The Revived Encryption Wars Continue (updated)

**The Latest (09.15.2015):**

> [The FBI’s Problem Isn’t ‘Going Dark’ – Its Problem is Going Slowly](https://www.justsecurity.org/24695/fbis-problem-going-dark-slow/) – Marshall Erwin at JustSecurity

> [Of Course the Government Wants to Read Your Texts](http://www.bloombergview.com/articles/2015-09-08/of-course-the-government-wants-to-read-your-texts) – Megan McArdle at BloombergView

> [Why the Fear over Ubiquitous Data Encryption is Overblown](https://www.washingtonpost.com/opinions/the-need-for-ubiquitous-data-encryption/2015/07/28/3d145952-324e-11e5-8353-1215475949f4_story.html) – Mike McConnell, Michael Chertoff and William Lynn op-ed in The Washington Post

**Some Additional Background:**

> [A History of Backdoors](http://blog.cryptographyengineering.com/2015/07/a-history-of-backdoors.html) – Matthew Green at his A Few Thoughts on Cryptographic Engineering

> [Deep Dive into Crypto “Exceptional Access” Mandates: Effective or Constitutional—Pick One](https://www.eff.org/deeplinks/2015/08/deep-dive-crypto-exceptional-access-mandates-effective-or-constitutional-pick-one) – EFF

**Can the FBI and IC already Access Apple’s iMessages (and Tor Users)?**

> [iPhones, the FBI, and Going Dark](https://www.lawfareblog.com/iphones-fbi-and-going-dark) – Nicholas Weaver guest post at LawFare

> [Let’s Talk about iMessage (again)](http://blog.cryptographyengineering.com/2015/09/lets-talk-about-imessage-again.html) – Matthew Green at his A Few Thoughts on Cryptographic Engineering; Also from Matthew Green: [Can Apple read your iMessages?](http://blog.cryptographyengineering.com/2013/06/can-apple-read-your-imessages.html)

> [FBI Director Claims Tor and the ‘Dark Web’ Won’t Let Criminals Hide From His Agents](https://theintercept.com/2015/09/10/comey-asserts-tors-dark-web-longer-dark-fbi/) – The Intercept’s Unofficial Sources

> [](https://twitter.com/20committee/status/611272144136220673)   “We can ‘win’ the crypto wars in public, and still lose behind closed doors. If Apple & WhatsApp quietly backdoor their crypto the FBI wins” – Christopher Soghoian [(@csoghoian)](https://twitter.com/csoghoian): July 10, 2015

> Related:

> [FBI and Apple’s Encryption](https://www.schneier.com/blog/archives/2015/09/fbi_and_apples_.html) – Bruce Schneier

> [Apple and Other Tech Companies Tangle With U.S. Over Data Access](http://www.nytimes.com/2015/09/08/us/politics/apple-and-other-tech-companies-tangle-with-us-over-access-to-data.html?nytmobile=0&_r=5) – New York Times

**Background – 2014-15, the Crypto Wars Return**

> [Keys Under Doormats: Mandating Insecurity by Requiring Government Access to All Data and Communications](http://dspace.mit.edu/bitstream/handle/1721.1/97690/MIT-CSAIL-TR-2015-026.pdf?sequence=6) (pdf; 34 pages) – MIT Computer Science and Artificial Intelligence Laboratory Technical Report (July 6, 2015)

> [Code Specialists Oppose U.S. and British Government Access to Encrypted Communication](http://www.nytimes.com/2015/07/08/technology/code-specialists-oppose-us-and-british-government-access-to-encrypted-communication.html?nytmobile=0&_r=5) – New York Times on the July 6th MIT report

> [Encryption, Public Safety, and ‘Going Dark’](http://www.lawfareblog.com/encryption-public-safety-and-going-dark) – FBI Director James Comey writing at LawFare in advance of several Congressional hearings July 8th on encryption and related issues.

> [Let’s Get Real About Decryption, Says GCHQ Tech Director](http://www.computerweekly.com/news/4500249317/Lets-get-real-about-decryption-says-GCHQ-tech-director) – ComputerWeekly

> [It’s Time to End the ‘Debate’ on Encryption Backdoors](http://justsecurity.org/24483/end-debate-encryption-backdoors/) – Kevin Bankstown at JustSecurity arguing that it is time for FBI head James Comey to admit that he has lost the battle over encryption backdoors

> [Encryption, Biometrics, and the Status Quo Ante](http://www.lawfareblog.com/encryption-biometrics-and-status-quo-ante) – Paul Rosenzweig at LawFare proposing mandatory biometric encryption, a novel, but problematic proposal in the encryption debate

