Former DHS head thinks crypto backdoors are a ‘pipe dream’

28 Jul 2015

Contrary to the opinions of the US government, the former head of the Department of Homeland Security (DHS) has said he believes installing crypto backdoors into computers only offers more problems than solutions.

Since the end of last year, the US government and intelligence agencies have been calling for the introduction of crypto backdoors into computer systems sold to the public to grant them access, supposedly for matters of national security.

However, even the notion of such ‘golden keys’ being considered an option has been questioned numerous times both abroad and in the US, such as the Secure Data Act put before congress in December last year.

And now it has been called out by the former head of the DHS, Michael Chertoff, who said at a recent event that, for a number of reasons, it would offer those the government are targeting an opportunity to wreak havoc themselves.

Aside from making the user more vulnerable to attack, Chertoff suggests that those who want to bypass a backdoor can do so given the right determination, particularly through apps.

“The idea that you’re going to be able to stop this, particularly given the global environment, I think, is a pipe dream,” Chertoff said. “So what would wind up happening is people who are legitimate actors will be taking somewhat less secure communications and the bad guys will still not be able to be decrypted.”

Where France leads, the US might follow

Other issues Chertoff raised make the point that, due to the international nature of computer sales, having to share these crypto backdoors with other countries is counter intuitive.

Finally, he made the overarching point that if as a society we were going to allow access for the government at any time to follow our online activities there wouldn’t be much difference between just recording all conversations made on mobile phones.

“I think on this one, strategically, requiring people to build a vulnerability may be a strategic mistake,” Chertoff said.

Internationally, however, the US is now arguably following the lead of France, which just yesterday passed the final hurdle in giving French intelligence services new, sweeping surveillance powers both in France and abroad.

As part of this new availability of powers, the French government can engage in vast sweeps of metadata online, while also using software to track individual’s activities online following the terrorist attacks in Paris last January.

Back door image via Shutterstock

Colm Gorey was a senior journalist with Silicon Republic

editorial@siliconrepublic.com