[Cryptography] What if Responsible Encryption Back-Doors Were Possible?

grarpamp grarpamp at gmail.com
Fri Dec 7 01:09:31 PST 2018

On 12/6/18, Bill Cox <waywardgeek at gmail.com> wrote:
> As for responsible encryption policies, I believe:
> 1) It is possible, but _hard_ and _expensive_ to build it securely.
> 2) No one wants to be in a position where a mass murderer has encrypted
> data that cannot be revealed to law enforcement.
> 3) Governments will always over-reach and go for mass-surveylence that
> violates everyone's privacy.
> I wont go into tech details, but if Bitcoin can protect billions in online
> value, there are systems that can unlock back-doors without too many
> failures to make the system a bad idea.  Check out what Oasis Labs is up
> to, for some good ideas (that remain to be proven).  The problem is that
> while the public wants tech companies to help law enforcement in extreme
> cases, no one wants to simply let governments around the world spy on
> absolutely everything we do.
> IMO, the only acceptable solutions to this problem will require distributed
> trust (like Bitcoin), such that users' devices can participate in decisions
> on how their data is used, distributed widely enough that no single entity
> can unilaterally decrypt a user's data  Data policies will need to be
> automated, like smart-contracts on something better than the total-crap
> Ethereum VM.  When a backdoor is used (or used too often), it should make
> the news, because a bunch of different interested folks would notice the
> transaction(s) on the blockchain.  Secret mass surveylence should be
> impossible, as a key requirement for the system design.  Publicly visible
> mass surveylence should be prohibited by the smart contracts, and the
> public should hold governments accountable for overreach.
> If the public can monitor the access policy and frequencey of use of these
> backdoors, then the tech companies will have a way out of the ethical
> delema law enforcement always tries to put them in: secretly snooping on
> users for the government (like we saw with Yahoo).
> Anyway, I feel very strongly that folks out there should start thinking
> along these lines.  We'll have to cooperate to make it happen.

Please tell us when you develop or find such a distributed backdoored
cryptosystem that you feel is strong enough to protect *your own secrets*
from access by others...

all the salacious messages pics and videos of that BDSM affair you had,
all the edits you've made to your resume, the source and fact
of your last weed order because the PTSD from your stint as a
secret CIA torturer has you about to lose it, all the crap you nicked,
your bank accounts, your speech and politik, that weird thing you
do with the stuffed groundhog, your kids, your health, etc. Or the fact
that you're a complete nothing with nothing to say if that's the case.

You'd have a better chance of eliminating Government Surveillance
through Anarchism than you would finding such a cryptosystem.

> the only acceptable solutions to this problem

Stalemate status quo is an acceptable solution,
no change to implement backdoors needed...

People have been using codes since thousands of years,
as relatively strong and without backdoors in their day back
then, as they are now today, and society has done just fine
all along.

If you want distributed for yourself, use secret sharing system.
Trying to develop and force that upon others will just come back
upon you and you know it.

Strong crypto is a tool, not the problem.
Melting down the tool isn't going to help.
It just reverts you to former centuries.

Backdoors are stupid.
Get over it.

> the public should hold governments accountable for overreach.

Never in the history of all Governments past has that ever worked,
therefore any apparent working today is extremely likely to fail.
Kings will Govern and Force their backdoors in your backdoor
until you depose them. Next time that happens, do the one thing
that hasn't been tried in history... don't prop them up in the first place.
The change in thinking needed to do that will likely eliminate
most of the extant problems you seek to "fix" with backdoors.

> moderators

Lol, bcc'd.

More information about the cypherpunks mailing list