1

Sheyne AndersonHONOR 3374: Privacy in a Digital Era

29 April 2016

On the Importance of Encryption for Those Who Have Nothing to Hide

Encryption has been in the news a lot lately as regulators attempt to limit its use and privacy advocates fight to defend it. What is encryption and why is it so important? At a basic level, encryption is using some secret thing called a key, such as a password or a file, and using it to turn messages into ciphertext, something that cannot easily be turned back into the original message without the key. In a world where our communications are increasingly traveling along paths we cannot see, encryption is the way that we can communicate and be confident that no one else is listening.

Most people have things that they would rather keep private. People ship their mail in envelopes, hold some conversations behind closed doors, and worry about scammers getting their social security number. Others have more critical things that they prefer to keep secret. Victims of domestic abuse try look for support covertly and spies try to keep their identity a secret. Using encryption helps these people not stick out. Building a cryptosystem which can be disabled at government behest is impractical and unwise. Such a broken system wouldn’t help law enforcement very much anyway, most criminals don’t use encryption as their only means of protection. In a digital era, encryption should be a fundamental part of how we communicate, of concern to everyone, and protected by statute.

Most people do not recognize that everything they transmit over the internet can be intercepted, viewed, and even changed. Because the internet is so vast and complicated people have a hard time comprehending this, but anything transmitted is sent on a complicated path of routers or devices that transmit data. Each message can take a different path, and any router in the path can read the message. Before most major websites adopted encryption for all of their traffic, someone could start up wireshark (a program that lets people see messages transmitted on their network) and intercept account credentials of anyone who logged in to something. Tools like FireSheep1 would automatically give users access to other people’s Facebook accounts as they logged in.

This poses the issue: why do we even care to hide what we are saying? People

who think they have nothing to hide often think that they have no use for encryption.

The same could be said about the fourth amendment, only people who have something

to hide should be concerned about the police searching their home. While we will soon

see that there are problems with this argument, it is rendered moot by the fact that

1 https://www.torproject.org/about/overview

2

nearly everyone has something to hide. Do you own a credit card? Do you show

everyone you meet the number? If you do not then you have something you hide. Do

you announce your social security number to strangers? You have something you hide.

More than twenty years ago Philip Zimmermann (the author of industry standard

encryption software PGP) commented that nearly everyone hides their mail in

envelopes2. Most of us would rather that not everyone working for the postal service can

read our personal messages, and because of this, envelopes are in common usage.

Imagine a world where most people just write postcards; anyone securing their

communication with envelopes might be considered radicals or terrorists.

Zimmermann’s essay seems especially prescient when he says “But the mere fact that

the FBI even asked for these broad powers is revealing of their agenda” while arguing

that the government would slowly increase their surveillance capacity until they reached

the level of an Orwellian state. A few years ago the encryption debate was brought into

the public eye when NSA analyst Edward Snowden revealed the scope of the United

States government's surveillance apparatus. As evidence that this issue has reached

mainstream debate, a popular satirical news show, “Last Week Tonight with John

Oliver” discusses the issue with Snowden. Oliver traveled to Russia to interview

Snowden and gave a controversially confrontational interview. He attempted to put the

question of government surveillance in a context that people would actually care about.

Oliver did this by handing Snowden a picture of his penis and asking how the various

NSA surveillance programs would get access to his “Dick Pic”3. By giving a concrete

2 https://www.schneier.com/blog/archives/2015/09/tsa_master_keys.html

3 https://en.wikipedia.org/wiki/AACS_encryption_key_controversy

3

example of something which many people do (take nude pictures) and consider private,

Oliver shows how surveillance and security issues affect everyone.

People also have access to other entities’ private data. Corporations have a

strong incentive to protect their trade secrets. Most have extensive records on their

employees. Employees will have access to some amount of this information. This might

be in the form of credentials to the company database, or may be data directly stored on

their machine. A programmer would have access to the company’s source code, often a

closely guarded secret. Lovers might have intimate photos of each other stored on their

phones. Someone may text their friend a message in confidence. Even if someone is

not interested in protecting their own privacy, protecting confidence bestowed on them

is still important.

Using encryption software to mask communications is valuable even if someone

truly does not have anything to hide. If using encryption is not mainstream, then the only

people using it will be “people with something to hide” and this is dangerous because

there are many groups that most people would agree need to be protected. Victims of

domestic abuse may be trying to get support in an anonymous manner. Let us assume

that an assailant can see that their victim(s) are sending encrypted messages. If

sending encrypted messages is not common practice then they will be suspicious.

Concern that this will happen might prevent victims from seeking help. Undercover cops

will want to use encryption and anonymity tools to infiltrate crime rings and

communicate with their handlers, but again, if the only people using the technology and

people who really need to hide then it has no value. A mob boss will be suspicious of

any mobsters using encrypted chat tools. A popular piece of anonymizing software,

4

TOR’s website states4 “Tor hides you among the other users on the network, so the

more populous and diverse the user base for Tor is, the more your anonymity will be

protected.” Tor was originally funded by the US government as a way to hide spies’

communications. It needed widespread adoption so that it could be effective at hiding

spies. Under the same logic a whistleblower living in a corrupt country may try to reveal

corrupt habits of politicians. As long as anonymous communication software is

prevalent in that county, the corrupt individuals outed will have no way to track down the

whistleblower.

When thinking about algorithms in computer science, we often simplify things by

referring to them as a black box. Such a simplification allows us to not worry about the

internal workings of a system and just consider what inputs the system takes and the

outputs it produces. While treating encryption as a magical black box that uses a key to

lock our data is sufficient for this paper, it is worth noting a couple of properties about

the box. The first thing is that it is not perfect. Perfectly encrypting something is possible

but requires the use of a key that is as long as the message to be encrypted. The key

must also be truly random, never reused, and transmitted to the recipient over a secure

medium. This is called a one time pad (OTP) and is completely unreasonable in

practice. There do exist ways to encrypt things that make it very computationally

intensive to break. Good encryption algorithms with good keys would take the lifetime of

the universe several times over to decrypt without the key. The second principle is that

nothing about the black box should be considered secret. The algorithms involved with

the encryption process are public knowledge. The only secret thing is the key. This is

4

http://www.wsj.com/articles/SB10001424052702304202204579252022823658850

5

important because it allows us to reason about cryptography and make guarantees

about its security. This removes the false sense of security that comes with secret

algorithms. It also encourages peer reviewing of algorithms to make sure that they end

up strong.

In addition to the black box that can use a key to encrypt and decrypt messages,

cryptographers have developed a second kind of box called asymmetric key encryption.

This uses two keys, one that encrypts and one that decrypts. It is analogous to mailing

someone an unlocked safe and having them put their message in the safe, lock it, and

mail it back. No one (even the person locking the message) can unlock the box except

the person holding the key. In the encryption world, the safe is called a “public key” and

the key that unlocks the safe is called a “private key.”

Using both kinds of black boxes discussed above we can think of a way to

appease law enforcement. What we will build up is called a key escrow system or a

back door. The idea is that we want symmetric (same key) encryption to do exactly as

described above with the added property that it has a second key that can decrypt any

encrypted message. To be practical, the master decryption key should not be known by

the encryption algorithm (otherwise anyone studying the algorithm would be able to

decrypt any message). This is where asymmetric key cryptography comes into play.

Imagine if the new backdoored encryption algorithm did everything as normal (with a

key let’s call K1), then used a well known public asymmetric key to encrypt K1.

Someone could then decrypt the file as normal, or, a third party with access to the

master decryption key that was paired with the well known public asymmetric key would

6

be able to decrypt K1, and use that to decrypt the message. For clarity, since the above

idea is quite complicated, I’ve included a picture describing the functionality.

There are other ways to make a key escrow system. There have been proposals

for the widespread adoption of some kind of key escrow system in the US since the

‘90s. The US government actually went so far as to build a custom hardware circuit (at a

time when it was computationally unreasonable to perform the encryption in software)

that included a government-backed key-escrow system. This was called the “Clipper”

chip and sparked major controversy in a time where encryption was still classified by the

US government as a munition and controlled by strict export regulations.

The problem with key-escrow systems is who to choose as the authority. The

organizations calling out for the creation of backdoors are most often governments, so

should governments hold the keys? However, they are asking private companies to

ensure that they (the companies) can decrypt customer data, so should the companies

hold the master keys? And companies are increasingly globalized, so should the US

government be able to compel Apple to decrypt a British person’s phone? How about

China asking to decrypt a US citizen’s phone? Should the US government be

responsible for the keys? How about the UN?

Even if there were some magical organization that actually had the authority to

hold the keys to the world’s data, how would such a system work? Would all requests

have to go through this central agency? How would we make sure that the information

Master Private Key (can unlock)

Key (K1)Encrypted with master public key (well known)

Message

Authority

Encrypted with K1

Saved to file

7

was turned over to the correct party? While all these problems are solvable, there is one

glaring issue that cannot be overlooked. What happens in the case that the key is

stolen? Electronic goods cannot be thought of like regular goods: once something is out

there, it costs next to nothing to make a copy of it. Copy after copy is made, and every

one of those copies can be copied again. At this point, the keys to everyone’s private

information are public and anything that has been encrypted up to that point can be

recovered. All machines will be vulnerable until an update is pushed, which in practice

will take a really long time. There are ways to mitigate these threats, specifically

encryption schemes that have a property called forward secrecy5, but using these

protocols would break our backdoor. The idea with a backdoor is that it should be able

to decrypt any message and is thus incompatible with forward secrecy. We cannot

assume that this magical organization is capable of keeping the keys secret forever,

even organizations with a huge financial incentive6, and the US government7 has been

shown to mishandle and leak public keys.

