Encryption Backdoors

21. February 2016 · Categories: Politics, Software

What are the options with current technology to provide encryption backdoors? And which policy goals should we have?

As policy, we want backdoors that provide inherent checks on abuse. When police searches a house, it is obvious to the neighbors, it requires the expense of manpower to do the search, and the subject of the search knows about it. Similarly, we want any mechanism to be expensive enough to deter casual use, obvious enough that it does not happen behind our backs, and safe enough that criminals cannot exploit it.

On these counts, a master key is awful policy. It would have to be kept secure in at most a handful offline locations. There would be a huge temptation to make more copies to provide better access, and most governments will want to have their own master key for their subjects. There will be so many copies in the end that at least one will be stolen. The cost for each decryption would be so low, and the act so invisible, that there would be no deterrent from overusing it. Worse, if the master key was stolen, it would be very hard to detect, and probably impossible to prove. And as Jonathan Zdziarski observes, the legal system will basically force the tool into the open for validation, making such a threat very plausible.

A much better alternative would be to include a random key on each device1 used to store enough bits of the password that the full one could be brute forced on a 10 million dollar computer in a week or so. We would also need to update this regularly to account for the increasing processor power that a cracking device can have over time. One would retrieve the key by destroying the processor and carefully checking the nonvolatile storage on it to determine the device key, not an easy task given the small size of such structures. As policy, it would be much better, since it is expensive to hack each device. There is no scaling that after you cracked one, further ones would become much cheaper. You need the device in your physical possession so it is both an additional protection, and you cannot work undetected. And the special equipment needed to analyze the chips would make it difficult for criminals to acquire such equipment unnoticed.

This would require discussion about how difficult we want to make breaking into phones. What should be the price such cracking should be costing? The real big problem is that anything that would be worth spending millions on prosecuting would find it worthwhile to actually use proper encryption software that is effectively unbreakable, while we cannot make backdoors so weak that people would be subject to persecution by repressive regimes. In the end, backdoors are only effective against criminals doing awful stuff while being stupid enough not to employ proper encryption, or for checking on information stored by crime victims. Such a backdoor could be provided such that people can consciously activate it so that in case of death there is still a way to access information. But in general, we know that nowadays we leave such a thick digital trace in all our interactions, plus clandestine surveillance is now so powerful, that law enforcement has more than enough other venues to fight crimes.

  1. The classical way to store secrets on a processor have been eFuses, which are relatively large, in the μm range, and can be read quite effectively. More modern approaches use anti fuses, for example from Sidense and Kilopass. These are much more difficult to read, and I suspect are the technology Apple is currently using to store their per device keys. To read out the keys, companies like Chipworks do look at chips very carefully, and it is interesting to read about the technology used

Dealing with Strong Encryption

21. February 2016 · Categories: Politics, Software

When we are talking about how we should balance privacy and surveillance in the age of encryption, we basically all want the same thing:

Good Guys should be safe from intrusions, from identity theft, from banking fraud, from espionage, from exposure of their private lives that could make them vulnerable to extortion.

Bad Guys should be monitored so that they cannot do bad things, their private lives exposed as needed so that we can put them behind bars preventing further trouble, their plans visible so that we can counter them.

The trouble is that encryption, the technology, itself cannot distinguish between the good and the bad. In fact, our collective understanding of what is good changes over time. So there is no hope of ever achieving such a goal. For Hitler, Stauffenberg1 was terrorist, and when we define any policy of how we are dealing with encryption, we should be careful what the implications are for the Hitlers of our world.

Often people are saying that we should add a backdoor for law enforcement to gain access when needed. This relies on a few key assumptions to work out well:

  • the police is fair, and will not abuse this power. This requires strong checks and balances to prevent the few bad apples from abusing their position. On the other hand, there are counties counting on citations to balance their budget: how can we trust them not to peak into people’s private lives to find some fines?

  • the key for the backdoor is kept safe. Again very difficult to believe given the data breaches governments have. Since it would be a universal key that would expose a few hundred million people, the stakes are high. Will we be willing to guard them as well as we do for nuclear launch codes2 now? Can we guarantee that the guardians will do their job when the rewards would justify 100 million dollar bribes?

  • we have seen governments taken over by bad actors. Is any policy we are formulating robust for such a case?

The impact on foreign governments is important to consider: will they be happy that foreigners can access the phones? Will they demand that they get their own backdoor as well? Or will one universal backdoor be too widely know and quickly spread to thieves? Will they have the same regard for political rights as Western Governments? Wouldn’t the lack of universal encryption make it harder to fight for democracy? I believe the negative impact adding backdoors would have in repressive regimes is reason enough not to pursue this option.

Just as Americans accept thousands of gun casualties every year as the price for the right to own a gun, we need to be aware that we cannot achieve perfect security from terror, and that we need to accept somewhat less efficient crime and terror prevention as the price for keeping our data safe from criminals and espionage. And honestly, we cannot prevent people having awful plans. We can only work hard to deny them the tools, guns, bombs which enable them to become actually destructive.

We value our freedom of expression, we celebrate those who fought against injustice and made the world a better place. Privacy is important because it allows experimentation without public condemnation, because it prevents totalitarian oversight, because it keeps you safe from extortion. We must not allow fear to rule us, to cause us to limit the freedoms that have enabled so much progress.

  1. Stauffenberg is now celebrated for the failed attempt to kill Hitler in 1944. 
  2. Actually, launch codes are easier to protect, as there is a human receiving them, and doing extra checks. Our devices would happily accept anyone with the right key. 

Hacking into the iPhone

17. February 2016 · Categories: Apple, Politics

Tim Cook has publicly opposed an order to help decrypt a mass shooters phone in an FBI investigation. The court order basically asks Apple to create a special version of iOS which disables security measures, and Rich Mogul suspects that this case is designed to serve as precedent to create backdoors.

On the technical side, Apple has designed its hardware such that it uses an embedded key to prevent stealing data directly from flash memory. So you are forced to use the phone itself unless you are willing to spend probably a few millions to carefully examine the processor itself to read the embedded security fuses, with a fair chance that you permanently destroy your access. So Apple is the most reasonable route to gain access.

The trouble is that this demand is worded in such a way that it can later be extended to encompass more and more cases:

The FBI should get the modified software. This is very problematic because it makes the backdoor widely available, and very cheap once created. Especially there is no incentive for the FBI to properly safeguard this master key to every iPhone on the planet.

Software locked to this iPhone. Sounds great in principle, but this would require an awful lot of engineering to make it impossible to modify.

Apple must provide a backdoor. This could later be extended to force Apple to provide special software for ongoing investigations, or even a general master key for law enforcement.

If you were to ask for this information in a manner that reduces the risk of it being repeated, you would intentionally structure all the steps in such a way to minimize any risks. The software would be created by Apple, and would never be on a networked machine. The cracking would be done on Apples premises, and the FBI would deliver every day a new file with the passcodes to be attempted. Should the right code be found, the code would be noted, and the phone returned with any traces of the special software removed. Also once the cracking starts, all sources and any other copies but the one running on the phone would be destroyed, to reduce the risk of a break-in.

Improving Cockpit Doors

26. March 2015 · Categories: Politics

After the shocking revelation that the Germanwings Airbus A320 that crashed in the Alps was apparently intentionally destroyed, one wonders how this could have happened. The problem seems to be that the lockable cockpit doors introduced to prevent terrorists taking over the cockpit can also enable an insider to lock out the crew. As such, it would be a good first step to implement the American rule that there must be always two people in a lockable cockpit worldwide. And as a second step we should take a hint from the protection of nuclear launch sites, and use two switches far enough apart that a single person cannot reach them simultaneously to confirm the cabin lock.

