“From Real-Time Intercepts to Stored Records: Why Encryption Drives the Government

to Seek Access to the Cloud”

Peter SwireMoritz College of LawOhio State University

TPRC 2012September 22, 2012

Current Research:Crypto & De-Identification

Encryption and Globalization• India, China, and first full legal/policy analysis since the crypto wars

Going Dark vs. a Golden Age of Surveillance

From Real-Time Intercepts to Stored Records: Why Encryption Drives the Government to Seek Access to the Cloud (today’s paper)

Next: De-ID project with Future of Privacy Forum• Law and policy of masking technologies• The articles available online

Setting the Context …

1990’s FBI and NSA worry that encryption would block lawful surveillance

1999 White House shift to permit strong encryption

“Why Johnny Can’t Encrypt”• Whitten & Tygar, 1999

• Low encryption adoption

• Tech literature had not shifted from that view

Encryption Adoption Now Widespread

VPNsSkype & other VoIPBlackberry emailGmail now, other webmail soonSSL pervasive (credit card numbers)

• Dropbox & many more

Facebook enables HTTPS, may shift default

Result: interception order at ISP or local telco often won’t work

What are the agencies to do?

Ways to Get Communications

1. Break the encryption

2. Get comms in the clear (CALEA)

3. Get comms before or after encrypted (backdoors)

4. Get stored communications, such as in the cloud

#4 is becoming FAR more important, for global communications

Also, temptation to do more #2 and #3

Overview

Local switch

Local switch

Phone call

Phone call

Telecom Company

Alice

Bob

Overview

Local switch

Local switch

Phone call

Phone call

Telecom Company

Alice

Bob

Bob ISP

Alice ISP

%!#&*YJ#$&

#^@%

%!#&*YJ#$&

#^@%

Hi Bob!

Hi Bob!

Many

Nodes

between

ISPs

Alice

Bob

%!#&*YJ#$&

#^@%

%!#&*YJ#$&

#^@%

%!#&*YJ#$&

#^@%

%!#&*YJ#$&

#^@%

%!#&*YJ#$&

#^@%

%!#&*YJ#$&

#^@%

%!#&*YJ#$&

#^@%

%!#&*YJ#$&

#^@%

Problems with Weak Encryption

Nodes between A and B can see and copy whatever passes through

Many potential malicious nodes

Strong encryption as feasible and correct answer

When encryption adoption rises . . .

Encrypt

Encrypted message –

Hi Bob!

AliceBob's public

key

Bob's private key

– Alice's local ISP

%!#&YJ@$

%!#&YJ@$

Decrypt Hi Bob!

%!#&YJ@$

%!#&YJ@$

– Bob's local ISP

– Backbone provider

Bob

Ways to Grab Communications

1. Break the encryption:1. Keys are with the individuals2. Crypto today is very hard to break

2. Get comms in the clear1. CALEA requires that for phone2. FBI proposal to extend to Internet

3. Get comms with hardware or software before or after encrypted (backdoors)

4. Get stored communications, such as in the cloud

Don’t Extend CALEA to Internet

Bad cybersecurity to have unencrypted IP go through Internet nodes

How deep to regulate IP products & services

• WoW just a game?

• Make all Internet hardware & software be built wiretap ready?

• That would be large new regulation of the Internet

• Could mobilize SOPA/PIPA coalition

Ways to Grab Communications

1. Break the encryption

2. Get comms in the clear

3. Get comms before or after encrypted (backdoors)

4. Get stored communications, such as in the cloud

Governments Install Software?

Police install virus on your computer

This opens a back door, so police gain access to your computer

Good idea for the police to be hackers?

Good for cybersecurity?

Governments Install Hardware?

Reports of telecom equipment that surveil communications through them

Can “phone home”

Good to design these vulnerabilities into the Net?

“Chinese Telecoms May Be Spying on Large Numbers of Foreign Customers”[The Atlantic, 2/16/2012]

Ways to Grab Communications

1. Break the encryption (but can’t)

2. Grab comms in the clear (but CALEA a bad idea)

3. Grab comms before or after encrypted (but backdoors a bad idea)

Therefore:

4. New emphasis on stored communications, such as in the cloud

Conclusions

Technology• Gmail & Skype can encrypt, even if Johnny can’t• Change our assumptions about adoption

Law• Important emerging debates on data retention mandates & lawful access rules• Split between “have” & “have not” jurisdictions

Industry• Cloud providers at the center of future debates on government access