David Chaum Fights the Crypto War

David Chaum is a crypto pioneer. According to Andy Greenberg’s January 6, 2016 Wired posting “The Father of Online Anonymity Has a Plan to End the Crypto War,” available at http://www.wired.com/2016/01/david-chaum-father-of-online-anonymity-plan-to-end-the-crypto-wars/?mbid=nl_1616 , Chaum invented DC Nets, an anonymous network, “mix networks,” which anonymizes messages using layered encryption, and DigiCash, the first cryptocurrency. His latest invention is called PrivaTegrity, which is described as a new, more efficient mix network, which can allow for a “backdoor” under certain circumstances.

In order to try to end the crypto wars, to which ironically his inventions likely contributed, Chaum has designed a scheme whereby nine servers are distributed in different countries, and when their administrators all agree that a particular use of the network is “evil” then they have the ability to open a back door to enable law enforcement to view such messages in the clear.

It is as if Einstein had come up with a way to ensure that “evil regimes” could be prevented from developing or otherwise accessing atomic bombs.

The problem with Chaum’s PrivaTegrity model, as with many other aspects of human endeavor, lies in the determination of who is evil. To paraphrase the famous saying: One person’s evil is another person’s good. Whether one group is good or evil is, of course, highly subjective. Your own group is good and must be protected; the real or perceived enemy is evil and must be guarded against or destroyed. Getting nine server administrators in nine different countries to agree on the difference between good and evil is virtually impossible unless the choice is only given to those who will likely agree—which defeats the purpose. This means that the good-evil-nation decision has to be made in advance, which is, of course, hugely biased and will no doubt change over time.

It seems to me that David Chaum is trying to rectify the nefarious activities for which his prior inventions were exploited. However, the genie is out of the bottle, as it is with nuclear science, and cannot be put back in. The reality is that it’s not going to happen.

A number of current and would-be politicians believe that “brilliant” technologists could be assembled and come up with a technical solution to the crypto war. One presidential candidate likened the required effort to the Manhattan Project. I agree that any approach to developing a universal solution to the cybersecurity problem is a monumental task. But I question whether the solution lies within the crypto world. There is no doubt that the originators of digital encryption are exceptionally brilliant mathematicians, but that does not mean that they have the ability to resolve the social, political and economic issues that lie behind cybersecurity’s failings. Chances are that they don’t have such attributes.

Clearly, many politicians don’t understand the intricacies of encryption and its ability to protect individuals’ privacy and prevent evildoers from succeeding. As some, including Peter Tippett, have long said, few attacks are launched against data in motion, and encrypted data at rest can be accessed through existing applications without involving direct decryption. All you have to do is steal someone’s or some system’s identity and log on to an application, at which point the encrypted data can be readily accessed.

Yes, there is a looming Manhattan Project needed to secure cyberspace, but the effort has to be directed at making applications independently secure rather than introducing encryption schemes for which back-door access is decided by humans who are self-selected and undoubtedly biased.

Post a Comment

Your email is never published nor shared. Required fields are marked *