Exfiltration of master keys aside, the NSA has been criticised several times for

failing to ensure that agents handled sensitive content appropriately. There are

allegations8 that operatives would pass around sexy or compromizing pictures captured

5 http://bgr.com/2016/03/22/paris-attacks-iphone-encryption/

6 http://www.nist.gov/itl/csd/sp800-90-042114.cfm

7 https://www.wired.com/2013/09/nsa-backdoor/

8 http://arstechnica.com/tech-policy/2016/04/senators-play-terror-card-to-lobby-

public-for-backdoor-crypto-legislation/

8

by various programs. While the NSA has denied the claims, Snowden holds that there

was little to no auditing of the 18 to 22 recruits operating many components of the

program.

Given all the dangers discussed above, a master key would have to be incredibly

useful to national security to merit the risks. The problem is that we have not had a

single incident that having the ability to decrypt terrorist communications would have

averted. In the Paris bombings, the terrorist (probably concerned by the US and her

Allies’ surveillance capabilities) did not depend on encryption to communicate, but used

low-tech burner phones9. Boxes and boxes of the phones were found. An ex-NSA

analyst has argued that the NSA does not need more information. He argues that the

clues to solve most major incidents end up intercepted by the NSA, but that they are so

overwhelmed with the amount of information they are taking in that they can not find the

threat in time. Instead of more information, the NSA needs better ways to sift through

the data they already have10.

The government is powerfully interested in inserting a backdoor in

telecommunications. Efforts include consistent attempts to legally mandate backdoors.

The FBI has been incredibly vocal of late in their requests for legally mandated

backdoors. The NSA has worked to subvert the security community by introducing

covert backdoors into public encryption standards. They’ve also built tools capable of

defeating the TOR network.

According to classified documents leaked by Snowden, the NSA has spent

hundreds of millions of dollars to “defeat the encryption used in specific network

9 http://thehackernews.com/2016/02/encrypt-act-2016.html

10 https://www.youtube.com/watch?v=XEVlyP4_11M

9

communication technologies” in covert project Bullrun. While little is known about the

project, one of the most commonly cited examples is the backdooring of the

Dual_EC_DRBG. Dual_EC_DRBG is a PRNG or pseudo-random number generator.

While it is impossible for deterministic computer code to produce truly random numbers,

it is possible to produce numbers that cannot be predicted without the “seed” or small

amount of information used to start the PRNG. Dual_EC_DRBG was proven to be

strong assuming certain math problems are hard to solve (we still believe they are) and

assuming that certain parameters P and Q were chosen randomly. It is widely believed

(although not proven) that the NSA chose P and Q to satisfy the equation e*Q=P where

e is some constant known only to the NSA. Because of the construction of the problem,

solving for e is not as simple as dividing by Q (for more information read about modular

arithmetic11 and factoring.) This e becomes a backdoor, allowing them to predict the

output of the PRNG. This allows them to break many widely used encryption algorithms

assuming that the algorithm is run with Dual_EC_DRBG. The NSA successfully

convinced RSA Security to use Dual_EC_DRBG as the default PRNG for all their

customers. As a result, a huge portion of all web traffic was vulnerable.

Dual_EC_DRBG has since been removed as a recommendation by NIST12 and by RSA

security. There had been some suspicion that the NSA had backdoored

Dual_EC_DRBG before the Snowden revelations and you can find an easy-to-

understand discussion of the whole issue here13.

11 http://www.newsmax.com/Newsfront/AmnestyInternational-chicago-meeting-

surveillance/2014/04/05/id/563875/

12 http://whatis.techtarget.com/definition/surveillance-metadata

13 https://en.wikipedia.org/wiki/Forward_secrecy

10

Privacy extends past the content of messages. The amount of data that can be

discerned from so-called metadata can be astronomical. Surveillance metadata are any

details about data pertaining to the actions of an observed party.14 What that means is

that a phone call is data and and who is calling/called, how long they speak, and when

they speak is metadata. Edward Snowden argued that the information that can be

extracted from metadata is greater and more dangerous than the content of the

communication itself15.

So, in light of all this, here are some of the best practices and technologies

people can use to secure their communications. SSL is the simplest and goes a long

way. It is used by accessing web pages as https://www.example.com/ (note the “s” in

“https”). There are browser plugins like “HTTPS everywhere” for Chrome which ensure

that HTTPS is being used by all websites that support it and will warn users when they

are accessing a page insecurely. On the topic of HTTPS/SSL it is important to heed the

“secure connection failed” and “certificate not trusted” messages that browsers

sometimes show with HTTPS. This is a warning that something nefarious is probably

going on. SSL can also be used with email. When setting up an email client (such as

the Mail app on iOS, or Outlook on windows) make sure that the “SSL” or “encrypted”

box is checked. If your email provider does not support this feature, you should get a

different email provider or know that any of your emails may be stolen if you check your

mail at a coffee shop -- or stolen anywhere else for that matter, it just requires access to

your internet service provider (ISP), or some ISP handling the message intercepts it.

14 https://en.wikipedia.org/wiki/Modular_arithmetic

15 http://www.philzimmermann.com/EN/essays/WhyIWrotePGP.html

11

While SSL helps, it is not a panacea. It is what is called “transport encryption”

which means that it encrypts messages while communications are occurring. Your email

provider still has access to any and all messages sent over SSL. There exist tools such

as PGP (Pretty Good Privacy) which allow you to encrypt messages you send. You can

can exchange keys with the people you want to send encrypted mail to and then send

mail that only they will be able to decrypt16. This works for any kind of text message you

want to send, from Email, to Facebook message. There are a growing number of apps

for iOS, Android, and desktop computers that offer end to end encryption. The

Electronic Frontier Foundation (EFF) has a list of such apps and gives them a score

based on how secure they are17.

Finally, you may value the ability to anonymously communicate. While there are

websites that allow you to post anonymously such as Reddit, YikYak, or, more

infamously, 4Chan, the website owners still have access to your IP address. This

number identifies your current network connection (and can probably be traced back to

you). The solution is to put some kind of intermediary between you and the website you

are trying to connect to. Such an intermediary shows up in your place from the

perspective of the website you are connecting to and is called a proxy. There are

several kinds of proxies. A simple HTTP proxy can hide your web requests and make it

look like they are coming from a different part of the world. A VPN can mask all of your

communications, sending all traffic through them. For both kinds of proxies, your

security depends entirely on the quality of the proxy you use. As a general rule, if

something is free, then you are the product. This holds especially well with proxies. A

16 http://www.pgpi.org/doc/pgpintro/

17 https://www.eff.org/secure-messaging-scorecard

12

stronger tool, TOR18 is a distributed proxy, where any traffic sent through TOR is

bounced through many proxies, encrypted at each step. This tool is free and easy to

use, although it comes at the cost of substantially slowed network performance.

At the same time, governments are attempting to regulate encryption from all

angles. Several states are talking about restricting encryption and requiring backdoors

and have bipartisan support. Bills were proposed by a Republican in New York and by a

Democrat in California. In response to these regulatory efforts California Democrat Ted

Lieu and Texas Republican Blake Farenthold introduced a bill “Ensuring National

Constitutional Rights for Your Private Telecommunications Act of 2016" ("ENCRYPT

Act of 2016")19 which would block states from banning encryption within their borders.

They cited the difficulty states would impose on companies by having a different set of

laws in each state they operated in and the fact that such laws would be largely

ineffective because citizens of one state would be free to just cross a border can get a

different model (of encrypted device). The bill does nothing to prevent bans on

encryption or requirements of backdoors on a national scale. It just attempts to ensure

that the country will have consistent rules. As such it has seen more support than

similar measures.

In response to the Paris attacks, the San Bernardino shootings, and a less

publicized “islamic State-inspired attack last year in Garland, Texas” a pair of

congressmen from both parties have proposed a bill that would require “a person or a

company—when served with a court order—to provide law enforcement with

18 https://www.torproject.org

19 http://www.nytimes.com/2014/07/21/us/politics/edward-snowden-at-nsa-

sexually-explicit-photos-often-shared.html?_r=0

13

information (in readable form) or appropriate technical assistance that is responsive to

the judicial request. This will enable law enforcement to conduct investigations using the

communications involved in criminal and terrorist activities.”20 They soften this

requirement by saying “We want to provide businesses with full discretion to decide how

best to design and build systems that maintain data security while at the same time

complying with court orders.” This would allow private companies to become the

gatekeepers of their customers secrets, only giving up the decrypted information in the

case of a court order. They could of course be ordered to hand over the information by

the FISA court and required not to tell anyone that they decrypted the phone.

The bill would apply to any company doing business in the US and many of these

businesses operate abroad. The bill is silent about how US companies should react to

foreign governments ordering them to decrypt phones. This bill would set a dangerous

precedent and raise difficult international questions. As discussed earlier, what

countries should be able to require devices be decrypted?

All these issues are insurmountable. People value personal privacy, with most

having things that they would prefer not everyone knew. Some people depend on

encryption for their safety and this depends on widespread use of crypto tools. While it

would be nice if law enforcement could decrypt the phones of dangerous criminals and

terrorists, the dangers of a backdoor far outweigh the benefits. Especially since such

backdoors wouldn’t do much to prevent crime.

20 https://codebutler.github.io/firesheep/