 And now we're gonna have a discussion about the crypto wars which is this ongoing conflict about the fact that some governments seem to be very insistent on not allowing people to encrypt their data But luckily there's some people fighting against them and among them. There's the electronic front the electronic frontier foundation the EFF Yeah Thank you Which apparently also doubles in publishing. I don't know if you noticed there's they released a book a science fiction collection recently It's really strange But it's a very good collection. You should read it and now please welcome Kurt Opsol from the EFF Thank you Thank you very much My name is Kurt Opsol. I'm the deputy executive director in general counsel electronic frontier foundation It's a great pleasure to be back here at CCC and thank you all for for coming I know it's a little early in the day So I'm thank you for making the effort to come here today. We're gonna talk about the crypto wars What we call part two the crypto wars part one was about 20 years ago And now it's back So we fought pretty hard back then against attempts to limit suppress and cripple encryption My organization the electronic frontier foundation was on the front lines Fighting throughout the 90s to help preserve The ability for people to use develop and publish strong encryption It was a long struggle took many years But finally by by the end of the 90s Encryption prevailed and we thought at least for a time We would have the freedom to continue to use as strong as encryption as we possibly could But now the governments are at it again They come back to try and weaken or destroy crypto make it harder to use So today we're going to talk about a little bit of the history Going back against the original crypto wars a little bit about what governments are now doing to try and reignite those wars And then some of the the arguments that you can make to help fight back And preserve your access to strong encryption So start with a bit of the background You know for in the earlier times, you know through the cold war even before Encryption was generally considered to be a military technology. Not always. I mean There was actually a commercial version of the enigma machine in the 1920s and 30s But by and large It was used most commonly in the military and thought of as a military technology By about the the 70s That came out with a standard of the data encryption standard des And this started to Popularize encryption has started to be used more frequently It also Sort of helped jumpstart some of the fields of crypto analysis There was an algorithm that people could start to look at and intensely try to see if there were flaws I turned out there were some flaws, but we didn't find that out till till later in the late 70s RSA Found a way to implement the diffie helman public key exchange This was a great advance in in technology allowing people to send encrypted communications when they weren't able to Have a side channel to exchange the key This was very important in the development of cryptography By the early 90s, we had the pretty good privacy and email encryption program that most of you are probably familiar with Allowing people to have ended encrypted email communications And by the mid 90s, we had Secured socket layer introduced by the Netscape for its navigator browser program Allowing servers to communicate with encryption and authentication Between the server and the browser But this presented some some challenges and one of those challenges was what is what is ammunition? So I have up on the screen two types of munitions on the right a more familiar one the tank Which has export controls and many people who find that Sensible that before you're going to ship a tank to people you should I know what you're doing And on the on the left we have the Netscape navigator This is the the international version approved for export And at the time The standard for encryption was 128 bit secured socket layer For the domestic version while the international the export version was limited to 40-bit encryption Which turns out could be could be broken in days and the idea behind this limitation was In part to make sure that organizations like the the nsa could easily break the encryption that we weren't exporting something That couldn't be broken by our security services But this this created some sort of you know relative craziness that Encryption that was developed Overseas could be stronger Cryptography conferences are to be held in places like Caribbean islands to get around these encryption And there were some legal challenges to these Export regulations Now one of the legacies that came out of these Export grade encryption. We just saw actually This year Illustrated through the freak and long jam attacks I'm going to talk about this very briefly. There was actually a great session Yesterday from Alex Halderman and Nadia Hedinger to go through them in great detail I suggest you you watch that if you haven't already But the the takeaway from this for For the crypto wars was that the legacy of export grade encryption Persisted 20 years later so that people were able to convince Browsers and servers to downgrade to the export grade keys Which were designed to allow the nsa to be able to break them But it didn't really have the foresight to think about how much computing power would change over the years. So perhaps In the 1990s when they were trying to come up with these export grade levels They thought that well only only the nsa would have the computing power to do this and so This was a wise idea, but it turned out not to be a very wise idea 20 years later when you can go on to amazon And for 75 dollars and a couple hours of time be able to break some of these export grade Incriptions, so we're still having some casualties from the first crypto wars today During the 90s there we had a challenge a dan Bernstein Challenge export control of his snuffle crypto program This was a case that the eff helped and Took it to the courts And had some success that the courts determined that Code was speech that this was a free expression protected act that you could publish your The source code you could publish your algorithms and this shouldn't be treated As as a munition but rather thought of as speech and out of the the appeal from that case We had a great quote that that came from the court showing that the courts were recognizing both the freedom expression rights here, but also The privacy value that they recognized that the availability of strong encryption would help people protect their privacy Implicating not only first amendment rights But they're thinking about the right to receive information as recipients of encryption's bounty So this was a very strong blow that helped Enable encryption moving forward Another legacy of the 90s. It was the clipper chip This was a a chip set It was designed for voice communications to encrypt voice communications with the skipjack encryption algorithm and then it included a back door with a Key that was supposed to be placed in escrow so that when the government came knocking They could get the escrowed key Decrypt the communications and find out what people said and they wanted to have people install this chip on all their phones And as we and many others pointed out to them back doors can be very dangerous Even a small flaw in a crypto system can ultimately end up being disastrous And as it turned out the clipper chip did have some flaws by the 1994 matt blaze was able to Determine that the law enforcement access field Contained the information needed to recover the key So this made the the key escrow not just a back door for the nsa, but a back door to for other people to access as well There's later an attack that was able to bypass the escrow So clipper ended up being widely condemned and eventually was Sort of universally considered to be a bad idea so When we look back over the 1990s policy debate It's actually very eerily similar to today a lot of the same talking points are being used A lot of the same arguments For example, and there are actually many examples. I'm just going to pick a few But in 1997 the director of the federal bureau of investigation Said yes dog encryption. It's it's great. We love it We just want to make sure that there's a a key that's available so that we can get access to it Fast forward to the 2000s And the fbi's general counsel says, yeah, great strong encryption But they just need to be able to find a way to give us the the plain text So we're considering the end of the sort of same Rhetoric that they realized that perhaps saying we want weak encryption doesn't sound right people aren't people not Receptive to that so they say great strong encryption. We're all for it. It just has to have a giant hole in it So what happened in in the in the 2010s that that brought this The second round of the crypto wars. Why did why did the government sort of start attacking encryption again? The major shift is the development of widespread encryption Uh, you know the the key event that really started off government rhetoric Came around the time that that first apple and shortly thereafter google said that they were going to have Encryption on their phones for the for the data stored on the phone that they couldn't Unlock at the government's request so for example with ios 7 and before It had encryption on there But if you sent the phone into apple and uh, you know brought a warrant and such they Apple could Unlock the phone get access to the information and they said well with the new ios 8 and later They wouldn't be able to do that that the only the user would be able to unlock their their phones At the same time more and more commonplace messaging apps started to have encryption iMessage was one of the early things actually since the beginning of iMessage it had opportunistic encryption so if it was a A text sent from an iphone to an iphone it would use iMessage and encrypt the the message There also became uh tech tech secure became popularized for android What's app? One of the most popular communication tools out there with uh, at least a billion users It started out being unencrypted but Has started to work with open whisper systems to add encryption and encrypt communications of billions of users And this is bringing about more ubiquitous encryption So things that had previously been limited to more technically sophisticated users relatively rare Something that when you know when you look at some of the snowden documents they talk about encryption being used as a flag to say Well, this is interesting because it's encrypted Or they say, you know, we will store encrypted communications until such time as we're able to decrypt them But as more and more communications were being encrypted where it was becoming less unusual less rare This started to become something very worrisome For the government So it started out as As I said from the announcements of having a strong encryption without the ability for companies to unlock for mobile phones Though the conversation quickly moved to talking about end-to-end encryption as a problem The prime minister of the united kingdom cameron Asked rhetorically are we going to allow a means of communication which simply isn't possible to read and his answer Of course was was no not if he has his way He doesn't want there to be a private space where you can communicate without having the government able to look over your shoulder There should be no place to hide So they started to strike back and using some of the tools that we remember from the first crypto wars Public and private pressure on the companies who are supplying these technologies Public rhetoric to try and demonize encryption make it look bad for the public And then by changing that atmosphere try and create a more ripe situation for legislation and of course at the same time the The nsa the gchq Intelligence agencies are working to use technical attacks to try to weaken or defeat encryption So a lot of the public pressure is on the I mean, you know the fbi director Asks, you know, why would you market something to allow people to place themselves beyond the law? And this is sort of a way of twisting the conversation You know not asking, you know, why would someone want to have something would protect People from oppressive regimes or would it give them a private space or allow for Secure e-commerce, but sort of discussing this as something that is only purpose Is to enable criminal activities and Cameron putting the pressure on saying that companies have a responsibility to fight terrorism And if they you know if they care if they're patriotic They will do as I say and put in these back doors put in these governments Ability and they're doing this also in part to focus on the companies with large user bases. I was saying before The thing that has really scared the government is sort of the widespread by default availability of encryption So they're trying to get that switched off for the large companies