Law in the Internet Society
Why is so much network traffic still unencrypted? Strong encryption has been a legal possibility in many countries for more than a decade and a technical possibility for even longer, but an end-to-end encrypted network does not yet exist. Is the eventual widespread adoption of strong encryption inevitable? Here I propose that adoption of strong encryption will be less extensive or will occur more slowly, if at all, under those regimes most likely and least likely to abuse their surveillance powers.

The most oppressive regimes will seek to regulate the use of encryption in order to crush dissent. If encryption is used, it will be used in defiance of the law. The number of people willing to risk prosecution will be determined in part by the government's ability to apprehend or punish violators, which may be limited by its technical competence. Where a regime is both oppressive and technically sophisticated, the widespread use of encryption will be curtailed. As a caveat, though, where the regime is technically unsophisticated, it will not be capable of regulating encryption and as a result may be weakened or toppled.

In many relatively free countries, the threat of mass destruction and killing by terrorists is real enough to create a public demand for an enormous counter effort by the government. Surveillance is but one available option and perhaps when compared with other options it is not so invasive and not so expensive. Allowing governmental access to communication has the potential to deter certain kinds of terrorist recruiting and planning and to free a society from certain kinds of terrorist attacks. By choosing to exercise free speech in a way that prevents the government from understanding even where it has a legal right to listen, people may trade safety from certain kinds of attack for the freedom to speak in secret.

Of course, given the power to surveil, some members of the government will abuse it. And if a system has key rings and back doors meant for the authorities, others will also exploit these to commit crimes. The number and severity of the resulting harms will be lessened but probably not eliminated altogether by a government with great integrity exercising great care. It may be true that a secure telecommunications environment prevents more crimes than it causes. On the other hand, at the same time, it may also be true that end-to-end encryption causes more of the kinds of crimes people are least willing to tolerate.

Where the people can choose to limit government access to communications, the benefits of preventing the kinds of crimes facilitated by end-to-end encryption will be weighed against the risk of abuse by the government. In this balancing, those living under governments that are or are perceived to be less likely to abuse power may be more willing to trade some of their privacy for a specific kind of security. And those living under more corrupt regimes will be more inclined to safeguard their communication. All other things being equal, the less a regime is prone to abuse its surveillance powers, the less widespread the use of encryption which limits government access.

One objection is that criminals are going to use strong encryption regardless. And if the criminals are able to communicate in the most secure way possible, it does not matter whether everyone else's communication can be listened to or not. Therefore, everyone might as well have the same security as the criminals. But this objection is flawed in the following way. If encryption which prevents communications from being understood by the government is used only or mostly for criminal communication, the government can use its limited resources to gain information from the frequency or origin or destination of the encrypted traffic where it is legal and technically possible to do so. But if everyone encrypts, it will be impossible for any information to be gained through such traffic analysis. So, even if it is true that limiting the widespread use of strong encryption will not have a chilling effect on criminal communication, what everyone else does still affects a government's ability to target criminals.

Nevertheless, an end-to-end encrypted network may be inevitable for at least three reasons. First, it may be that people care more about eliminating the kinds of crimes that are possible where a truly secure communications environment does not exist. Second, it may be that the balancing is a difficult task with an uncertain outcome, and so even people living under relatively trustworthy regimes will choose an end-to-end secure network because it is the safest bet. Third, it may be that even the most trustworthy regime in the world is not trustworthy enough. Given the power to listen to unencrypted communication or a master key to unlock encrypted communication, it may be that every government in existence today would perpetrate abuses so egregious that they will outweigh the benefit that comes from preventing a particularly feared crime that is particularly likely where there is encryption.

Note, however, that each of these three factors may be affected by the perceived immediacy and severity of the harm that is possible under an end-to-end secured network. A population that can be convinced that the threat of nuclear terrorism is imminent may be more likely to balance in favor of some form of regulation. A population that has just experienced such a nuclear attack may be even more likely to do so.

The rate of adoption and pervasiveness of strong encryption are ultimately empirical issues, and I have been unable to locate any data which confirms my thesis that the use of encryption will be less widespread in those regimes most likely and least likely to abuse surveillance powers. I would be grateful to learn of any, but I doubt they exist. In any case, if what I have said is correct, it may help to explain the varying levels of encryption in use around the world today. For example, it may partially explain why so much communication in the United States remains unencrypted after so many years.

--DavidHambrick - 04 Dec 2008

-- JohnPowerHely - 10 Dec 2008

David: I see one possible flaw in your argument here that you may wish to address. "If encryption which prevents communications from being understood by the government is used only or mostly for criminal communication, the government can use its limited resources to gain information from the frequency or origin or destination of the encrypted traffic where it is legal and technically possible to do so. But if everyone encrypts, it will be impossible for any information to be gained through such traffic analysis." Here is my problem. If the government is only going to 'read' encrypted traffic it will still be spoofing all traffic. Depending on the protocol being used, the level at which the encryption is placed, etc. this may end up meaning that they have to read your data to see if it is encrypted. Yes, if someone is using a common and low-layer protocol like L2TP? /IPsec VPN Tunnel they can strip the headers off the UDP packet and have a pretty good guess that it is an encrypted packet. It is also easy to guess if the communication is traveling on a standard port for encrypted communications. But what of other circumstances? If it is traveling on an unassigned port, if only the payload data is encrypted, if it is encrypted at a higher level, say the app layer like TLS or SSL, then the only way to really know if the data is encrypted is to reassemble the packets and try to make sense of the data. And here lies the rub. once the government is doing that, does that not automatically raise the government's conduct to the level of oppressive or abusive? Now again, perhaps the government is better at detecting the use of data encryption than are civilians. There has been some excellent work done in this area recently that may support that possibility. But I still think you may want to give that paragraph a second look. After all, with the apparent exception of some pretty high-end Bayesian analysis, one UDP or TCP packet looks a lot like another.

--

I really appreciate this comment, John. Since my understanding of how traffic analysis works is fairly poor, I was hoping that someone would chime in and challenge that argument. I think that my point still stands, but perhaps in a weaker form. You note one method for detecting encrypted traffic and there may be others, or others under development. If it is mostly criminals who use encryption, then the study of encrypted traffic detection will continue to develop and perhaps new discoveries will be made. An arms-race will exist between those trying to detect encrypted traffic and those trying to hide it. (Is it clear that the government will lose such a race?) But work like the article you link to will fall by the wayside if everyone uses encryption. And, as you suggest, it may in fact already be the case that the government is much better at detecting encryption than civilians. It may also be the case that terrorists or other criminals using encryption will not be able to consistently find new ways to encrypt at a higher level to avoid detection if the government continues to seek out more advanced ways of analyzing traffic.

-- DavidHambrick - 17 Dec 2008

I've taken a look at this from a different perspective over at DanielHarrisPaper2, if anyone's interested.

-- DanielHarris - 03 Jan 2009

 

Navigation

Webs Webs

r4 - 03 Jan 2009 - 05:28:42 - DanielHarris
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM