
It’s the argument that just won’t go away. For decades, governments have been lobbying for encryption “backdoors”: ways of accessing people’s private messages should law enforcement agencies want a peek. It will help them catch terrorists, they insist. But computer scientists have always pushed back. Weakening encryption , they say.
Now, Sacha Servan-Schreiber at the Massachusetts Institute of Technology and Archer Wheeler at Brown University in Rhode Island have proposed a potential compromise: backdoors with steps that would make them costly for law enforcement agencies to exploit, rendering mass surveillance unlikely.
“We hope to show that a middle ground is feasible and to provide a counter argument to the reasoning that carte blanche government backdoors are necessary,” the pair write , which is currently awaiting peer review. Both declined an interview.
Advertisement
In essence, the scheme adds multiple steps to the process of accessing a locked phone or social media account. For example, if police want to unlock a suspect’s smartphone, they first have to request access from “custodians”: servers owned by the government or academic institutions.
Should the custodians verify a request as legally sound, they may then allow the police to progress to the next, time-consuming step.
The custodian servers would reveal the locations of multiple, randomly selected devices scattered around the country – details of these would have been chosen by the target smartphone when it was first set up, and securely stored on the device.
Officers would have to physically go to each of these devices and scan them to obtain a digital signature, then present these signatures to the target phone. If they match the details stored on the phone, it would unlock itself.
Servan-Schreiber and Wheeler were inspired by the legal concept of a jury of peers, although they point out that the owners of these randomly selected devices wouldn’t be asked to judge the lawfulness of the request and would have no real say in the decryption process. The police would simply knock on their door, scan their smartphone and then leave.
“I thought it was a very interesting paper,” says Steven Murdoch at University College London. However, flaws with the idea remain, he argues.
“What this scheme does is say, ‘Surveillance is OK provided that it costs enough’. The problem with that is that’s really the existing situation.”
Following the 2015 San Bernardino shooting in California, in which 14 people were killed, the FBI demanded that Apple provide a backdoor to an iPhone used by one of the perpetrators. The tech giant declined with the help of cybersecurity experts who charged them $900,000.
Some think the researchers’ proposal is a non-starter. “There is no ethical trade-off possible,” says at the Electronic Frontier Foundation. “Regardless of the reasoning, it’s not ethical if it makes everyone less secure.”
Murdoch says it might be time to recognise the debate over backdoors is endless. Law enforcement will always ask for more access and a society that has checks and balances should always push back.
For example, this month, over the issue. And the UK and Australia recently .
“I don’t think this discussion is going to go away any time soon – and that’s OK,” says Murdoch.
Reference: