Software Legend Ray Ozzie Wades Into Lawful Access TangleCritic Says Ozzie's Idea Is an Unworkable Twist on Key Escrow
Can technology solve the problem of giving law enforcement access to all encrypted communications without additional risks to the public?
See Also: What is next-generation AML?
Based on the U.S.'s disastrous Clipper chip proposal in the late 1990s, the debate had been largely settled: Key escrow schemes or backdoors increase the risks that those not authorized will get access, jeopardizing everyone's security.
But software legend Ray Ozzie, who created Lotus Notes and was later CTO of Microsoft, thinks technology could solve the problem. His plan was outlined in an interview in Wired on Wednesday. But his idea has been met with skepticism, albeit respectful skepticism, in a debate that can quickly escalate from polite to rancorous in two tweets.
Governments in the U.S., U.K., Australia and elsewhere have warned that the increasing use of hard-to-break encryption is potentially putting the public at risk because it gives the bad guys an advantage. Instant messaging products are increasingly using end-to-end encryption to protect communications.
Private keys are held only by a device and not by service providers. There aren't many options for attempting to read the encrypted content. Either the passphrase has to be discovered or investigators may have to resort to using software exploits, a method whose success relies on how quickly vendors patch.
Ozzie's system is called Clear, and he filed a patent application for it in February. Clear would have, for example, Apple store a private key for every iPhone. With a device in hand that has been obtained lawfully, law enforcement could access the encrypted code representing the device's PIN through the device's lock screen. Apple could then provide the corresponding private key that translates the encrypted PIN.
His idea has some built-in protection to prevent mass exploitations. Clear would not work remotely; the device would have to be in hand. If a phone is unlocked with Clear, a chip inside the phone would be bricked, which would prevent the phone's contents from being altered, Wired reports. The phone would also be permanently disabled after Clear is used, which means the system couldn't be used for ongoing surveillance.
Critic: Idea Falls Short
The technical arguments against such a system revive many of the issues highlighted in the 1990s.
First, it relies on companies such as Apple to protect the private keys for millions of devices and then provide those keys at scale with the speed at which law enforcement needs them. Ozzie contends that software companies already do this with software signing keys that verify OS updates.
This is one way where Ozzie's plan immediately falls short, argues Matthew Green, a cryptographer and professor at Johns Hopkins University. It's essentially key escrow, he contends, whose shortcomings have been known for decades.
"Does this vault sound like it might become a target for organized criminals and well-funded foreign intelligence agencies?" Green writes in a blog post. "If it sounds that way to you, then you've hit on one of the most challenging problems with deploying key escrow systems at this scale."
Another issue Green spotted is the chip that bricks the phone. Green contends that Apple has already tried to create that type of ultra-secure chip: the Secure Enclave Processor, which keeps track of how many times an incorrect passcode has been entered and then deletes the device's data after a number of tries.
In Ozzie's plan, the chip would disable the phone after Clear has been used. But Green argues that two private companies, Celebrite and GrayShift, have software they claim can unlock any iPhone, likely bypassing protections afforded by the SEP.
"The richest and most sophisticated phone manufacturer in the entire world tried to build a processor that achieved goals similar to those Ozzie requires," Green writes. "And as of April 2018, after five years of trying, they have been unable to achieve this goal."
Policy vs. Technology
Ozzie's goal, according to Wired, is to strike a balance between what privacy activists and law enforcement want. Ozzie maintains the goal was not to solve the complicated privacy and legal frameworks around a solution, but to show such a system was technically possible.
Ozzie acknowledges the criticisms. In replying to Green, he writes on Twitter: "Thanks, Matt. I do look forward to finding ways to engage in a more nuanced technical discussion. This isn't The Answer, nor is there one. It's all risks/tradeoffs. The central question is one of policy, and I hope that can come more loudly to the forefront."
Thanks, Matt. I do look forward to finding ways to engage in a more nuanced technical discussion. This isn't The Answer, nor is there one. It's all risks/tradeoffs. The central question is one of policy, and I hope that can come more loudly to the forefront.— ray ozzie (@rozzie) April 25, 2018
To that end, it has always been technically possible. But Ozzie's system doesn't address the larger issue: whether such a system puts the majority of users at risk, and how that avenue to accessing data could potentially be abused by other countries with other legal frameworks.
The safeguard - that an entity would have to have a device in hand, hence making users aware that their data has been accessed - is novel. But in the end, the technology companies have it right. No one but a user should have access to their communications. It's the only way to protect the security of all.