RSA: Panel calls NSA access to encryption keys a bad idea

Some of the world's best known cryptographers – veterans of the crypto wars of the 1990s – say government access to encryption keys is still a bad idea, but is an issue that will never go away because it's something intelligence agencies crave.

Some of the world's best known cryptographers veterans of the crypto wars of the 1990s say government access to encryption keys is still a bad idea, but is an issue that will never go away because it's something intelligence agencies crave.

Speaking at RSA 2015's Cryptographer's panel, Whitfield Diffie, who pioneered public-key encryption, says key escrow schemes where government could gain access to encrypted data works mainly to the benefit of government. "They want you to be secure but not against them," he says.

+ Follow Network World's show coverage +

Ron Rivest, an MIT professor and the R in RSA encryption, says key escrow has problems in that it opens many parties to messages that are encrypted for passage across public networks, not just the U.S. government. Other governments would take advantage of it, too, destroying any real hope of privacy. "This is going to be a house of many doors and many parties and it's just not going to work," Rivest says.

Ron Rivest

Key escrow would give the government, under legal rules, the right to access keys from third parties. The idea came up in a different form in the 1990s with the Clipper Chip that would be used by telecom operators to encrypt voice calls, but had a built-in back door.

The NSA has called key escrow a front-door to information it needs to defend the U.S. against terrorists, trying to put a different spin on the idea than is conjured up by the more sinister-sounding back door.

Adi Shamir, a member of the crypto panel who teaches at the Weizmann Institute in Israel and is the S in RSA, says the front-door designation is just semantics. "There's no difference between a back door and a front door. The NSA will just turn your house around," he says.

And multiple agencies within the federal government will have the right to use the same subpoena power to get the keys to crack encrypted data. He says he sees no privacy advantage to taking the secret key and splitting it among many parties who can make use of it separately.

Diffie says crypto systems ought to be made strong enough for the NSA to crack without any help if it needs to but only with great effort - so much work that it can only afford to crack important select traffic, not decrypt everything wholesale. "They can get at individual things but can't do it at scale," he says.

Diffie says if key escrow came into effect, people seeking privacy would encrypt it before it was re-encrypted to cross carrier networks. In that case, if the keys were used on the traffic, they would reveal an encrypted message for which the NSA would not have the key. Diffie says in that case, the government might make such pre-encryption a separate crime.

Ed DiGiorgio, a panelist who has worked both as the NSA's chief of encryption and as its chief encryption breaker, says that this issue keeps coming up and is likely to keep coming up because the NSA and other government agencies believe it is necessary to break all encryption for the purpose of investigating criminals and terrorists.

The panel weighed in on other security issues including chip and PIN technology that embeds a security chip on credit cards to encrypt card data that is shared with merchants at the time of sale. It's used in Europe and Canada and is set to become the standard in the U.S. in October.

Rivest noted that along with chip and PIN, the liability for making up card-holder losses in case of a breach falls to merchants rather than the banks that issue the cards. That makes merchants responsible for implementing best cryptographic practices. That model might be a good one to apply in other areas where losses can be traced to entities that don't follow best practices, he says.

Shamir says chip-and-PIN technology will make credit-card transactions more secure but won't make credit card theft go away, it will just make criminals adapt and attack elsewhere. DiGiorgio agreed. "There will be new attacks and they will come up with them very quickly."

The issue came to the forefront last year when major breaches of credit card information from retailers cropped up over and over. Diffie dismissed chip-and-PIN adoption by U.S. credit card firms as something with "nice visibility they can do in a year of embarrassment."

The group says ransomware poses problems for victims because they can't decrypt their hard drives after attackers have broken in and encrypted them. (Read: Ransomware: Pay it or fight it?)

Rivest noted that the criminals behind popular ransomware use the RSA crypto system he helped invent to lock victims out of their computers unless they pay up. He says cryptography is double-edged and can be used for good or bad, and he feels bad about RSA being used in ransomware. "I feel like a mother whose son has been brainwashed and is off to become a jihadist in Syria."

Shamir said ransomware could spread beyond just PCs as the Internet of Things becomes more pervasive. If someone's smart TV is ransomed, "Would you pay someone in Moldavia to get the service back?" he asks.

He says the security community has "failed miserably" in preparing end users for recognizing spear phishing, which is the most common method ransomware criminals use to attack PCs. He imagined an automated system that analyzed a person's past 1,000 emails and used that analysis to create a test spear-phishing attempt that would help users be more wary.

DiGiorgio says that even if the current extortion model is defeated by backing up data so compromised machines can be reimaged, criminals will have gained access to all the data on the machine from which they will cull something that will present extortion opportunities.

Join the CSO newsletter!

Error: Please check your email address.

Tags RSA 2015securitynsaencryption

More about ClipperMITNSARSA

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Tim Greene

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts