Cloud Hosting

Attorney General William Barr has staked his ground in the long-running debate over law enforcement access to encrypted communications. Last fall, Barr decried end-to-end encryption as enabling dangerous criminals to cloak their communications and activities behind an essentially impenetrable digital shield. As the debate continues, commentators and policymakers often overlook a historical example of the problems with law enforcement access.

Barrs position is hardly novel. For more than two decades, law enforcement has argued that end-to-end encrypted communications present an extreme public safety risk and that tech companies must build in access in the form of some variation of escrowed keys, backdoors, front doors or exceptional access. During that time, many observers have argued that creating this access for law enforcement would decrease public security, not increase it. Theres a cautionary tale about wiretapping from the 1990s that has bearing on todays encryption battles.

As new (primarily digital) telephone services emerged in the 1990s, old-style wiretapping couldnt keep up. The old techniques werent equipped to handle new capabilities, such as call forwarding and other advanced features. Law enforcement was really worried. Then-FBI Director Louis Freeh called digital telephony the number one law enforcement, public safety and national security issue facing us today. After several years of pressing Congressand an added sweetener for the telecom providers in the form of a half-billion in funds to the service providers for updating switches to accommodate the new requirementslaw enforcement got its way with the 1994 passage of the Communications Assistance for Law Enforcement Act (CALEA), which required service providers to build digitally switched telephone networks so that they were wiretap enabled. That meant that the phone switches, which connect telephone lines, were to be built in a way that enabled any call to have a silent third partyan eavesdropperlistening in. These wiretap enabled networks essentially put a security hole in the middle of a phone switch, creating serious risks. Although computer scientists raised that concern about the legislation, the law ultimately passed.

Nothing was simple about implementing CALEA. There were arguments over lots of different issues: how much surveillance capacityboth wiretaps and pen/traps metadata collectionhad to be put into the switches; whether post-cut-through-digits, which have prompts that can vary from press 1 to speak to a receptionist to please enter your credit card number now, were considered content (and thus required a wiretap warrant in order to be collected); and whether location information should be included in information that the telephone companies provided law enforcement. And then there was a debate over fundingthe half-billion dollars did not come close to covering the service providers expenses. Court battles over various aspects of CALEA implementation went on for more than a decade.

But fights over implementation were not CALEAs most serious problem. Building a wiretapping interface for law enforcement into a telephone switch did, as predicted, enable others to listen in. The most well-known occurrence of this phenomenon is the Greek wiretapping case of 2004-2005. Unknown parties wiretapped the cellphones of 100 senior members of the Greek government for a period of 10 months using the law enforcement interface of an Ericsson phone switch built for Greek Telecom. The law enforcement wiretapping interface was built according to European Telecommunications Standards Institute (ETSI) specifications, which were modeled on the CALEA requirements. In another example, IBM researcher Tom Cross showed in 2010 that Cisco specifications for an IP network wiretapping architecture based on the ETSI standards had major security holes. Cross demonstrated that various service providers had implemented a flawed architecture and allowed unauthorized people to intercept communications.

Security problems were not limited to Europe. In 2011, Dickie George, the former technical director of the National Security Agencys Information Assurance Division, told me that his agency had found security problems with the CALEA-compliant implementation on every single switch submitted for testing. In other words, required wiretapping capabilities built for law enforcement were insecure, and others, including nefarious actors, could potentially access them. And then, just this month, the Wall Street Journal reported that U.S. officials are now telling our allies that Huawei Technologies Co. can covertly access mobile-phone networks around the world through back doors designed for use by law enforcement. Why were those backdoors put in? They are what is legally required by CALEA and the European laws based on the U.S. law.

Fast forward to today. Law enforcements line on encryption is that surely the smart people in Silicon Valley can figure out how to build systems that enable law enforcement, backed up with a court order, to access encrypted communications and encrypted data on phones. In reality, such surveillance systems are not easy to buildand not easy to build securely. If the CALEA story reveals anything, it shows that when companies build in backdoors, hackers, nation-states and criminals will come. Thats not the cybersecurity, national security or public safety solution we need.

Originally posted here:
If We Build It (They Will Break In) - Lawfare