relegating encryption back to a relatively rare Thing that can be used for for targeting They're also trying to be dismissive Of of the companies Saying, you know, well, it's only a business model. It's it's not a technical feature. It is a marketing pitch Well, in some sense, you know that that that I think that's great Strong encryption should be a marketing pitch should be a reason why you're providing Providing the product to a willing audience, but it is more than that it's also something of principle and they're trying to remove the principle and try and Dismiss the companies as being only profit motivated So there have been What they call some proposals for secure back doors and this seems like a contradiction in terms or a misnomer But nevertheless, there have been a lot of proposals out there. The most common Is key escrow this notion that you have a message that is sent with a symmetric key You encrypt that key twice Once to the recipient so they can decrypted and read it the escrow agent gets a copy that is stored So that at some point later if they want to get it they can get it from the escrow use that key Read the message But this has a number of problems If the escrow agent's private key is compromised it breaks the whole system They have someone will be able to use that key to go back and get messages For well as many people as that key can can unlock so it creates a point of failure And then if you're using a single escrow this can break forward secrecy a property that is very useful for creating strong encryption It's a recommended property that I think we want to have As widespread as possible, but if the whole design is to allow it so that somebody At any point can get the escrow key Go back and read all the messages in the past. This is sort of defeating the point of Forward secrecy Now you can mitigate some of these things some proposals have talked about split keys So that you might have to get more than one key in order to Get it from the escrow agent and you know this this adds some Mitigation so that you have to get compromise a couple of different places to move forward But all of these things add complexity and complexity is the enemy of security for every complexity you're adding You're making a larger attack surface. You are creating additional possibilities for vulnerabilities Also with any case of of an escrow agent You have some questions to rise who would be that escrow would the government be an escrow? That if so, how do you pick which government or which government gets access to the escrow? Should the provider be the escrow? Should we have a trusted third party and for any of the escrows? They're often not in a position to raise the important concerns that we might want to be have handled For example, if we've decided that certain communications are privileged like an attorney client communication None of these escrows are in a position to know that this is a privileged communication to raise that concern and Failed, you know resist providing a challenge the acquisition If you have an escrow you also introduce Insider risk the possibility that someone who's working at the escrow agent is familiar with its practices Can do something that would make it appear like they have a legitimate request that has come through the proper channels and then use that to to gain access to the Previously private communications And we have a bit of a history to look back on a why this can be problematic With law enforcement access points So there have been a number of attacks on law enforcement access points Some they become a tempting target for criminals for state sponsored attackers We look at the example of the greek wire tapping scandal where it was a law enforcement access point That once you get access to the access point you can use its properties and its permissions to get a much wider access Similarly, china attacked google's law enforcement access point using that to get information about dissidents And so If you create an escrow agent if you create a method for law enforcement to get access to it You create a very tempting target that will be certainly in the sights of any attackers So a lot of these arguments have been raised and what we heard back from from some people in the policymaker things is Okay, we see that you have a problem with back doors Maybe we should just rename it. So we don't want a back door. We want a front door Or you know, sometimes people have talked about a side door or a trap door Uh, and this this is very sort of, uh typical of Politicians is that you know, I think that the problem is the rhetoric the name That we can you know, uh the washington post, uh also is and well, we understand that a back door can be Exploited by bad guys So instead how about a secure golden key? Uh, and you know, this this was widely, uh, widely Criticized and ridiculed as as it should have been. Uh, but it reflects an an attitude of, uh, we'll just Say what we want, which is something magical a secure golden key And then toss the problem back to technologists to try to solve and maybe even legislate So they have to solve it And sort of reflecting an attitude that this is all you know, they use the term wizardry It is magical wizardry that people can do and come up with magical solutions So while this is going on it was still, uh, they're they're having some troubles that, uh, you know These proposals were were ridiculed. There's a lot of people who are pointing out the many flaws with with back doors Uh, but uh, they're they're they had held out An interesting hope and this is a quote from the general counsel of the office of the director of national intelligence the uh oversight agency that Looks over the u.s. Intelligence community Uh, it was nothing. Well, what if there was a terrorist attack or criminal event that could be shown to have or encryption Had hindered law enforcement. That's the real thing that we need to to turn this discussion around So, uh, I we had a number of of attacks in this last term tragic attacks Um, and but what what do you do if if you have these things but crypto wasn't involved Well, you suggested it was anyway Uh, so we have the the prescient comment here from michael morrell the former, uh, cia deputy director We don't know anything But I bet you the encryption was involved and then he proceeded to talk about how how encryption was very, uh, very dangerous So after following the the attacks in paris the attacks in san bernadino There were a lot of talking heads who are going on the television shows the Public policy debates and trying to say that encryption was in fault when in fact The paris attackers use plain text text messages The san bernadino attackers actually mostly they communicated just directly in person But they they also use some direct messages That were not encrypted And they're also trying to take this time to demonize encryption to try and Get people with fear uncertainty and doubt the home secretary may brings up what what back in the 90s We had called the you know, four horsemen of the info apocalypse talking about child pornographers crime drugs terrorists The senator feinstein who is on the u.s intelligence community went even a little further Basically saying that encryption will be used to behead children Uh, which you know, I think this is uh taking it a little far a little far So With this in this atmosphere, we're starting to see some proposals come out of many countries to try to limit encryption sometimes to they're talking about mandating a back door sometimes mandating access to plain text without sort of specifying the the manner of the access or Putting laws that would help endanger encryption Probably the most prominent of these right now Is what's known as the snoopers charter the investigatory powers act out of the united kingdom Now this is a an interesting proposal because it is not just aimed at Telecommunication companies in the united kingdom it reports to regulate companies all over the world Now this raises some questions, you know, if you were had a company who did no business in the united kingdom You were completely separate from it, you know, how would they be able to enforce that? But for a large company that has offices all over the world many of them will have Offices or people on the ground within the uk that will be subject to the uk's distinction jurisdiction and this can be a A tool that the uk can use to try and enforce this against them Uh, and it's a long bill as 299 pages a lot of detail There's actually a lot of problems with the bill beyond the encryption issue But today we want to focus on that and in section 189 They have a provision dealing with electronic protection. This is a term which we believe they mean encryption And it is saying that if the provider Put on the electronic protection It may be obligated to take it off now Um, this could be interpreted a lot of variety of ways It will be interesting to see how it eventually gets interpreted But it could be interpreted to require weakened encryption holding a key Uh, banning end to end encryption if it is not possible to do this And one of the things that that's interesting about it. So it has a some language there saying that Only if it's uh, practicable only if it's you know, feasible reasonable to do this But this is done in the home secretary of determination So it won't be the technologist that would be able to determine whether it was practical to be able to remove the encryption But rather the home secretary say I I think that's practical. And so now you're obligated to do that So the latest version of the investigatory powers act came out in november It is currently before a committee in the uk parliament, which is accepting comments right now A number of organizations e f f and many other civil society organizations have submitted comment A lot of industry have submitted comments Apple in particular made some news with its comments with a strong defense of privacy And a warning against back doors saying that a key left under the doormat would not just be there for the good guys But recognizing that the bad guys would find it too There have been a couple other interesting ones around the world Australia has a defense trade controls act That has some interesting language talking about the intangible supply So, uh, you know, this is a a, uh, you know munitions control act and export control Um, and you know, it's pretty obvious when you are supplying a tank, whether you know your supply or not is not very, uh, Hard to figure out But when you're talking about encryption, it gets a little bit weird Because you know, or what if you explain the algorithm to somebody? What if you show them a copy of the algorithm? Is that exporting? Is that supplying the technology? Um, the department of defense in Australia has suggested that merely explaining an algorithm Could be intangible supply come within the zone of this act Um, now it remains to be seen whether that interpretation will be will be upheld in the in the courts But what this means is that there is a Uh, a threat a possibility that somebody who's doing ordinary teaching and research activities Could be subject to these controls with very severe penalties and that provides a chilling effect for people trying to do things Which are very important for our security by doing the research doing the teaching Uh, so a lot of people, uh, uh have signed a petition against hundreds of experts have explained why this is a very very bad idea India also came out this september with a draft national encryption policy This was a a sort of particularly bad one It said that everyone was required to store a plain text copy of their encrypted messages Keep that around and then be able to hand it over upon request. This was widely condemned and ridiculed and eventually India withdrew this they're going to go back to the drawing boards But we'll have to keep an eye out to see what they come up with next Very recently actually on sunday I guess four days ago China passed a new anti-terrorism law In a draft version there was a provision that would require Technology companies to hand over their encryption codes The final vision did remove that but it still contains some very dangerous language Saying that the companies are required to provide technical interfaces Decryption and other technical support So again, this could be uh interpreted to mean that they have to find a way to be able to decrypt it Which means having some weakness some backdoor some additional key that would enable them to do so Uh, and one of the things that actually also came up from china's anti-terrorism law Is that uh when discussing it they were pointing to other countries who have put in or proposed similar things so that uh in when when the Governments around the world put forward proposals to create backdoors to to Suggest that encryption is a problem and they mean it say well We're trying to make it so that it's it's safe for you know western democracy at the same time regimes which are Much more totalitarian can use the same language use the same letter to justify Their own attacks and their own attempts to make it so people can't have secure and private communications In the united states, there is not yet Uh legislation to mandate backdoors and mandate access to encryption Uh, president obama has said that he will not for now Call for this legislation This this for now is is somewhat worrisome And we organized with with several other civil society groups a petition Asking him to Support strong encryption After he'd put out this for now statement to make a more clear statement that they would put that aside and say that no They weren't going to ask for backdoors not just for now, but but forever And uh, we have not yet gotten the the full response to that So, uh, hopefully that will come soon and and it will be a clearer statement But right now we're sort of in a in a waiting game to see whether it'll go forward And the rumor has it that the senate intelligence committee is going to be proposing a bill in the coming spring Now if they do propose it, of course, we will fight against that bill Try and make sure that it doesn't get passed and if it gets passed Move to our get it thrown out in the courts as as unconstitutional Uh, I want to take a brief moment to talk about the trans-pacific partnership This is a international, uh, trade agreement that has been negotiated as now being, uh, considered and some people look through this, uh, lengthy agreement once it became public and noted That there was a little bit on encryption and there was a question Well, was there actually some good news in this otherwise the tbp is fairly terrible? Um, and it turns out in the final analysis No, there was a provision in there or is a provision in there Saying that a provider may not be compelled to give a key Uh, but only as a condition of sale So it's silent as to whether they could be compelled to give a key under other conditions And there's also a provision in there that said that the provider can be required to give decrypted content Which still has a lot of the same problems that, uh, we have been we have been fighting against So at the same time as this legislation is going on the public policy debates In the background, there are also, uh, technical attempts to try and reduce the effectiveness of encryption Make it harder to use harder use securely One of the more prominent ones that came out of the snowden documents there was routing around encryption We have here the illustration, uh, where they looked at the, uh, communications between data centers Where google added and removed ssl at a particular point and they were able to get in there and get the unencrypted communications Now when that came out, uh, this caused, uh, uh, google and many other companies to beef up their encryption And encrypt between the data centers, but this is still People are still looking for it and you can rest assured that, uh, the, uh, Intelligence agencies are trying to find places where they can just go Find a gap in encryption and get the information there They're also working on breaking encryption inserting vulnerabilities and putting on malware go through a couple of these One is there's, we know from the snowden documents about the bull run program Uh, $250 million a year budget to insert vulnerabilities to influence policies participate In, uh, cryptography discussions to try to weaken it and influence the standards that are being used And we saw a, uh, an example of that, uh, with the rsa's use of the dual ec d r b g Uh, encryption standard or the random number generator, uh, this had a flaw, uh, that if there was a, uh, I'm only going to go over the technology of this very briefly We don't have much time, but there was a constant hue that if you if you knew what it was if you, uh, made it, uh, special would operate To significantly reduce the complexity of attack and basically be able to backdoor the random number generator and therefore be able to More easily get access to encryption Uh, and the nsa paid rsa $10 million to make it the default And we had, uh, so this was known to have a potential, uh, backdoor as early as 2007 Uh, after some of the snowden documents came out after we got some reports about the $10 million payment people looked at it very deeply And showed how it could be used and proved that it could be used for this backdoor But very recently we actually got a, uh, an interesting example of this backdoor in operation, but it's a very curious case So, uh, juniper uses an operating system for some of its routing software that used this, uh, dual ec Program, but it didn't use the the q that had been suggested by the nsa They use a new and alternative q So perhaps this means that you know that there was a backdoor, but but they changed the locks Um, and in addition the output from dual ec was passed through a second stronger random number, uh, generator, which you know, you may, uh, uh, have Made it so that uh, it was it was not a big deal that, uh, it would be put through the stronger one and and made it made as strong As that however people discovered by looking at the at the code that there was Uh, a portion that was looking at the raw output, which is the the purpose of which would give them these 32 bytes that would be necessary in order to passively, uh, break vpn And in addition there was a second flaw that came out was that somebody had hard coded a password Uh for ssh and telnet into the program these looked to be perhaps different attacks There there one is good for passive collection of vpn The other is good for going in and owning a particular, uh, router But what is very curious about this is, uh, what what exactly happened here? It seems like someone came in took advantage of the backdoor that the nsa had created through the dual ec And used it for their own devices. This is illustrating What are the great dangers of putting in a backdoor? They depend on the notion that only you will be able to use this backdoor that you'll have the key Keep others out and have access for yourself And yet what we see here is an example where someone was able to switch out the locks create a new key And create their own backdoor that would be dependent on this infrastructure that had been maintained Finally malware malware continues to be, uh, uh a way to route around encryption if you control the endpoint You can go ahead and look at the the plain text you use a keylogger to get people's passwords You can, uh, basically avoid the encryption so they can think that they're having end to end encryption But of course only, uh, it's only good if the end isn't compromised Uh, and this is this is a tool that is more oriented towards targeted attacks while the other tools like passively looking at vpn More oriented towards mass attacks All right, so how do we fight back? What are the what are the arguments we can raise? What can we say the policy makers? What can we do to fight against this? Well, we can rely on arguments with principle with public policy with pragmatism and with promotion With principle Just have to explain to people that strong encryption is required to effectuate human rights principles That we need it for privacy that we need it for free expression that encryption is going to help us bring a brighter future And look to the universal declaration of human rights, which Enshrines within it the notion that people should have the privacy free from arbitrary interference The principle from article 19 Free expression that people have the right to free expression that right includes the ability to seek receive and impart information And ideas through any media In order to effectuate that right to receive and impart information And ideas we need to have encryption we need like any media should include encryption and you should be able to Include within those ideas Encryption and this is also the notion that code is speech code is an aspect of freedom of expression That if we are going to have these rights as a port and human rights principle Then it must allow for the publication of strong end end Crypto systems. I think there's a especially comes True for open source systems where people are putting out and publishing Things for the world to see because they want the world to look at their crypto systems See what the problems might be find vulnerabilities report them back Those things can be improved and be part of the ongoing dialogue and this requires having The freedom of publication the freedom of discussion and having people come together at places like ccc to discuss Debate and improve on the crypto systems And then the other important human right principle that needs to be recognized is that protecting against oppressive regimes is more important Than maximizing spying That we have a greater role in trying to protect people give them the the freedom to organize to talk amongst themselves To have a private space to effectuate their democracy rather than increasing and maximizing the power of the state Thank you So weakening encryption Is actually it's mostly good for mass untargeted spy Things like where where it is If they have targeted spy they can use tools like malware target attacks tailored access And go after a particular target But when you're going after an entire crypto system, what is the purpose of that? And the purpose is to enable mass decryption of mass communications So you control through it and look for subversive elements look for keywords And mass spying is less effective and more invasive So one of the reasons we have to hold a line of having strong encryption Is at least to require a security state to have to have a reason to go after people have to put into some effort And make it sure that they're only targeting where they have the Strongest it's most necessary to the to the reasons they're looking for We also want to have strong encryption so that we can have a feeling Of the strength coming from looking at the math looking at How the crypto system works having that tested by our best crypto analysis So that we can say it's not just a black box that we put something in there trust that it works okay, and then Hope for the best and the thing is you can't combine that with with back doors Because if you're if you're putting in a a back door and system You don't know all the ways in which it works out if you have something like the the clipper chip It was it was a black box for the first Three or four years that it was available. They weren't showing the algorithm. It was just trust us. We've done this well It said we want strong encryption which can be looked at tested and understood so we can trust the math Also, we want strong encryption because it enables innovation Since we we had the first crypto wars The availability of strong encryption has been tremendously useful The e-commerce that we use day to day It was enabled by the ability to have encrypted communications authenticated communications between servers and browsers Strong encryption and the availability at it have come with innovations like bitcoin the possibility of a crypto currency depends on the availability of strong encryption and after having that be a theoretical possibility for many years We have found in bitcoin a real-world example of some innovation relying upon strong encryption And if we go ahead and try to force the companies to compromise on security This makes everybody less safe That encryption is critical for security So oftentimes the policy makers when they're trying to argue encrypt against encryption They're making an appeal to national security. We need to have weakened encryption for security This is a false debate. This is there's not a trade-off between Security and encryption security is vital. Sorry encryption is vital for security At the same time if you say, all right, you know, we We still we want to have This backdoor if you put aside the arguments about it even if you think that a backdoor is a good idea It's still you have to address the other question. Who do you give the backdoor to? So even if you think your own government is the best most honorable government in the world And they will surely only use this for for happiness and good At the same time, well, what about the other governments? And when you say that we get to have a backdoor for for these communications Then the other governments the ones that you might not like the ones you might find to be a repressive regime They're going to ask for a backdoor too And then who gets to have it? How do we have a principal discussion about that? And we saw this as we're just saying in the chinese anti-terrorism law where they're using citing to Some of these language and rhetoric To say well, we're just doing what other countries are doing I think another public policy thing you hear going dark is a big thing that that You'll you'll hear from from governments say when encryption is making us going dark And this this is just not recognizing that we're actually in a golden age of surveillance