Saturday, April 11, 2015

Government wants a "separation of functions" strategy for ultimate user decryption for national security emergencies

The Washington Post has a detailed story Saturday about the dilemma encryption poses for the “fibbies” (to quote novelist John Grisham). The article  is by Ellen Nakashima and Barton Gellman.
A diagram on p. A12 shows the current practices now.  No encryption of your iPhone data would allow you, the FBI (and NSA), and Apple (or Microsoft or Motorola, etc) to access your data.  Single encryption, offered by Apple (and probably soon by others) locks everyone else out.

The NSA wants a system where a decrypt key exists but is broken into pieces in different locations, requiring “separation of powers” (or what workplace security practice calls “separation of functions”) for access, including court supervision (more rigorous that currently with FISA).  The government says that it needs this capacity to break the most serious or existential of bizarre terror or criminal threats, of the “Dateline” variety.  Would this proposal satisfy Electronic Frontier Foundation?

No comments: