Crypto Backdoors Are a Horrible Idea

From time to time various law enforcement and government types whine that encryption is a bad thing because it allows criminals to hide from authorities. That is usually followed by a call for security backdoors that allow government authorities to get around the security measures.

That’s a really bad idea – or as Cory Doctorow puts it in a post entitled Once Again: Crypto backdoors are an insane, dangerous idea: “Among cryptographers, the idea that you can make cryptosystems with deliberate weaknesses intended to allow third parties to bypass them is universally considered Just Plain Stupid.”

They build in a vulnerability to exploit – there are enough problems keeping things secure already. And the thought that government authorities can be trusted to use that backdoor only for the “right” purposes, and to keep the backdoor out of the hands of others is wishful thinking.

Comments

  1. I am inclined to agree, David. If a backdoor, i.e. vulnerability to unauthorized access, exists, the people who find it will not all be good guys, and even the intended good guys may not be good enough all the time.

    For an articulate, if a bit sarcastic, argument on the other side by an expert in national security issues, see Stewart Baker’s recent column.