that right now you have cameras on So many street corners people are carrying around a location tracker a mobile phone in their pockets at all times Everything they do making credit card purchases having Even encrypted communications are providing tons of metadata that is being trolled and analyzed It is is easy for governments to conduct surveillance that has ever been And yet they want to say that they're going dark just to add this extra element so they can try and get the encrypted communications We could also argue about pragmatism laws. I mean one argument It won't work And this is true as far as it goes That when you if you try to ban encryption you've trying to say that you can't have strong encryption What are you going to do about an open source project if you mandate that it has a back door someone might compile it without that back door And free software is hard to stop and even if you make it hard to publish in certain jurisdictions Information wants to be free. It will find a way out there This is as good as as far as it goes though as we're saying before the governments Are mostly concerned with widespread availability of encryption So that it's only so good to have encryption available with people with a technical sophistication Enough to compile their own code We can also argue on a pragmatic level about math that it's just simply not possible to make encryption Simultaneously weak and strong And finally if the argument is about national security about terrorists all these efforts to weaken encryption Will mostly affect law-enbiting people. It's not going to stop terrorists from being able to use these tools So what can you do about it? Well, you can help by promoting creating improving and using encryption Um show your friends how to use encryption Thank you Make it as widespread as possible. You know how to use it I think probably most people in this room have used encryption many many times But you might have some friends who are new to this show them how to use it show them how to operate a secure messenger Uh show them how to install tor EFF has a uh program surveillance self-defense ssd.eff.org It has tools to show people how to defend themselves Uh and for those of you who are programmers who are working on some of these projects Try to make censorship resistant crypto tools make them open source make the Uh the distribution as wide as possible so that it will be difficult to take back and put that genie back in the bottle Use reproducible builds so that someone who uh downslowed it will know that they are getting and compiling The thing that you have shown them with the open source to have strong encryption Uh, I'll just talk briefly about some of the efforts that EFF is working on to try and help with a widespread adoption of encryption You heard earlier in ccc. I hope some of you went to it. There was a talk about let's encrypt This is a new certificate authority that tried to make it easy and fun to add ssl to every Website to add transport layer security so that there's no more excuse for having an unencrypted website We also have been looking at rating Uh big providers on how well they are working at Encrypting the web so we have the encrypt the web report. There's a screenshot of it there You can see a number of companies have gotten five out of five This is in part a reaction to that smiley face we saw on the slide earlier Where they were putting in stronger encryptions in reaction to the student document And we're continuing to put pressure on all the large providers to massively increase their use of strong encryption We also have the secure messaging scorecard Which goes through I think it's about 30 or 40 different messaging tools and provide some information about what kind of encryption they use With a checkbox system. So if you want to find out What messaging systems are using encryption and how much they're using go check it out the secure messaging scorecard And try to add and start using as many encryption programs as possible so that you can Take advantage of strong encryption. Keep it strong. Keep it safe and make sure that we win Crypto wars part two. Thank you very much Thank you. Thank you for a great talk. We now have about 10 minutes for q&a So please just line up at the microphones or of course if you're on the internet use isc or twitter to also ask questions And we'll just and if you're leaving Please be quiet Stay out of the line of sight of the cameras Just try to be Just don't leave maybe but be quiet if you do And now microphone number one, please I happen to to stumble upon the the scorecard ones And and whatsapp was marked with a lot of green check boxes Um How much can we trust what's up especially in the terms of it being a A really high value target since So many people are using it So what's that? Yeah, it's indeed a high value target. I think they have uh, I think I was saying uh over a billion users For a long time. They they were not having uh, strong encryption. They started to work with Open whisper systems and moxie marlin spike to increase the encryption right around the time that they were being absorbed into facebook So I I think they they are making efforts to increase the encryption have it have it be good Though I would say the secure messaging scorecard I think this is true actually of a number of our rating things it it does rely upon Public information that's available at it We don't have the ability to to sort of go in there and see if something secret has happened to look through the to Unless it's open source code. We can't look through the code So it's based upon the information that is available uh, so I I am hopeful that that they are looking at that but Only they can can guarantee Um, sorry small follow up. Um, so you did not talk to the internal auditors that happened to have a look at the source code That's correct. Okay. Thank you And now a question from the internet, please Thank you. Um, are we facing a future where encryption is totally prohibited by law? And why is it? Not today. So is it because the agency are still able to obtain the data? So, uh, are we facing a future in which encryption will be prohibited? No not yet Uh, and I hope not ever Uh, we we won the first, uh crypto wars and I think we can win this one We can show them both through through reason through, uh through principle through rhetoric Why banning encryption having a world without a strong encryption is a terrible idea And we'll fight to maintain that as long as we can and even