Today we unveil a major report on whether law enforcement and intelligence agencies should have exceptional access to cryptographic keys and to our computer and communications data generally. David Cameron has called for this, as have US law enforcement leaders such as FBI Director James Comey.
This policy repeats a mistake of the 1990s. The Clinton administration tried for years to seize control of civilian cryptography, first with the Clipper Chip, and then with various proposals for ‘key escrow’ or ‘trusted third party encryption’. Back then, a group of experts on cryptography and computer security got together to explain why this was a bad idea. We have now reconvened in response to the attempt by Cameron and Comey to resuscitate the old dead horse of the 1990s.
Our report, Keys Under Doormats: Mandating insecurity by requiring government access to all data and communications, is timed to set the stage for a Wednesday hearing of the Senate Judiciary Committee at which Mr Comey will present his proposals. The reply to Comey will come from Peter Swire, who was on the other side twenty years ago (he was a Clinton staffer) and has written a briefing on the first crypto war here. Peter was recently on President Obama’s NSA review group. He argues that the real way to fix the problems complained of is to fix the mutual legal assistance process – which is also my own view.
Our report is also highly relevant to the new ‘Snoopers’ Charter’ that Home Secretary Teresa May has promised to put before parliament this fall. Mrs May has made clear she wants access to everything.
However this is both wrong in principle, and unworkable in practice. Building back doors into all computer and communication systems is against most of the principles of security engineering, and it also against the principles of human rights. Our right to privacy, set out in section 8 of the European Convention on Human Rights, can only be overridden by mechanisms that meet three tests. First, they must be set out in law, with sufficient clarity for their effects to be foreseeable; second, they must be proportionate; third, they must be necessary in a democratic society. As our report makes clear, universal exceptional access will fail all these tests by a mile.
For more, see the New York Times.
13 thoughts on “Crypto Wars 2.0”
There is now also a story in the Guardian, and an op-ed by Bruce Schneier.
The first sentence in this post is missing a word somewhere around “intelligence agencies to have exceptional access”
I fixed the typo: it now says ‘should have access’. I also updated the pdf document to which the post links; the one we first uploaded omitted author Matt Blaze by mistake. Sorry, Matt!
Now also in the Wall Street Journal and on the New York Times editorial page
And see Peter Swire’s testimony which pretty well hits the nail on the head.
I wonder if this government’s response to this expert advice on crypto will be analogous to the previous Labour government’s response to Professor Nutt’s expert advice on illegal drug policy: “Bring us the scientific evidence that supports our assertions or we will remove you”
@Geeb: To be fair, the Labour government did have a point over Nutt’s removal from his position (I had nothing to do with the Labour government but I can see their point). Nutt didn’t simply state that there was insufficient scientific evidence to support cannabis being put back in Class B. I read that Nutt used incomplete information from a subjective survey of clinicians to go beyond his remit by suggesting that taking ecstasy was safer than horse riding (irrelevant because horse riding has real-world benefits that taking illegal drugs does not); and by suggesting that cannabis was safer and less harmful than alcohol (so that we ought not to classify cannabis as any worse than alcohol) — which is basically correct, but utterly fails to recognise for example that:
1. Alcohol is a basic chemical which is easy to produce at home (the process can be accelerated with yeast and sugar), and thus extremely hard to control;
2. As a society, we have largely developed coping mechanisms and social norms for dealing with alcohol — whereas the same cannot be said of cannabis;
3. Nutt apparently ignored some types of harmful effects when making his statement. Evidence is still emerging about the effects of cannabis on the lungs, immune system, etc.
4. We have very little long-term epidemiological (esp. sociological) evidence (anecdotally, cannabis seems to me both dangerous and subtle — see below).
5. Opinions in his profession over the connection between cannabis and psychosis are controversial (Nutt disagreed with some fellow academics about this).
— In this context, Nutt’s public statements were totally irresponsible and unprofessional.
Recent news publications on cannabis include this:
A study was done recently, designed to pick apart the evidence for the various hypotheses: does marijuana/cannabis cause psychosis, or do psychosis sufferers self-medicate? It could be the study cited in this article, but I don’t have time to check. But the conclusions were, basically, that the old “self-medication” chestnut was put to bed. There’s an increasingly clear causal link from cannabis to psychosis.
