Lily Hay Newman

Security

How Cryptography Lets Down Marginalized Communities

Speaking at a prestigious crypto conference this month, Seny Kamara called on the field to recognize its blind spots—and fix them.
a protest
Even when encryption technologies are brought to underserved communities, they arrive retrofitted from other research projects.Photograph: PATRICK HAMILTON/Getty Images





One of the perennial highlights of the International Association for Cryptologic Research's Crypto conference is the "invited talk." For an hour each year, a prominent scholar shares a big idea or new perspective on the protocols, algorithms, and math problems that underlie cutting-edge encryption. It's usually a deeply technical bacchanal, but this year was not. Prolific academic cryptographer Seny Kamara of Brown University had something other than formulas and theorems on his mind.

"So an actual question then is OK, well, what am I doing here, right?" Kamara asked the livestream attendees. "Why am I giving a talk at Crypto if I'm not talking about technical things? And, you know, basically I'm here because Ahmaud Arbery was killed in February, because Breonna Taylor was killed by a police officer in March, and because George Floyd was also killed by police officers in May."

The talk, dubbed Crypto for the People and given on August 19, examined the question of who really benefits from encryption technologies and advances in cryptographic research. It sounded a call to reexamine research priorities that today largely serve the interests of governments and corporations instead of marginalized people, be they racial minorities, immigrants, women, the LGBTQ community, or others. As an immigrant and Black American—and one of the few Black academic cryptographers in the world—Kamara pointed out that even the open source community and movements like the cypherpunks largely don't directly work to address these needs. They are focused on taking power from corporations and developing technologies to defend people from mass government surveillance and digital intrusion, but generally not on developing encryption technologies and new areas of abstract theory that are specifically motivated by the needs of underserved communities.


"As long as I’ve been studying and working in cryptography and computer science, about 20 years now, it was always very clear to me that my own work and other people’s work was disconnected from my life experiences," Kamara tells WIRED. "I believed it could have an impact on people’s privacy as a whole, but I didn't think I would have cared about any of it when I was 13 or 15 and growing up in New York City. And that disconnect always bothered me."

So much of cryptographic research is abstract and mathematical—divorced from real-world conditions—that it can be easy to simply let all lines of inquiry exist only in that theoretical space. And Kamara argues that even when encryption technologies are brought to underserved communities, they arrive retrofitted from other research projects, rather than conceived based on the needs of the vulnerable and the specific threats they face.

"As academics working on policy questions, we motivate our work in grant applications and so on by arguing that it benefits the people in some way," says Abdoulaye Ndiaye, a macroeconomics researcher at New York University who discovered Kamara's Crypto talk on Twitter. "However, the consumers of our research are other academics, government institutions, and, in some fields, businesses. There is this underlying assumption that these entities will implement the research and it will trickle down to the underserved people. Dr. Kamara highlighted that in cryptography the incentives of the government and the business are not necessarily aligned with underserved people, the missing link in this trickle down."

Encryption technologies do provide protection to vulnerable groups around the world like political dissidents, activists, and journalists. Kamara's talk made the case, though, that purpose-built cryptography could accomplish so much more.

In his own research at Brown, for example, Kamara and his colleagues have done work motivated by law enforcement databases in the United States that track alleged criminals like possible gang members. In a 2015 audit of a California state platform called CalGang, for example, 42 people entered in the database were under the age of 1 year old. In a sample of 100 entries from the database, 13 of the people represented should not have been in the database at all, and 131 of the 563 evidence points used against the 100 people were not supported.

So Kamara has worked on developing secure database schemes in which data can be audited and checked privately but transparently, that does not allow data to be exported or duplicated, and that deletes entries automatically after a given amount of time without special authorization from an authority like a judge.

"I think there is an intersection between traditional cryptography and privacy and what I was calling 'crypto for the people,'" Kamara says. "There is research and there are tools that can be beneficial to large subsets of people, as in the encrypted messaging app Signal. But there are also problems and adversarial models that are unique to marginalized groups, and those problems are not being investigated. For example, not everyone ends up in a gang database, and certainly very few cryptographers or academic computer science researchers end up in gang databases."

Kamara also advocated using the flexibility and security of tenured professorships as an opportunity to push the envelope of what cryptographic research can be—including in the case of his own talk. "I went into it thinking, 'I’m glad I have tenure, because this is going to cost me,'" he says. But Kamara says the response has been very positive so far. "I’m sure there are many others who disagree and didn’t like the talk, but so far they haven’t reached out to let me know," Kamara says.

The long-standing question of morality in cryptography rarely makes it to the foreground, even within the academic community itself. The discourse flared up in the wake of Edward Snowden's 2013 revelations about mass digital surveillance by the National Security Agency, particularly after a seminal 2015 paper by UC Davis cryptographer Phillip Rogaway, which made the case that cryptography is "an inherently political tool" with "an intrinsically moral dimension."

"I plead for a reinvention of our disciplinary culture to attend not only to puzzles and math, but, also, to the societal implications of our work," Rogaway wrote.

Five years later, he says he doesn't see many changes in the research most cryptographers are doing or the topics they are discussing at conferences. But he adds that he was impressed with Kamara's talk and the steps it took to move the discourse forward. The essay Rogaway wrote in 2015, he says, would now include not just a discussion of the ethical need to defend the masses against mass surveillance, but an entreaty that the academic community focus more of its work on serving marginalized groups.


"We don’t work in a vacuum and we’re not pure mathematicians," Rogaway told WIRED. "As much as certain cryptographers would like to see themselves as doing pure mathematics on some kind of quest of discovery, that’s not an apt description of where we sit. The field does have these very strong political connections and connections to power. And if we just say, 'Oh, that’s not my domain,' that in itself is a really politically situated, ahistorical view and ultimately quite elitist."

Today, partly because of rapidly expanding anti-abuse work on social networks and communication platforms, the idea of an ethical imperative in privacy technologies has become more mainstream. But much of the actual work in cryptography remains fundamentally abstract. The practical applications that do exist often originated with a narrow field of view.

"Building the same stuff you always did but claiming that it's for people in marginalized communities is not the same thing as human-centric threat modeling," wrote Lea Kissner, a cryptographer and security engineer focused on anti-abuse and privacy, in a series of tweets about Kamara's talk last week.

The type of tailored, threat-specific research Kamara described requires intimate knowledge of the actual, nuanced needs of a marginalized group. Kamara emphasized in his talk that the cryptography community needs to be much more inclusive and representative if it wants to help the vulnerable. And researchers need to seek firsthand expertise to gain a deeper understanding case by case.

"I think the only reason we have a hard time imagining what this looks like is because, effectively, we’ve been trained for 40 years to do corporate research. So we lack the imagination, skills, and knowledge to do research 'for the people,'" Kamara says. "But diversity is crucial for this."

Following the shootings of Breonna Taylor, George Floyd, and Jacob Blake, Kamara says fellow cryptographers and other computer scientists have reached out to him to talk about systemic changes that could be aided by technical solutions to reduce police brutality. Kamara says he welcomes these discussions, "but most of those people have never been attacked by the police. They don’t understand the psychological pressure you’re under and the confusion you’re experiencing when five cops are running at you. These kinds of details matter."