-
Barring serious fundamental crypto breakthroughs, it's not technically possible to introduce a back door for law enforcement without putting the users at risk. Any back door (or "front door," which isn't a real thing in cryptosystem design) represents an additional attack vector. For example, a hypothetical key store for an encrypted messaging service, even if designed to be used only after due process is applied, represents a huge risk to all users of the system, from other nation-states or other organizations.
-
More importantly in real-world scenarios, these encrypted messages will be around forever, and "due process" is malleable. In early-2000s America, one can imagine a suspension of due process in the investigation of a major terrorist attack or other act of war; in other countries, due process is redefined or taken away after a regime change. Then every message sent by anyone who has ever used the system is vulnerable.
-
-
Save cdzombak/62edef273e93fc823dc2 to your computer and use it in GitHub Desktop.
problems with "due process compatible" cryptosystems
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment