
Facebook enables HTTPS, may shift default
Result: interception order at ISP or local
telco often won’t work
What are the agencies to do?
Ways to Get Communications
1.
2.
3.
4.
Break the encryption
Get comms in the clear (CALEA)
Get comms before or after encrypted (backdoors)
Get stored communications, such as in the cloud
#4 is becoming FAR more important, for global
communications
Also, temptation to do more #2 and #3
Overview
Phone
call
Alice
Local
switch
Telecom
Company
Local
switch
Phone
call
Bob
Overview
Phone
call
Alice
Local
switch
Telecom
Company
Local
switch
Phone
call
Bob
Hi Bob!
Alice
Alice ISP
Many
Nodes
%!#&*YJ#
$&#^@%
%!#&*YJ#
$&#^@%
between
ISPs
%!#&*YJ#
$&#^@%
%!#&*YJ#
$&#^@%
%!#&*YJ#
$&#^@%
%!#&*YJ#
$&#^@%
%!#&*YJ#
$&#^@%
%!#&*YJ#
$&#^@%
%!#&*YJ#
$&#^@%
%!#&*YJ#
$&#^@%
Bob ISP
Hi Bob!
Bob
Problems with Weak
Encryption
Nodes between A and B can see and copy
whatever passes through
Many potential malicious nodes
Strong encryption as feasible and correct
answer
When encryption adoption rises . . .
Hi Bob!
Encrypt
Bob's public
key
Alice
Encrypted message –
%!#&YJ@$
– Alice's local ISP
%!#&YJ@$
– Backbone provider
%!#&YJ@$
– Bob's local ISP
%!#&YJ@$
Decrypt
Bob's private
key
Hi Bob!
Bob
Ways to Grab Communications
1. Break the encryption:
1. Keys are with the individuals
2. Crypto today is very hard to break
2. Get comms in the clear
1. CALEA requires that for phone
2. FBI proposal to extend to Internet
3. Get comms with hardware or software before
or after encrypted (backdoors)
4. Get stored communications, such as in the
cloud
Don’t Extend CALEA to
Internet
Bad cybersecurity to have unencrypted IP go
through Internet nodes
How deep to regulate IP products & services
• WoW just a game?
• Make all Internet hardware & software be built
wiretap ready?
• That would be large new regulation of the
Internet
• Could mobilize SOPA/PIPA coalition
Ways to Grab Communications
1. Break the encryption
2. Get comms in the clear
3. Get comms before or after encrypted
(backdoors)
4. Get stored communications, such as in the
cloud
Governments Install Software?
Police install virus on your
computer
This opens a back door, so
police gain access to your
computer
Good idea for the police to be
hackers?
Good for cybersecurity?
Governments Install
Hardware?
Reports of telecom
equipment that
surveil
communications
through them
Can “phone home”
Good to design
these vulnerabilities
into the Net?
“Chinese Telecoms
May Be Spying on
Large Numbers of
Foreign Customers”
[The Atlantic, 2/16/2012]
Ways to Grab Communications
1. Break the encryption (but can’t)
2. Grab comms in the clear (but CALEA a bad
idea)
3. Grab comms before or after encrypted (but
backdoors a bad idea)
Therefore:
4. New emphasis on stored communications,
such as in the cloud
Conclusions
Technology
• Gmail & Skype can encrypt, even if Johnny can’t
• Change our assumptions about adoption
Law
• Important emerging debates on data retention
mandates & lawful access rules
• Split between “have” & “have not” jurisdictions
Industry
• Cloud providers at the center of future debates
on government access
Download