Encryption Backdoor

From SI410
Revision as of 13:05, 23 February 2016 by Skekloff (Talk | contribs)

Jump to: navigation, search

An Encryption Backdoor is the concept of building in an alternative method of accessing data, allowing an unauthorized user to bypass security precautions and undermine the intended purpose of data encryption. Encryption is a form of Information Security where information is manipulated via algorithms, preventing sensitive information from being read if intercepted by an unauthorized recipient. Successful encryption will involve a pseudo-random and complex key possessed by the intended recipient of the information, allowing them to read it. An encryption backdoor has the implications of creating a master key, capable of being replicated to breach a variety of encrypted devices.

Verizon Voice Cypher Secure Diagram of Encryption

History of Encryption

The first documented display of written encryption was utilized in Egyptian hieroglyphs dating back to 1900 BC. Since then, populations around the world have used various means of altering messages to protect invaluable information from being deciphered. [1] In 1977, the United States adopted the Data Encryption Standard, a 56-bit key algorithm IBM developed, later modified by the National Security Agency. [2] DES was later replaced by the superior 168-bit key Advanced Encryption Standard, approved in 2001 by the United States government for classified information. [3]

Cases

Bernstein v. US Department of Justice

As a Ph.D. candidate, Professor Daniel J. Bernstein developed “Snuffle” an encryption algorithm at the University of California at Berkeley. [4] In 1993, Bernstein confronted the existing government export mandates on encryption software by suing the State Department. The existing policy, dating back to the Clinton Administration, considered distribution of encryption schemes to be a punishable criminal act without government sanction, resulting in up to $1 million in fines and 10 years in prison. [5]Bernstein argued the policy greatly hinders in person collaboration, violating his First Amendment rights and interfering with his cryptography and computer security research. In 1997, Judge Marilyn Hall Patel concluded that source code is protected speech, therefore “the encryption regulations are an unconstitutional prior restraint in violation of the first Amendment.” [6]

Verizon Voice Cypher Secure Diagram of Encryption

Ethical Implications

See also

References

  1. SANS Institute InfoSec Reading Room: History of Encryption https://www.sans.org/reading-room/whitepapers/vpns/history-encryption-730
  2. Tech News World: A Brief History of Encryption http://www.technewsworld.com/story/70437.html
  3. National Institute of Standards and Technology: NIST Withdraws Outdated Data Encryption Standard http://www.nist.gov/itl/fips/060205_des.cfm
  4. Electronic Frontier Foundation: Bernstein v. US Department of Justice https://www.eff.org/cases/bernstein-v-us-dept-justice
  5. Electronic Frontier Foundation: Court Declares Crypto Restrictions Unconstitutional https://www.eff.org/press/archives/2008/04/21-37
  6. Electronic Frontier Foundation: Mathematician Challenges U.S. Lid on Encryption Software https://www.eff.org/press/archives/2008/04/21-44
Retrieved from "http://si410wiki.sites.uofmhosting.net/index.php?title=Encryption_Backdoor&oldid=54989"