- Sputnik International
World
Get the latest news from around the world, live coverage, off-beat stories, features and analysis.

NSA Wants 'Front Door' Access to Encrypted Data

© Flickr / powtacThis rise in the incidence and severity of cyber-attacks is very concerning to the United Nations and to all of us
This rise in the incidence and severity of cyber-attacks is very concerning to the United Nations and to all of us - Sputnik International
Subscribe
The head of the National Security Agency, Admiral Michael S. Rogers, said the intelligence group no longer is interested in backdoor solutions to digital surveillance.

Instead, the NSA wants a "front-door" solution – which some privacy experts think could be even worse.

Rogers suggested a solution in which at least two parties – one of which is the NSA – retain parts of a data encryption key. The solution would require all of the parties to provide their key in order for the NSA to access encrypted communications, as well as prevent the agency from acting unilaterally.

Edward Snowden - Sputnik International
Snowden-Proof? NSA Trying to Stop Future Leakers

“I don’t want a back door,” Rogers said during a speech at Princeton University. “I want a front door. And I want the front door to have multiple locks. Big locks.”

According to Joel Hrusky at ExtremeTech, "The first problem with Rogers proposed front-door solution is that it’s a meaningless feel-good measure given the current regulatory structure of our national security system."

Prior to the Snowden leaks of 2013, digital providers were forbidden from disclosing that they had been contacted regarding national security matters. Documents leaked by Snowden showed that Yahoo! unsuccessfully challenged the legality and authority of the NSA.

Moreover, giving half a key to Google or Yahoo would be meaningless unless the company possesses the authority to refuse to use it.

Another problem with the front-door solution is that it requires cooperation between corporations and the NSA at a time when animosity between the two groups is at an all-time high.

"The NSA could avoid this problem by sharing the key with government-appointed escrows rather than corporations," Hrusky writes, “but this simply hides the process from public view. That’s already extremely problematic.”

In 2008, the FBI assumed the authority to review email accounts the NSA collected through its “PRISM” system, which collects emails of foreigners. - Sputnik International
NSA Spying to Cost US IT Companies $47 Billion Over Next Three Years

There also would be technological questions about security and vulnerability of the two-key solution, as well as the escrow solution.

"The basic question is, is it possible to design a completely secure system" to hold a master key available to the US government but not adversaries, said Donna Dodson, chief cyber­security adviser at the Commerce Department’s National Institute of Standards and Technologies.

"There’s no way to do this where you don’t have unintentional vulnerabilities."

Hrusky argues that what is really needed is structural change in the NSA.

"The agency is loath to give up its ability to spy on American citizens, or even make meaningful concessions to it — which means whatever system it ultimately backs will be designed to preserve as much of its current capabilities as it can," he writes.

Newsfeed
0
To participate in the discussion
log in or register
loader
Chats
Заголовок открываемого материала