The design needs to prevent one person to lock out the crew, while staying robust against a takeover attempt by terrorists. A more concrete solution would be:

  • The central lock switch remains, but only activates a one minute lock.
  • To keep it locked for longer, both pilots need to confirm the lock simultaneously. This would be a switch each on the outer side, so that one person cannot reach both at the same time, and it would only trigger when a sensor registers the weight of the pilot in its seat.
  • To be able to lock the door with only one active pilot, there is an emergency switch on the outside that triggers the lock, which can then be confirmed by a single pilot on the inside.

Die Probleme der PKW Maut

24. March 2015 · Categories: Politics

Wenn man sich den letzten Entwurf ansieht, dann bleiben noch eine ganze Reihe von Problemen bei der Maut:

  1. Die Einnahmebegründung geht ganz unverhohlen davon aus, dass man für ausländische PKW die dreifachen Einnahmen pro gefahrenem km erzielt verglichen mit inländischen PKW. Man kann ja kaum deutlicher Diskriminierung schreien.

  2. Ebenso problematisch ist, dass die Verminderung der Kfz-Steuer überaus gut mit der Abgabe abgestimmt wurde, und es auch eine direkte Vorgabe gab, eine Mehrbelastung der deutschen Autofahrer zu vermeiden.

  3. Das gesamte Gesetz vernachlässigt das Problem der Bundesstraßen, wohl weil niemand zu glauben scheint, dass Deutsche auf die Maut verzichten können. Dass man also jemanden, der direkt an einer Bundesstraße wohnt, damit zum Kauf nötigt, kümmert niemanden. Auch wie man eine Bundesstraße quert, ohne mautpflichtig zu werden, ist ein ungelöstes Problem. Ich glaube jedenfalls nicht, dass man plötzlich ein paar Dutzend Milliarden übrig hat, um alle Kreuzungen mit Brücken zu versehen.

  4. Die Speicherfristen für die Daten sind viel zu lang. Erstens wurde vergessen, für alle Erstattungsgründe Fristen in das Gesetz aufzunehmen, und dann dürfen noch weitere Daten für bis zu sechs Jahre gespeichert werden. Warum kann man nicht aktiv auf eine Erstattung verzichten, und so eine frühere Löschung der Daten erreichen? Und welchem Zweck dienen diese Extradaten, da nach Ablauf einer Plakette kein Interesse mehr an diesen bestehen kann?

  5. Auf der anderen Seite kann man sich die Plakette wegen Nichtbenutzung erstatten lassen, ohne dass irgendwelche Kontrolldaten gespeichert werden dürfen. Sieht nach einer Supereinladung für Missbrauch aus.

  6. Es wird nicht spezifiziert, welche Auflösung für anonymisierte Daten noch zulässig ist. Da man bei schlecht gemachter Anonymisierung noch gut einzelne Daten zurückholen kann, wäre dies sehr wünschenswert.

How to Inflate the Euro

02. March 2015 · Categories: Politics · Tags:

We currently have a problem in the Euro area with too low inflation, also caused by deflationary policy goals with regard to Greece. What we seem to forget is that money is an illusion, a carefully orchestrated one that mainly works by keeping the supply limited. When we have a deflation caused by technological change, we cannot count on the traditional means to inflate, since with interest rates already at zero the extra money will not be used to found extra investment, it will merely fuel asset price bubbles. So we need a different way, to get the money to people actually willing to spend it. The best way would be to literally print money, and give everyone money directly. 500€ would be a good start, roughly 1% to 1.5% of GDP per capita. This would send a very strong message that one is serious about restarting inflation, while limiting the instrument to situations where inflation is below 0.5% would reassure investors that printing money would not become a habit. 

Let Kids Vote

14. February 2015 · Categories: Politics

In our modern democracies we typically give all citizens from age 18 the right to vote, until they die. Even when they have dementia, they keep the right, and their legal representative may vote for them. Predictably this has led to policies that favor the old and gets the young shafted. Therefore it is time to extend the vote to every citizen. Since 18 is a good age where you are informed enough to vote, parents should cast the vote for the younger ones.

I believe a reasonable set of rules for the kid vote would be the following:

  • you get the vote when you are 6 months old

    This is long enough to make sure registration has happened, and prevents differences because some bureaucracies are more efficient.

