Encryption Follies, Infinitely Repeated
Some Hindu philosophers estimate that the universe repeats itself every 311 trillion years or so. Modern scientists such as Sir Roger Penrose have lent credence to this basic idea, though with less precision. Everything that happens, it seems, is likely to happen again and again and again. I find this vaguely comforting.
What I find less soothing is the many things that are endlessly repeating within the brief interval of my career in computing. The problem isn't one of reinventing the wheel -- successful inventions like the wheel become a part of our lives, so we never need to reinvent them. Instead, it's the bad ideas that keep coming up again and again. Their past failures are precisely what allows them to be forgotten until someone comes along a few years later and thinks they've got a great new idea.
What's spurred me to such philosophical musings is the recent announcement that the German government has invented a new kind of secure email system.
The Register article does a good job of explaining several of the fatal problems with this scheme, so I'll concentrate on the historical picture.
The basic idea is a fine one: Help people to easily authenticate and/or encrypt their email messages. Unfortunately, such tools haven't caught on, despite decades of effort. What's new about the German system? Mostly just another round in the endless cycle of time.
There are many reasons for the failure of secure mail in the marketplace, but the German government doesn't seem to have bothered learning about them. Instead, they intend to make it work by mandating its use for certain purposes. And, as an added bonus, the government and your ISP's can helpfully access copies of your cryptographic keys.
Now, I wouldn't underestimate the capability of a strong government to mandate how its citizens behave when interacting with the state. If the government only dispensed your tax refund if you asked for it via a webcam, wearing nothing but a funny hat, most people would comply. But wherever the funny hat was optional, it would stay in its box, reviled, resented, and ridiculed.
This is what happened in the early 1990's, when the Clinton administration developed a funny-hat encryption scheme known as the "Clipper Chip." Although envisioned as a hardware solution rather than a software one, Clipper had much in common with the German approach. It provided users with encryption capability -- the ability to hide your words and data from the world -- but gave the government a back door to bypass the encryption. After all, everyone trusts the government, right?
Clipper was first announced in 1993, and formally abandoned in 1996, but it never saw any real use. Had the government absolutely mandated it for an important purpose, it might have been adopted for that purpose, but nothing more. The concept of encryption is a tricky one, and requires some explanation for new users. If you follow up your explanation with "but the government can bypass everything," users will breathe a sigh of relief, knowing that they don't need to learn it because they don't have any use for it.
The German effort was born of a real need: to give electronic documents and communications a legal status strong enough to underlie important transactions. This can be done with many existing cryptographic schemes, including the venerable PGP and S/MIME. It's hard to see how sabotaging the security of cryptographic keys can make such systems more popular. Recent research conducted by Mimecast shows that users will always find ways to work around systems that are restrictive or difficult to use. I expect that in a few years, the German government will quietly give up, and it's the last we'll hear about government-mandated key-compromised cryptography.
Until the next time.