> [The Battle Between Washington and Silicon Valley Over Encryption](http://passcode.csmonitor.com/cryptowars) – CSM’s Passcode

> [James Comey, F.B.I. Director, Hints at Action as Cellphone Data Is Locked](http://www.nytimes.com/2014/10/17/us/politics/fbi-director-in-policy-speech-calls-dark-devices-hindrance-to-crime-solving.html) – The New York Times, and [FBI director Attacks Tech Companies for Embracing New Modes of Encryption; James Comey says Data Encryption Could Deprive Police and Intelligence Agencies of Potentially Live-saving Information](http://www.theguardian.com/us-news/2014/oct/16/fbi-director-attacks-tech-companies-encryption) – The Guardian

> [How Do We Build Encryption Backdoors?](http://blog.cryptographyengineering.com/2015/04/how-do-we-build-encryption-backdors.html) – Professor Matthew Green (Johns Hopkins) analyzes the problems with building encryption backdoors, including split key approaches, at his [A Few Thoughts on Cryptographic Engineering](http://blog.cryptographyengineering.com/) blog

> [You Can’t Backdoor a Platform](http://webpolicy.org/2015/04/28/you-cant-backdoor-a-platform/) – Jonathan Mayer at his Web Policy blog

> [As Encryption Spreads, U.S. Grapple with Clash between Privacy, Security](http://www.washingtonpost.com/world/national-security/as-encryption-spreads-us-worries-about-access-to-data-for-investigations/2015/04/10/7c1c7518-d401-11e4-a62f-ee745911a4ff_story.html?wprss=rss_national-security) – Ellen Nakashima and Barton Gellman writing in The Washington Post reveal that federal officials are considering a variety of means of ensuring access to encrypted communications, including split key approaches, as well as, in certain circumstances, mirror accounts. Under the split key approach (difficult from an engineering and cryptography standpoint), a technology company creates a decryption key that is split into pieces, with different pieces held by different parties, and all of the pieces are needed for decryption. But even aside from the question of trust in the holders of the key parts, risk of disclosure of the decrypted information and the like, as security expert/researcher, Dino A. Dai Zovi (@dinodaizovi) tweeted: “The big question of the #cryptodebate isn’t whether vendors can make a decryption key for USG, but what happens when other [governments] want it too?”

> [Apple Will No Longer Unlock Most iPhones, iPads for Police, even with Search Warrants](http://www.washingtonpost.com/business/technology/2014/09/17/2612af58-3ed2-11e4-b03f-de718edeb92f_story.html) – The Washington Post

> [iPhone Encryption and the Return of the Crypto Wars](https://www.schneier.com/blog/archives/2014/10/iphone_encrypti_1.html) – Bruce Schneier

> [What NSA Director Mike Rogers Doesn’t Get About Encryption](http://www.cato.org/blog/what-nsa-director-mike-rogers-doesnt-get-about-encryption) – Julian Sanchez at CATO

> [What President Obama is getting wrong about encryption](http://www.washingtonpost.com/blogs/the-switch/wp/2015/02/19/what-president-obama-is-getting-wrong-about-encryption/) – The Washington Post

> [The FBI Keeps Demanding Impossible Solutions to Its Encryption Problem](http://motherboard.vice.com/read/the-fbi-keeps-demanding-impossible-solutions-to-its-encryption-problem) – MotherBoard/Vice

**Background – the 1990’s (and earlier) Crypto Wars**

> [Keeping Secrets: Four Decades Ago, University Researchers Figured out the Key to Computer Privacy, Sparking a Battle with the National Security Agency that Continues Today.](https://medium.com/stanford-select/keeping-secrets-84a7697bf89f) – Henry Corrigan-Gibbs (Stanford Magazine)

> [Encryption and Globalization](http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1960602) – a 2011 academic paper (Columbia Science and Technology Law Review, Vol. 23, 2012) by Peter Swire and Kenesa Ahmad, which includes a brief summary of the original 90’s “Crypto Wars”

> [Crypto Wars](http://en.wikipedia.org/wiki/Crypto_Wars) – Wikipedia

> [Hacker Lexicon: What is End-to-End Encryption](http://www.wired.com/2014/11/hacker-lexicon-end-to-end-encryption/) – Wired

**Related**

> [Want to Protect your Phone from the Cops? You Might Want to Use a Passcode, Not a Fingerprint; Virginia Court Rules Using Fingerprint Technology to Protect Your Phone Doesn’t Carry Same Legal Rights as Passcodes](http://www.fastcompany.com/3037912/want-to-protect-your-phone-from-the-cops-you-might-want-to-use-a-passcode-not-a-fingerprint) – FastCompany