Latest in Encryption


Perspectives on Encryption and Surveillance

In August 2018, the leading international academic conference on cryptography hosted a Workshop on Encryption and Surveillance. The workshop explored both legal and technical aspects of the ongoing debate over the impact of strong encryption and law enforcement surveillance capabilities. The workshop was co-chaired by Tim Edgar (Brown University), Joan Feigenbaum (Yale University), and me. As we described it at the time:


What’s Involved in Vetting a Security Protocol: Why Ray Ozzie’s Proposal for Exceptional Access Does Not Pass Muster

For almost a decade, the FBI has been stating that law enforcement is “going dark"—meaning it is increasingly unable to listen in to communications and, more recently, to open locked devices in which important evidence lives.


Building on Sand Isn’t Stable: Correcting a Misunderstanding of the National Academies Report on Encryption

The encryption debate is messy. In any debate that involves technology—encryption, security systems and policy, law enforcement, and national security access—the incomparable complexities and tradeoffs make choices complicated. That's why getting the facts absolutely right matters. To that end, I’m offering a small, but significant, correction to a post Alan Rozenshtein wrote on Lawfare on March 29.


Apple, CALEA and Law Enforcement

On Dec. 11, Nick Weaver argued that Apple isn’t doing enough to help law enforcement wiretap iPhone users. That's undoubtedly true, as Apple is building communications systems optimized for privacy and security, not wiretapping. Nick's piece makes some good points but it also makes some assertions that deserve pushback. In particular, Nick wrote:


Is Apple Fully Complying With iMessage and FaceTime-Related Court Orders?

Apple’s recent acquiescence to the Chinese government, both by removing anti-censorship VPN applications and in Tim Cook’s recent speech in China, is not just disturbing because it shows Apple succumbing to Chinese pressure to remove counter-censorship applications and Skype from the Chinese App Store.


Breaking WPA2

Sometimes we are reminded that the "noise" of policy drowns out important practical news. Today is one of those days. While we sit around worrying about Harvey Weinstein and Trump's latest tweet, it turns out that the encryption protocol at the core over almost all WiFi is vulnerable to attack.

Here is the report from Krack Attack. They open:

Subscribe to Lawfare