Key recovery in a business environment

This thesis looks at the use of key recovery primarily from the perspective of business needs, as opposed to the needs of governments or regulatory bodies. The threats that necessitate the use of key recovery as a countermeasure are identified together with the requirements for a key recovery mechanism deployed in a business environment. The applicability of mechanisms (mainly designed for law enforcement access purposes) is also examined. What follows from this analysis is that whether the target data is being communicated or archived can influence the criticality of some of the identified requirements. As a result, key recovery mechanisms used for archived data need to be distinguished from those used for communicated data, and the different issues surrounding those two categories are further investigated. Two mechanisms specifically designed for use on archived data are proposed. An investigation is also carried out regarding the interoperability of dissimilar key recovery mechanisms, when these are used for encrypted communicated data. We study a scheme proposed by the Key Recovery Alliance to promote interoperability between dissimilar mechanisms and we show that it fails to achieve one of its objectives. Instead, a negotiation protocol is proposed where the communicating parties can agree on a mutually acceptable or different, yet interoperable, key recovery mechanism(s). The issue of preventing unfair key recovery by either of two communicating parties, where one of the parties activates a covert channel for key recovery by a third party, is also investigated. A protocol is proposed that can prevent this. This protocol can also be used as a certification protocol for Diffie-Hellman keys in cases where neither the user nor the certification authority are trusted to generate the user’s key on their own. Finally, we study the use of key recovery in one of the authentication protocols proposed in the context of third generation mobile communications. We propose certain modifications that give it a key recovery capability in an attempt to assist its international deployment given potential government demands for access to encrypted communications

Encryption Congress Mod (Apple + CALEA)

We are in the midst of the latest iteration of the “crypto wars.” These conflicts, nominally waged between proponents of strong encryption technologies on the one hand and law enforcement and national security interests on the other, are the natural result of increased availability and use of strong encryption throughout the communications ecosystem. Strong encryption makes it difficult, in some cases effectively impossible, for the government to obtain information from individuals – even in cases where it has lawful basis for demanding and legitimate need to obtain access to that information. The availability of a technology that effectively moots the government’s ability to compel the disclosure of information shifts the balance of power between individuals and the government. The task of rebalancing these powers ultimately falls to the political process, and, in specific, to Congress. This article uses CALEA, a law adopted in 1994 during the previous iteration of the crypto wars, as a lens to understand how Congress can, and is likely to, respond to this changing balance of power

Personal Data Security: Divergent Standards in the European Union and the United States

This Note argues that the U.S. Government should discontinue all attempts to establish EES as the de facto encryption standard in the United States because the economic disadvantages associated with widespread implementation of EES outweigh the advantages this advanced data security system provides. Part I discusses the EU\u27s legislative efforts to ensure personal data security and analyzes the evolution of encryption technology in the United States. Part II examines the methods employed by the U.S. Government to establish EES as the de facto U.S. encryption standard. Part III argues that the U.S. Government should terminate its effort to establish EES as the de facto U.S. encryption standard and institute an alternative standard that ensures continued U.S. participation in the international marketplace

Regulating the technological actor: how governments tried to transform the technology and the market for cryptography and cryptographic services and the implications for the regulation of information and communications technologies

The formulation, adoption, and transformation of policy involves the interaction of actors as they negotiate, accept, and reject proposals. Traditional studies of policy discourse focus on social actors. By studying cryptography policy discourses, I argue that considering both social and technological actors in detail enriches our understanding of policy discourse. The case-based research looks at the various cryptography policy strategies employed by the governments of the United States of America and the United Kingdom. The research method is qualitative, using hermeneutics to elucidate the various actors’ interpretations. The research aims to understand policy discourse as a contest of principles involving various government actors advocating multiple regulatory mechanisms to maintain their surveillance capabilities, and the reactions of industry actors, non-governmental organisations, parliamentarians, and epistemic communities. I argue that studying socio-technological discourse helps us to understand the complex dynamics involved in regulation and regulatory change. Interests and alignments may be contingent and unstable. As a result, technologies can not be regarded as mere representations of social interests and relationships. By capturing the interpretations and articulations of social and technological actors we may attain a better understanding of the regulatory landscape for information and communications technologies

Privacy and Security in the Cloud: Some Realism About Technical Solutions to Transnational Surveillance in the Post-Snowden Era

Since June 2013, the leak of thousands of classified documents regarding highly sensitive U.S. surveillance activities by former National Security Agency (NSA) contractor Edward Snowden has greatly intensified discussions of privacy, trust, and freedom in relation to the use of global computing and communication services. This is happening during a period of ongoing transition to cloud computing services by organizations, businesses, and individuals. There has always been a question of inherent in this transition: are cloud services sufficiently able to guarantee the security of their customers’ data as well s the proper restrictions on access by third parties, including governments? While worries over government access to data in the cloud is a predominate part of the ongoing debate over the use of cloud serives, the Snowden revelations highlight that intelligence agency operations pose a unique threat to the ability of services to keep their customers’ data out of the hands of domestic as well as foreign governments. The search for a proper response is ongoing, from the perspective of market players, governments, and civil society. At the technical and organizational level, industry players are responding with the wider and more sophisticated deployment of encryption as well as a new emphasis on the use of privacy enhancing technologies and innovative architectures for securing their services. These responses are the focus of this Article, which contributes to the discussion of transnational surveillance by looking at the interaction between the relevant legal frameworks on the one hand, and the possible technical and organizational responses of cloud service providers to such surveillance on the other. While the Article’s aim is to contribute to the debate about government surveillance with respect to cloud services in particular, much of the discussion is relevant for Internet services more broadly

Insecure by Design: Protocols for Encrypted Phone Calls

It is increasingly clear that existing phone security mechanisms are inadequate and that change is necessary. Instead of protecting phone conversations from eavesdropping, the UK government's proposed voice encryption standard appears to be designed to facilitate undetectable mass surveillance

Balancing End-to-End Encryption and Public Safety

Over the last decade, there has been a significant debate around end-to-end encryption (E2EE) and its implications for public safety. At the forefront of the discourse is a false dichotomy between protecting privacy and ensuring national security. At the extreme ends of this deeply polarised debate are two key arguments. On the privacy side, it is believed that governments and law enforcement agencies desire unrestrained exceptional access to E2EE communications to spy on their citizens. On the security side, it is maintained that obtaining lawful exceptional access is the only way to protect citizens and uphold national security. The debate has reached a deadlock, with both sides perpetuating zero-sum views.However, experts are calling for a more nuanced conversation about possible solutions to the criminal use of E2EE services. It is vital that a range of views are considered in order to identify the key issues and inform a more productive debate. Through a review of the existing literature and insights from 22 semi-structured interviews, this paper balances the perspectives from a range of relevant stakeholders on the main elements of the E2EE debate and presents some key takeaways in an effort to move away from a crude privacy-versus-security binary.The paper presents the following key findings:There are clear and significant cyber security and privacy benefits to E2EE. Efforts to weaken or restrict its access would be a net loss for all.Criminal use of E2EE is a significant risk to public safety and solutions are vital. Yet, it should also be acknowledged that technology is an enabler of criminal and harmful activity and should not be treated as the root cause.The possibility of developing technical tools which could assist law enforcement investigations should not be categorically ruled out, but future proposals must be measured against the principles of proportionality, legality and technical robustness.Alternative options for law enforcement investigations such as metadata analysis and legal hacking should be considered, but they are not without their drawbacks. Legal hacking could be proportionate but its reliance on software vulnerabilities is largely at odds with strong cyber security. Metadata analysis is promising but more research is needed to determine the extent to which it can be used to aid law enforcement investigations.Industry do have a responsibility to make their platforms safer and free from criminal abuse. This requires implementation of safety-by-design principles and the provision of resources for better digital literacy and education. Governments must have oversight over the technical tools developed.A more nuanced debate must continue which actively moves away from zero-sum views of absolute privacy versus absolute security, and focuses more on how the risks to public safety can be reduced in proportion with the need to protect citizens' rights and freedoms