pixel_dreams - Fotolia

Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

'Going dark': Weighing the public safety costs of end-to-end encryption

'Going dark' -- or the FBI's inability to access data because of encryption -- could put public safety at risk, intelligence officials say. But tech companies argue that strong encryption is needed to protect corporate and customer data.

Just a few days after the deadly attacks in Paris, Beirut and other cities, CIA director John Brennan painted a grim view of the government surveillance landscape in the age of global terror.

During a press conference, Brennan referred to new challenges governments face when monitoring potential terrorists. Edward Snowden's NSA disclosures, unease from legislators and the general public over the increasing intrusiveness of government surveillance, and -- as current investigations into the Paris attacks are bringing to light -- end-to-end encryption technology all complicate government efforts to monitor terrorism.

End-to-end encryption (E2EE) is the process of encrypting the data -- including text messages, emails and video chats -- at rest and in transit without third parties being able to access it. The data is decrypted only once it reaches its destination endpoint. The technology has become widespread as an increasing number of U.S. companies produce intellectual property -- such as product designs and concepts -- as opposed to hardware or material goods. The use of E2EE has also played a significant role in how technology companies, like Apple, differentiate themselves with consumers who increasingly seek devices with the latest features to protect against myriad cybersecurity threats and government surveillance.

But the pervasiveness of E2EE means that the bad guys also have access to the technology.

While there is no conclusive evidence on the role E2EE played in the recent terrorist attacks, the ongoing debate between government intelligence agencies and Silicon Valley over the extent of government surveillance and how encryption can hinder those efforts has nevertheless been rekindled.

The ability to differentiate based on trust is really important for us. … If we are competing solely on cost, we will often lose.
Eric Wengerdirector of Security and Privacy, Cisco

In the middle of this debate, many companies find themselves between a rock and a hard place: How can they protect their intellectual property and keep customer data private, but at the same time help law enforcement facilitate electronic surveillance and investigations to keep the public safe from cybercrime and terrorist threats?

The answer is not clear-cut. Even before the Paris attacks revived the encryption debate, a panel of experts at the recent Advanced Cyber Security Center's conference in Boston discussed its merits from a business perspective.

"If [intellectual property] is what you are producing, then you have to protect, and you have to protect everywhere. You have to protect the private cell phone as well as the cell phone that somebody is using for their work," said panelist Susan Landau, professor of cybersecurity policy at the Worcester Polytechnic Institute.

Eric Wenger, director of cybersecurity, privacy and global government affairs, CiscoEric Wenger

There's also the importance of customer trust, a necessity for global tech companies like Cisco.

"The ability to differentiate based on trust is really important for us -- trust in the capabilities … of our technology. If we are competing solely on cost, we will often lose because there are competitors that are able to drive down costs in ways that we might not be able to compete with," said panelist Eric Wenger, director of cybersecurity, privacy and global government affairs at Cisco.

Encryption and 'going dark'

To Cisco and its counterparts, there's a tremendous economic benefit to the widespread use of encryption and other security technologies, Wenger added.

But end-to-end encryption comes with a price. One phenomenon that has resulted from the widespread use of encryption is what the Federal Bureau of Investigation calls "going dark," or the increasing difficulty of law enforcement to access data and information on companies' networks even when they have the legal authority to do so.

Going dark puts public safety at risk, said James Baker, another panelist and the general counsel to the FBI.

"The expectation is on the FBI … to have a zero failure rate when it comes to terrorism; we should not have a terrorist event in the United States," Baker said. "That's why, when we have dark corners where we can't conduct surveillance -- where the bad guys inhabit -- that's what freaks us out."

One major "dark corner" the FBI has in its sights is the use of E2EE platforms by the Islamic State of Iraq and the Levant (ISIL), one of the most powerful extremist insurgent groups in the world. ISIL uses public, transparent channels such as social media platforms to communicate with potential recruits, and the group moves communications to encrypted networks once strong contenders have been identified.

"They switch to end-to-end encrypted platforms intentionally because they know the governmental entities can't conduct surveillance on those things. That's where they have their more operational conversations," Baker said.

Split-key and key escrow encryption

Despite the obstacles, Baker said he and his colleagues understand that encryption is necessary because they don't want to increase cybersecurity risk.

To address this dilemma, the National Security Agency (NSA) has proposed two technical solutions: split-key encryption and encryption using "key escrow." In the first technique, also known as "secret sharing," data can only be decrypted by combining several keys after distributing access to more than one key holder, including the FBI (the user is able to access the data independently). In the latter, data can be decrypted with multiple keys, one of which is stored apart from the user, possibly by a government agency.

The proposals, however, have many experts and tech companies doing a double take. One of the issues with split-key and key escrow approaches are the sheer technical complexity of creating such systems while still keeping them secure.

Susan Landau, professor of cybersecurity policy, Worcester Polytechnic InstituteSusan Landau

"You can't imagine the UN holding a split key. [And] the complexity of having 165, 200 nations, each with access to keys, is just unimaginable," Landau said, adding that errors and flaws are still found even in existing protocols for establishing keys, such as the Advanced Encryption Standard.

Cisco's Wenger also brought up the complexity problems of architecting a key escrow-based solution, especially because of the many moving pieces it involves.

"If we were able to engineer a mechanism where we could split a key and have a third-party escrow, and the U.S. government can come in and ask for it when they need it, the next thing that would happen is that the Chinese, the Russians, the Indians, the Brazilians -- you name it -- would come and ask for the same solution," he said.

Furthermore, not only would split-key and key escrow encryption make systems more difficult to secure because of this complexity, but implementing these techniques could put U.S. companies at a competitive disadvantage to their international counterparts, Wenger added.

Once customers find out that their data is accessible either by key escrow or split keys, "it's very likely that consumers could easily shift to other technologies that have the same functionality, or layer on their own open source messages for doing it as well," he said.

In Wenger's opinion, the costs -- compromising the ability to protect intellectual property and to guarantee the privacy of customer data -- in exchange for meeting the demands of the U.S. and other governments and potentially risking the misuse of keys and other system exploits in the process, is a concession he's still hesitant to make.

"Security is an enabler of privacy. … You really can't effectively protect the information that you might want to keep your own unless you have the ability to keep that information secure as well," Wenger said.

Next Steps

Read more about the "going dark" debate

FBI Director James Comey said encryption inhibits legal investigations

Debating the risks and rewards of end-to-end encryption

Dig Deeper on Encryption software solutions

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Do you think "split key" or "key escrow" encryption can address the FBI's problem of "going dark" and companies' dilemma of balancing data protection with public safety?
Absolutely not!
Plus the encryption horse has already left the proverbial barn. There are already so many encryption libraries available that any two bit programmer could make a secure communication system if they wanted.
I feel it's a losing battle. Once found out, they will just switch encryption methods or develop new ones. Those that want to remain anonymous will go to great lengths to protect their identity and communications. It would be a thriving market to keep new encryption methods coming out. 
thanks for your responses. so you think giving the government back-door access to encrypted devices will just fan the flame. how do you propose this issue of public safety vs. consumer privacy be solved? or is there a solution? should it come down to legislation? and what must that entail?
Giving the government the tools to do what is needed I could go either way on. My concern is what if the get breached and someone else takes they keys to the kingdom. Then everybody is at risk. The government has been breached before and I'm sure it wont be the last if others know they hold the encryption keys.
Exactly, that is a big part of the issue: The fact that although  companies certainly understand they are lacking from a cybersecurity standpoint, they don't have much faith in the government to protect their information either. I also agree  that it is a losing battle (at least so far)- it seems cybercriminals are always one step ahead of any new tech/strategies to protect data.
This makes two big assumptions - first that government snooping will lead to actions that protect and that easily available encryption isn't going to be used by the bad guys.  

Both of these assumptions are huge given what we give up.

9/11 would not have been prevented even if it was discussed openly in Arabic on intercepted e-mails because the US was 6 months behind in translating them.

Russia warned the US about the Boston bombers but nothing was done.  

Until our government does the best it can on the action side, I'm not willing to give up more of my freedom of privacy.  Most of our top government officials won't even properly identify the risk and people behind the risks.
Maybe it can help  backup restore cryptographic keys chipset
This is similar to another article I read and responded to.
I feel it's a losing battle. Once the encryption methods are found out, they will just switch to new encryption methods available or develop new ones. Those that want to remain anonymous will go to great lengths to protect their identity and communications. There will always be a market for new encryption methods.. 
thanks Todd. yes i can see how govt access into encrypted networks will just spur a market for new, more secure encryption technology. do you think federal and local officials would be able to succeed going after other unencrypted (but still relevant) data when conducting investigations?
For me personally I have nothing to hide from the government. So I do not see why all the fuss. There are time when they should have access. There are way too many loopholes in government policy and not enough staff and manpower to do it the old way. There are many issues that need to be fixed ans some people have found ways to be the system and take advantage of it. We need to get this to stop for the good of the country.