24 Dec A ‘Golden Key’ to Unlock Encryption Is the Wrong Approach
This post in our VC-series comes from Robert R. Ackerman, Jr., the founder and managing director of Allegis Capital.
It seems like an appealing strategy—give the FBI and other law enforcement agencies, as well as our spy organizations, a back door— a “golden key”—to unveil encrypted communications to help catch criminals and terrorists and protect Americans from harm. This is particularly compelling in the wake of the recent terrorist attacks in Paris and the role of Islamic State propaganda in the mass killings in San Bernardino, Calif., the worst homeland terrorist episode since 9/11.
When Islamic State commanders find a recruit willing to die for the cause, they move their communications over to encrypted platforms, “going dark,” FBI Director James Comey has said. He has also pointed out that Islamic State militants and other terrorist groups could use encryption to “recruit troubled Americans to kill people” in the homeland.
These are scary points, but a golden key won’t help resolve them. The unvarnished truth is that it is a fictitious panacea, one analogous to fool’s gold.
In the domain of cybersecurity and encryption, the bad guys are just as smart as the good guys. Their tradecraft is focused on identifying and exploiting vulnerabilities. If there is a back door, they will find it and exploit it. At the same time, it’s hard to imagine that government agencies, which are regularly breached, could be trusted to keep such a golden key safe from hackers and criminals.