this post was submitted on 31 Jan 2025
39 points (81.0% liked)

Technology

61227 readers
5121 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
39
What are the potential risks and benefits of implementing encryption backdoors for law enforcement? (ace-usa.org)
submitted 13 hours ago by [email protected] to c/[email protected]
15 comments fedilink hide all child comments
 

Are there any real-world examples where encryption backdoors have been successfully used without compromising cybersecurity? How do different governments and tech companies approach this issue, and what are the implications for global digital security?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 6 hours ago

The FBI pressured Apple to create an encryption backdoor to bypass their security features

This was more like a hardware security device backdoor - the key was in a hardware security device, that would only release it after receiving the PIN (without too many wrong attempts). But the hardware accepts signed firmware from Apple - and the firmware decides the rules like when to release the key. So this was effectively a backdoor only for Apple, and the FBI wanted to use it.

Systems would create a public audit trail whenever a backdoor is used, allowing independent auditors to monitor and report misuse of backdoors.

This has limits. If there is a trusted central party who makes sure there is an audit log before allowing the backdoor (e.g. the vendor), they could be pressured to allow access without the audit log.

If it is a non-interactive protocol in a decentralised system, someone can create all the records to prove the audit logs have been created, use the backdoor, but then just delete the audit logs and never submit them to anyone else.

The only possibility without a trusted central party is an interactive protocol. This could work as: For a message (chat message, cryptocurrency transaction etc...) to be accepted by the other participants, they must submit a zero-knowledge proof that the transaction includes an escrow key divided into 12 parts (such that any 8 of 12 participants can combine their shares to decrypt the key), encrypted with the public keys of 12 enrolled 'jury' members - who would need to be selected based on something like the hash of all messages up to that point. The jury members would be secret in that the protocol could be designed so the jury keys are not publicly linked to specific users. The authority could decrypt data by broadcasting a signed audit log requesting decryption of certain data, and jury members would receive credits for submitting a share of the escrow key (encrypted so only the authority could read it) along with a zero-knowledge proof that it is a valid and non-duplicate escrow key. Of course, the person sending the message could jury shop by waiting until the next message will have the desired jury, and only sending it then. But only 8/12 jurors need to be honest. There is also a risk jurors would drop out and not care about credits, or be forced to collude with the authority.

Cryptographic Enforcement: Technical solutions could ensure that the master key is unusable if certain conditions—such as an invalid warrant or missing audit trail—are not met.

Without a trusted central party (or trusted hardware playing the same role), this seems like it would require something like Blackbox Obfuscation, which has been proven to be impossible. The best possibility would be an interactive protocol that would need enough people to collude to break it.