The Eleventh HOPE (2016): "Crypto War II: Updates from the Trenches" (Download)
Friday, July 22, 2016: 5:00 pm (Lamarr): For several years, law enforcement has been complaining that legal wiretaps are “going dark” (especially when encryption is used), and has been lobbying lawmakers to mandate “surveillance-friendly” technology that allows the government to break encryption and unlock devices under certain circumstances. At the same time, computer and network security is universally recognized to be in an increasingly dangerous state of peril, and technologists worry that “backdoor” mandates will only make things worse.
We’ve been here before, not long ago. In the 1990s, after the government proposed the “Clipper Chip” key escrow system, we had a similar debate with similar stakes. It was finally resolved when the government essentially gave up and finally allowed cryptography to proliferate.
This talk will review the current cryptography debate, will examine the risks of the “keys under doormats” that the FBI is asking for, and will explore technical alternatives that could satisfy the needs of law enforcement without making computer security more of a mess than it already is. In particular, Matt and Sandy will examine the viability, and risks, of law enforcement exploitation of existing vulnerabilities in targets’ devices to obtain wiretap evidence.
We’ve been here before, not long ago. In the 1990s, after the government proposed the “Clipper Chip” key escrow system, we had a similar debate with similar stakes. It was finally resolved when the government essentially gave up and finally allowed cryptography to proliferate.
This talk will review the current cryptography debate, will examine the risks of the “keys under doormats” that the FBI is asking for, and will explore technical alternatives that could satisfy the needs of law enforcement without making computer security more of a mess than it already is. In particular, Matt and Sandy will examine the viability, and risks, of law enforcement exploitation of existing vulnerabilities in targets’ devices to obtain wiretap evidence.
Matt Blaze, Sandy Clark