if some jurisdictions do Past laws that ban encryption encryption will still be out there be available from other sites So I think that we can win this war Microphone number two, please Hi, my name is machi and and this should not be intended to be the trial question But what are your honest opinion about the homebrewed crypto? Uh, so my opinion about homebrew crypto, uh, well one thing I think, uh, Bruce Schneier has said is that anybody can create a crypto system that they themselves cannot break So, I mean this is not to say that someone can't come up with with a good idea But before you can put much, uh, trust into these things It has to be peer reviewed. It has to be made available Get world-class cryptographers to attack it find the flaws improve it based upon those flaws And see if you can do better. So, you know, if somebody has a better a better crypto system The only way we're going to know is if it is heavily tested heavily vetted and not put out there until Everybody can look at it attack it and fail to break it But what if the crypto is using just only the some private circle of people? If the crypto is only sorry some for some some for for small group of people I would still rely upon publicly vetted crypto programs And if you're uh, if you're creating an application that uses crypto You should not only use a a a crypto program that has been tested Explain why you're choosing that one have some some Thought into it so people can understand that decision-making process And make sure they're making their decision about whether to use it based upon it Okay, thanks Number five, please. Yeah. Hi. My name is Matthias. I'm on the board of reporters without borders germany And in case you don't know here we are suing the bnd because we think that what they're doing in collecting data and analyzing them is Out of proportion breaking the law and probably even the constitution. So I thank you for that Now I gave that little intro because I have a question that might not be so popular here in this room If you assume that your conclusions and your propositions are correct and I think they are then We have to assume that we need strong crypto if we at the same time assume End-to-end encryption if we at the same time assume that Law enforcement and police have to have some way to go after the bad guys What's the consequence does that mean that you are in favor of giving law enforcement the ability for example to use Trojan horses or other kinds of technologies to put them on people's computers because we can assume that the bad guys are not just doing phone calls over Regular phone lines nowadays or if you don't think that this is Proportionate or the way to go then what is? well, um, thank you for that question What uh, well we've done at eff with with ourselves actually a number of other organizations We've come up with the necessary and proportionate principles You go to necessary and proportionate.org to see them. There are 13 principles For government surveillance in order to balance the the needs of the state against human rights principles So when they can go forward, I mean there's 13 principles It's a bit much to go through right now but the the gist of it is that we want to make sure that it's only when it is necessary and the uh Amount that the governments are will be allowed to do is proportionate to the crime that they're investigating the the act that they're They're investigating so that whether they may use a particular tool would be dependent upon the circumstances and always with Court oversight making sure that it is done in accordance with law In accordance with these principles So I encourage you to check out necessary and proportionate.org. Thanks And and now the internet please Are there any documents at eff about q-fire and jack up talked about a while ago About q-fire a validation software. Uh, I'm not aware of any Well, that was quick number four, please I really like the overview of arguments you you gave I've discussed these matters often with a wide range of people in the past few months um, and one of the arguments that you have not actively or directly refuted is that well, we have wiretapping laws for phone conversations and Could they not just Analogously hold for digital communication in a more broad sense what we would be your response to such an argument But I think that there's actually less and less of a difference between phone conversations and electronic communications In fact these days many phone conversations are actually going over a voice over ip. They're they're being translated the same way as as an electronic communication and so I mean Many countries actually have brought these things together and applied some of the wiretapping rules To voice over ip even though it goes over a different different network The you know the important thing the principles behind this is to make sure that they are getting access to The content of communications only in accordance to law with a high standard have you know come back with a warrant Make sure that before you get access to to voice communications or written communications You are meeting the highest possible test to make sure that this is something that is necessary and proportionate to the investigation so The reason I bring this up is because often it's not allowed to construct Telecommunications network in such a way that it's not possible to wiretap the plain conversation going on And this is in some sense analogous to what you're discussing here It is and I think oh, you know in the united states We have the computer assistance to law enforcement act calia. It was actually passed in the 90s It exempted the the internet, but for voice communications required to have Some some access to these to these communications and so I don't think we should Move that beyond that. I thought we actually you know, I think that was a terrible idea in the beginning And And this still does not prevent you from using and encryption is just that people don't really have Easy technologies if you're using a plain old telephone system to have an encrypted communication but if you use A voice over rp application for example, if you use a signal you can have an end-to-end encrypted voice communication so that even if they have a A wiretap compliant network, they're still just going to get the encrypted Information that was going through so end-to-end encryption is is the is the better solution for the end user And we out of time, please thank her again. Thank you very much