  • only a legal representative who also has the vote itself may cast the kids vote

    This is to prevent an outcry for children born to foreign parents. These can designate a citizen they trust to cast the vote for their children.

  • if there are two caretakers, typically mom and dad, then each gets a half vote for each kid

    A bit more complicated to count, sure, but you prevent fighting between the parents how to cast the vote. Especially you prevent strong arming to twist the vote in one partners favor, or that the courts need to intervene to get to a vote when there is a stalemate which prevents the vote from happening.

The risk with this is of course that we get even more votes for people that are not working, which could increase the pressure to implement costly programs such that the tax load becomes suffocating. But I believe that we have strong enough safeguards against discrimination for that to become a big problem.

Erbschaftsteuer und Unternehmen

15. December 2014 · Categories: Politics

Die massiven Steuervorteile, welche man dem Mittelstand gewährt mit der Steuerfreiheit für vererbtes Familienvermögen, sind eine Frechheit.

Es ist zwar nachzuvollziehen, dass man bei einem Führungswechsel wegen Todes das Unternehmen nicht unnötig belasten will, aber dafür benötigt man keine Steuerfreiheit. Eine weitaus fairere Methode wäre es, die Erbschaftssteuer den Besitzern zu stunden, solange das Unternehmen weiterhin in deren Besitz bleibt, und die Besitzer den vollständigen Satz zahlen zu lassen, wenn diese das Unternehmen verkaufen, Vermögen für private Zwecke entnehmen (natürlich nur über den entnommenen Anteil), oder mit ihrem Vermögen ins Ausland verziehen.

Auch wäre dies eine gute Gelegenheit, die unglaublich grosszügige Staffelung der Erbschaftssteuer zu überdenken. Ein Freibetrag pro Person von 250000€ ist eine großzügige Basis, um kleinere Geschenke, die man doch nicht gut kontrollieren kann, von der Steuer auszuschließen. Danach drei Stufen, 20% von €250K bis €500K, 30% von €500K bis €1 Mio, und 40% für alle Beträge darüber. Extra Freibeträge sind dann noch sinnvoll für direkte Verwandte, welche nicht erwerbsfähig sind (für deren finanzielle Absicherung sollten €500K ausreichen), sowie beim Ehepartner über das gemeinsam erwirtschaftete Vermögen. Zu guter Letzt dann noch einen Rabatt für einen Nacherben, wenn der Zwischenerbe schnell verstirbt; z.B. könnte man den Nacherben 3.33% der Erbschaftsteuer zahlen lassen für jedes Jahr, welches der Zwischenerbe noch leben durfte.

Damit hätte man ein deutlich gerechteres Erbrecht als das heutige, welches die Familie massiv besser stellt.

Mautkosten

23. November 2014 · Categories: Politics

Die Kosten für die Maut werden deutlich höher ausfallen als nötig, da diese aufgrund des Gleichheitsgrundsatzes eben auch für Inländer optional sein muss. Dadurch entsteht Kontrollbedarf eben auch für die Landstraßen, was einen erheblichen Anteil an den gesamten Kontrollkosten ausmachen dürfte. Wenn man die Kosten von 200 Mio dann dem fairen Mautanteil von Ausländern (gut 6,5% Anteil, entsprechend 210 Mio) gegenüber stellt, dann wird deutlich, dass sich die Maut überhaupt nur durch in der Summe gegenüber Ausländern diskriminierende Tarife rechnen kann.

Mautüberwachung

03. November 2014 · Categories: Politics

Wenn man sich den Entwurf zur Maut mal genauer ansieht, dann fällt auf, dass die Kontrolldaten ein ganzes Jahr gespeichert werden sollen. Und das alles, damit man kontrollieren kann, ob eine Erstattung der Jahresmaut wegen Nichtnutzung gerechtfertigt ist. Das ist völlig überzogen, da man stattdessen die originelle Maut optional machen kann, und sollte man sich irren, einen nachträglichen Erwerb ermöglichen könnte.

« Older articles
Newer articles »