I spent two years doing a job that required me to meet random members of the public on the street and in their homes, to reason with them and persuade them to make principled improvements in their lifestyle. I sometimes found that I could work with alcoholics and tobacco smokers (in their lucid moments), and persuade them to make little steps in the right direction, cumulatively transforming their lives and gradually giving them more power to do this for themselves. But wherever I encountered the distinctive stench of cannabis (about a dozen times for chronic abusers of strong cannabis, and dozens of times for occasional users of weaker forms), I saw clear evidence of psychosis (noticeable in all cannabis smokers, but particularly pronounced among those who chain-smoked strong cannabis and tobacco alternately and “grew their own”): the cannabis smokers were all to some extent de-motivated (pathologically “relaxed”), unemployed (“unemployable”), and paranoid (though capable of pretending otherwise for short periods, when perceived to be in their interests or in the interests of servicing their habit). It was impossible to persuade them to make any strategic long-term decisions, or even basic steps in the right direction. They were rudderless! Cannabis reduced them, long-term, into mere animals: worse, animals dependent on others for their survival; a shell of their former self.
So until Professor Nutt shows that he’s taking account of this pernicious form of psychosis which I have unmistakably observed in the real world; I’m not going to listen to him: he’s either an idiot or a liar, despite all of his technical qualifications; but either way, he’s dangerous. He can collect the subjective opinions of as many professionals as he likes who have not seen what I have seen, or have not been in a position to perceive the same problems; and they won’t mean a thing: such studies simply filter out the effects they’re not interested in.
I met plenty of cannabis smokers in their early 20’s with psychosis and paranoia (and no smokers of cannabis at all, who didn’t suffer from paranoia or at least elevated levels of cynicism).
On the other hand, I met plenty of people who drank alcohol occasionally but are basically decent, up-standing members of their family/ community/ employer’s business: in terms of psychosis, anecdotally, I think that alcohol might have a more potent but far more temporary effect. I struggled to find a chronic alcohol or tobacco abuser under the age of thirty with the same levels of psychosis that I saw regularly in cannabis abusers: it seemed to take much longer for alcohol and tobacco (even in combination) to cause the same levels of psychosis (even though they may cause more “PHYSICAL HARM”). The particular effects were different, so that by focussing on some types of harm and not others (say, the more obvious and immediate), we would draw the wrong conclusions.
So for me, the evidence was clear and convincing: I may not have the time or specialist expertise to review the technical details of the medical studies, I may not have Professor Nutt’s specialist expertise; but the results look anecdotally very credible to me. The “self-medication” delusion might work as a feedback loop, or help support mechanisms of addiction or make them harder to break; but there is an original causal link, and/or an amplifying feedback effect: taking marijuana/cannabis causes psychosis/paranoia.
As a self-employed person, I would consider employing an alcoholic in some fields of work (since they may sometimes be sober, they need money, and I’ve known of even severe alcoholics reforming: I count one among my close personal friends); but I would never employ a current cannabis smoker because while their speech may not be so slurred; you can never reason with those people because their mind never fully emerges into lucidity, even in the rare moments when they exit the cloud of smoke, perhaps for weeks or months afterward! They will always be looking for the chance to have a smoke “on the sly”. It doesn’t matter how many times you catch them, they will always think you won’t notice the next one, because their entire system of self-regulation and motivation has been undermined.
Nutt is perceived in some quarters (especially among drug abusers and those already sympathetic to a “liberal” position on drugs) as a kind of folk hero who was persecuted because he put science first; but this is not an honest or complete picture. Please excuse me that it irritates me so much when such weak forms of “science” are ignorantly promoted in this way. It irritates me because I have seen first-hand how dangerous these suggestions are.
The problem for the government is that there’s a cat-and-mouse game between drug enforcement and “legal” / undetectable “highs”. Should the government be bound to wait for hard scientific epidemiological evidence before banning or classifying a drug? Should the government ignore other forms of evidence, such as from studies of the nature of the chemicals involved (which might anticipate the later epidemiological evidence)? But no matter — in certain “liberal” political quarters, as in the legal departments of the tobacco companies in the 1980’s; they will forever be repeating the mantra:
“No evidence… No evidence…” i.e., not the sort of evidence I have pre-determined that I will accept.
What if we did the same for computer viruses: if epidemiological evidence was the only admissible justification for automatically deleting “potentially unwanted programs”?
Here is the journal version.
Here is a video of Ron Rivest presenting our paper.
And here is a Computerphile video I made on the subject
The link to the Computerphile video is broken. Could you please update it?
Sorry – fixed
We have written a significant followup piece on the lawfare blog.