As Feds Seek Passwords, Can Cryptography Still Be Trusted?

Google, Microsoft and Yahoo all claim that they have not and will not hand over user passwords to the US government
Google, Microsoft and Yahoo all claim that they have not and will not hand over user passwords to the US government

According to CNET, the internet companies all 'push back' against such requests. "I've certainly seen them ask for passwords," said one internet industry source who spoke on condition of anonymity to CNET. "We push back."

Google, Microsoft and Yahoo all claim that they have not and will not hand over user passwords – but all three declined to confirm or deny whether they had received such requests. Had the request come via a FISA court order, it would have included a gag order to say nothing about it.

CNET is not certain that the passwords alone will be of much value to government agencies, such as the NSA. It quotes David Mazières, an associate professor of computer science at Stanford University. "Even if 'the NSA is asking for access to hashed bcrypt passwords,' Mazières said, 'that doesn't necessarily mean they are cracking them.' Easier approaches, he said, include an order to extract them from the server or network when the user logs in – which has been done before – or installing a keylogger at the client."

However, Lauren Weinstein – an occasional consultant to Google – thinks there may be deeper ramifications. "Public-key cryptography as we know it today may be rapidly approaching the end of its useful lifespan," he wrote in a blog posting. He describes CNET's article as "further confirmation of the longstanding rumor that the US government (and, we can safely assume, other governments around the world) have been pressuring major internet firms to provide their 'master' SSL keys for government surveillance purposes."

Infosecurity approached some of the world's leading cryptographers for their views on whether current political interventions forebode the end of useful cryptography. Whit Diffie, one of the original pioneers of public key cryptography, thinks not – provided the encryption is done to best practices. Long-term keys, he said, are best used for authentication; but ephemeral keys are used for confidentiality. 

"The impact of this," he explained, "is that if things are done right, forcing people to give you their keys is only of limited use.  They can issue certificates and forge identities – which is in principle discoverable – but can't passively listen to communications and understand them – which isn't."

The real solution, he continued, is not to let any outside company have access to the keys. "If you organize things so that there are 'central' people (phone companies, bit websites) who can sell you out, they probably will.  If you organize things so that security is dominated by peer-to-peer interactions, you can diminish that problem."

Ross Anderson, professor of security engineering at the University of Cambridge Computer Laboratory, agrees that the solution is in the user maintaining control over the encryption keys. Within specific infrastructures, he suggests, "there might be a growth in the use of hardware security modules, which (if properly designed) can stop the signing key going walkabout."

Surprisingly, he believes that governments would like to see encryption continuing. "Even the NSA will want Google to keep on encrypting email," he told Infosecurity; "that way only they have access to it, and any other spook agency that wants stuff has to come to them and lick their toes."

Older users will be viewing the current situation with a sense of déjà vu. In the mid- to late-1990s, governments sought to take total control of crypto keys – to hold them in escrow for the user. In what became known as the First Crypto Wars, civil liberties groups appeared to win a major victory when governments backed down. "I think, however, that what we learned in the first crypto war," Whitfield told Infosecurity, "was that we reasonably won the freedom to use cryptography but the spies didn't care, because it turned out to be too much trouble for most people to use."

That is the major problem. Cryptography can still effectively ensure confidentiality, but only if users make the effort to deploy it properly. Increased criminal and political activity simply makes this more important. After all, said Ron Rivest (one of the inventors of the RSA algorithm, inventor of the RCn symmetric encryption algorithms, and inventor of the MDn hash algorithms), "What are you going to replace it with?"

What’s Hot on Infosecurity Magazine?