Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back > Forums > Linux Forums > Linux - News > Syndicated Linux News
User Name
Syndicated Linux News This forum is for the discussion of Syndicated Linux News stories.


  Search this Thread
Old 09-25-2015, 11:02 AM   #1
LXer NewsBot
Registered: Dec 2005
Posts: 97,355

Rep: Reputation: 102Reputation: 102
LXer: Encryption back doors: Is there more to this debate?

Published at LXer:

"I think that it's a mistake to require companies that are making hardware and software to build a duplicate key or a back door even if you hedge it with the notion that there's going to be a court order. And I say that for a number of reasons and I've given it quite a bit of thought." As the the encryption access debate heats up in the United States and abroad, statements like the one above have become more

Old 09-25-2015, 11:29 AM   #2
Senior Member
Registered: Dec 2013
Distribution: Slackware
Posts: 1,982

Rep: Reputation: 491Reputation: 491Reputation: 491Reputation: 491Reputation: 491
We are on the verge of the Second Crypto War. See Bruce Schneier:
Old 09-25-2015, 11:40 AM   #3
LQ Guru
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 8,994
Blog Entries: 4

Rep: Reputation: 3141Reputation: 3141Reputation: 3141Reputation: 3141Reputation: 3141Reputation: 3141Reputation: 3141Reputation: 3141Reputation: 3141Reputation: 3141Reputation: 3141
The problem with "back doors" is always at least a very simple one: "you don't know the backdoor is being used." And this, of course, is the problem: you don't know that your communications are insecure.

Now, if we all lived on a happy little planet ... one so happy that everyone really could trust everyone else ... then we could also trust every one of the unknown people who possessed the backdoor secret. We could trust them, in other words, not to be human.

But we don't live on a happy planet, and for this reason we need secure encryption, and secure message-signing. We live in a world where we increasingly must deal with companies and with individuals, great distances away from us, knowing that the messages we receive are authentic and that their content is strongly protected from disclosure. We must keep Pandora's Box tightly closed.

We can find effective ways to bring criminals to justice, without fatally undermining a technology that, in fact, is essential to our daily lives, to our safety at various levels, and to our commerce. For every "criminal" transaction protected by encryption every day, there are billions that are not criminal at all. The collective value of these data is incalculable. The presence of cryptographic weakness would jeopardize all of that ... without the awareness of those who must be protected. Crypto insecurity can enable(!) the highest forms of crime.

We need experts like the National Security Agency ... and Homeland Security ... to remember that "National Security" is not just about bombs and warplanes. "National" security also takes place at an individual level, as I said, billions of times a day, on both public and private and classified networks. The public pays ##CLASSIFIED## dollars a year to fund this and other public agencies. Yes, NSA is beholden to "the common defense," but its mission and its clientele also includes "us."

This very agency provided an important contribution to the original DES algorithm: the design of the S-boxes, which they would not discuss. It would become evident only years later that this was to protect against a form of crypto attack that was not yet public: differential cryptanalysis. The public regarded them very suspiciously at the time, but researchers later discovered that NSA had, in fact, provided superlative strength to the algorithm ... without divulging their secret. NSA also participates in the peer-review of public ciphers and infrastructure. This, too, is what we pay for, and what they are obliged to provide. If they intentionally put the public into a weakened position, and especially if they then lie about it, I charge that they betray their own mission. Nay. The public demands the best from its secret professionals.

Last edited by sundialsvcs; 09-25-2015 at 11:44 AM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: The Risks of Mandating Back Doors in Encryption Products LXer Syndicated Linux News 0 07-10-2015 05:20 AM
LXer: The encryption 'access' debate heats up LXer Syndicated Linux News 0 06-09-2015 07:11 AM
LXer: Mozilla Dials Back on Firefox Opportunistic Encryption LXer Syndicated Linux News 0 04-07-2015 02:30 PM
LXer: TechBytes Episode 79: Richard Stallman Speaks About Back Doors LXer Syndicated Linux News 0 06-27-2013 09:10 AM > Forums > Linux Forums > Linux - News > Syndicated Linux News

All times are GMT -5. The time now is 08:18 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration