November/December issue of acmqueue

The November/December issue of acmqueue is out now

The Bike Shed

Privacy and Rights

  Download PDF version of this article PDF

More Encryption Means Less Privacy

Retaining electronic privacy requires more political engagement.

Poul-Henning Kamp

When Edward Snowden made it known to the world that pretty much all traffic on the Internet was collected and searched by the NSA, GCHQ (the UK Government Communications Headquarters) and various other countries' secret services as well, the IT and networking communities were furious and felt betrayed.

A wave of activism followed to get traffic encrypted so as to make it impossible for NSA to indiscriminately snoop on the entire world population. When all you have is a hammer, all problems look like nails, and the available hammer was the SSL/TLS encryption protocol, so the battle cry was "SSL/TLS/HTTPS everywhere." And a lot of nails have been hit with that!

After an animated plenary session in Vancouver, the IETF (Internet Engineering Task Force) published "Best Current Practice 188" (, which declared that pervasive monitoring is a technical attack that should be mitigated in the design of IETF protocols where possible. Now, with this manifesto in hand, SSL/TLS and encryption are being hammered into and bolted onto protocols and standards throughout the IETF working groups.

Victory—privacy—seemed certain. Or maybe not.

Other countries, notably the United Kingdom, are also working to clamp down on encryption. The Great Firewall of China has been in operation for a number of years, and for all we know, the NSA's total monitoring of the Internet continues unabated two and a half years after Snowden revealed it to the world. The things worth noting here are that:

Whatever the high-tech and law enforcement leaders decide, it will apply to everybody.

How Did More Encryption Cause Less Privacy?

In Terry Pratchett's book Going Postal, the hero postmaster, Moist von Lipwig, has a knack for noticing what is not in a text, He would have had a field day with BCP188, because none of the following words are anywhere to be found:

It was not by accident, mind you, that the authors of the document deliberately stayed clear of anything that could even faintly smell of "politics." Unfortunately, that is not the way politics works. Politics springs into action the moment somebody disagrees with you because of their political point of view, even if you think you don't have a political point of view.

In spite of leaving out all those "hot" words, the substance of BCP188 is still a manifesto declaring a universal human right to absolute privacy in electronic communications—no matter what.

That last bit is half the trouble—no matter what.

Even against law enforcement.

Even if law enforcement has a court order.

Even if....

No matter what.

To be totally fair, BCP188 nowhere states "no matter what." The real reason the result ends up being "no matter what" is that the SSL/TLS protocol, when properly configured, works as advertised: there is no way to break it.

The other half of the trouble is that the hallmark of a civilized society is a judicial system that can right wrongs, and therefore human rights are always footnoted. The UN's Human Rights Charter has §29.2, which explains:

"In the exercise of his rights and freedoms, everyone shall be subject only to such limitations as are determined by law solely for the purpose of securing due recognition and respect for the rights and freedoms of others and of meeting the just requirements of morality, public order and the general welfare in a democratic society."

Politicians, whose jobs are to maintain "public order" and improve "the general welfare," follow the general principle that if criminals can use X to commit crimes, the legal system should be able to use X to solve crimes, with only two universally recognized exemptions: when "X = your brain" and when "X = your spouse."

For instance, kids in the USA learn in school that the Fourth Amendment affords a right to privacy, but that is only the first half of it. The second half details precisely how and why you may lose that privacy:

"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."

As this example also shows, wise lawmakers are wary of making it too easy for the legal system, so they add checks and balances.

Political strategies regarding cryptography are all horrible: Kazakhstan brutally inserts state monitors into the middle of all encrypted traffic. France forbids all online anonymity. The USA wants backdoors built into all crypto. These ideas are all based on the same principle: If we cannot break the crypto for a specific criminal on demand, we will preemptively break it for everybody. And whatever you may feel about politicians, they do have the legitimacy and power to do so. They have the constitutions, legislative powers, courts of law, and police forces to make this happen.

The IT and networking communities overlooked a wise saying from soldiers and police officers: "Make sure the other side has an easier way out than destroying you."

But we didn't, and they are.

Slapping unbreakable crypto onto more and more packets is just going to make matters worse. The only way to retain any amount of electronic privacy is through political engagement.

Poul-Henning Kamp ([email protected]) is one of the primary developers of the FreeBSD operating system, which he has worked on from the very beginning. He is widely unknown for his MD5-based password scrambler, which protects the passwords on Cisco routers, Juniper routers, and Linux and BSD systems. Some people have noticed that he wrote a memory allocator, a device file system, and a disk-encryption method that is actually usable. Kamp lives in Denmark with his wife, son, daughter, about a dozen FreeBSD computers, and one of the world's most precise NTP (Network Time Protocol) clocks. He makes a living as an independent contractor doing all sorts of stuff with computers and networks.

Copyright © 2016 held by owner/author. Publication rights licensed to ACM.


Originally published in Queue vol. 14, no. 1
see this item in the ACM Digital Library



Meng-Day (Mandel) Yu, Srinivas Devadas - Pervasive, Dynamic Authentication of Physical Items
The use of silicon PUF circuits

Nicholas Diakopoulos - Accountability in Algorithmic Decision-making
A view from computational journalism

Olivia Angiuli, Joe Blitzstein, Jim Waldo - How to De-identify Your Data
Balancing statistical accuracy and subject privacy in large social-science data sets

Jim Waldo, Alan Ramos, Weina Scott, William Scott, Doug Lloyd, Katherine O'Leary - A Threat Analysis of RFID Passports
Do RFID passports make us vulnerable to identity theft?


(newest first)

Coby Tamayo | Tue, 09 Aug 2016 22:26:26 UTC

Mass-surveillance apologists have done a wonderful job of framing this conversation as being about encryption vs. law enforcement, or about privacy vs. safety. Yes, at a basic level, it's bad that terrorists can do things in secret. But the conflation of strong encryption with terrorism or criminality is a basic lie that pervades the entire premise of that distinction: any evidence that the NSA's mass surveillance programs or similar stopped attacks of any kind has yet to surface.

These trends of defensive government overreach are a reaction to the political engagement of people like the IETF insisting that privacy is a basic right. It's just that this particular style of engagement involves cryptography.

Christopher Smith | Tue, 09 Aug 2016 18:26:21 UTC

This article seems to work from a model that the only threats to one's privacy come from the legal system. It also seems to think that TLS is perceived as a tool that "solves" the problem. Both notions are wrong.

As the expression goes: "security is a process, not a product". The principle applies to privacy as well. To protect privacy the response needs to be far more comprehensive. Even ignoring the process/product issue, TLS everywhere is not perceived as a way to ensure privacy. It merely makes *mass* surveillance more difficult and costly for governmental and non-governmental organizations. For an adversary with means going after a specifically identified target, it proves largely worthless.

Leave this field empty

Post a Comment:

© 2018 ACM, Inc. All Rights Reserved.