Presentation is loading. Please wait.

Presentation is loading. Please wait.

Backdoors: How Will Government Agencies Adapt to Cybersecurity on the Internet? Professor Peter Swire Ohio State University Internet Law Scholars WIP New.

Published bySteven Daniels Modified over 8 years ago

Similar presentations

Presentation on theme: "Backdoors: How Will Government Agencies Adapt to Cybersecurity on the Internet? Professor Peter Swire Ohio State University Internet Law Scholars WIP New."— Presentation transcript:

1 Backdoors: How Will Government Agencies Adapt to Cybersecurity on the Internet? Professor Peter Swire Ohio State University Internet Law Scholars WIP New York Law School March 23, 2012

2 The Research Project Future of Privacy Forum – Government Access to Personal Information – New facts -- much higher adoption of encryption – Puts pressure on government agencies, globally – Description - how will they react? (today’s talk) What else follows? – Prescription – what should law & policy be for lawful access? – What other implications from high crypto adoption?

3 Encryption Adoption VPNs Blackberry Gmail & Hotmail SSL pervasive (credit card numbers) – Dropbox & many more Facebook enables HTTPS, may shift default Skype & other VoIP Result – interception order at ISP or local telco often won’t work

4 Ways to Grab Communications 1.Break the encryption (if it’s weak) 2.Grab comms in the clear (CALEA) 3.Grab comms with hardware or software before or after encrypted (backdoors) 4.Grab stored communications, such as in the cloud My descriptive thesis: #4 is becoming FAR more important, for global communications Also, temptation to do more #2 and #3

5 Local switch Phone call Telecom Company 3 Alice Bob

6 Local switch Phone call Telecom Company 3 Alice Bob

7 Bob ISP Alice ISP %!#&*YJ#$ &#^@% Hi Bob! Internet: Many Nodes between ISPs Alice Bob %!#&*YJ#$ &#^@%

8 Problems with Weak Encryption Nodes between A and B can see and copy whatever passes through Many potential malicious nodes Strong encryption as feasible and correct answer – US approved for global use in 1999 – India, China new restrictions on strong encryption – “Encryption and Globalization” says those restrictions are bad idea

9 Encrypt Encrypted message – Hi Bob! Alice Bob's public key Bob's private key – Alice's local ISP %!#&YJ@$ Decrypt Hi Bob! %!#&YJ@$ – Bob's local ISP – Backbone provider Bob

10 Ways to Grab Communications 1.Break the encryption (if it’s weak) 2.Grab comms in the clear (CALEA) 3.Grab comms with hardware or software before or after encrypted (backdoors) 4.Grab stored communications, such as in the cloud

11 Limits of CALEA Applies to switched network & connect to that Bad cybersecurity to have unencrypted IP go through Internet nodes How deep to regulate IP products & services – WoW just a game? – Will all Internet hardware & software be built wiretap ready? That would be large new regulation of the Internet Could mobilize SOPA/PIPA coalition

12 Ways to Grab Communications 1.Break the encryption (if it’s weak) 2.Grab comms in the clear (CALEA) 3.Grab comms with hardware or software before or after encrypted (backdoors) 4.Grab stored communications, such as in the cloud

13 Governments Install Software? Police install virus on your computer This opens a back door, so police gain access to your computer Good idea for the police to be hackers? Good for cybersecurity? Soghoian expert here

14 Ways to Grab Communications 1.Break the encryption (if it’s weak) 2.Grab comms in the clear (CALEA) 3.Grab comms with hardware or software before or after encrypted (backdoors) 4.Grab stored communications, such as in the cloud

15 Stored Records: The Near Future Global requests for stored records – Encrypted webmail, so local ISP less useful – Local switched phone network less useful Push for “data retention”, so police can get the records after the fact The “haves” and “have nots” – Server in your jurisdiction – Technically ahead of the curve MLATs and other upcoming legal battles

16 Questions Going Forward Descriptive thesis correct? Big new focus on lawful access to stored records in the cloud? What global regime for this lawful access? – What mix of backdoors and front doors? What other aspects of Internet governance affected by this adoption of encryption?

Download ppt "Backdoors: How Will Government Agencies Adapt to Cybersecurity on the Internet? Professor Peter Swire Ohio State University Internet Law Scholars WIP New."

Similar presentations

Elephants and Mice Revisited: Law and Choice of Law on the Internet Professor Peter P. Swire Moritz College of Law Ohio State University Penn Law Review.

Elephants and Mice Revisited: Law and Choice of Law on the Internet Professor Peter P. Swire Moritz College of Law Ohio State University Penn Law Review.
From Real-Time Intercepts to Stored Records: Why Encryption Drives the Government to Seek Access to the Cloud Peter Swire Moritz College of Law Ohio State.

From Real-Time Intercepts to Stored Records: Why Encryption Drives the Government to Seek Access to the Cloud Peter Swire Moritz College of Law Ohio State.
The Strategy of Using Security to Protect Privacy Peter P. Swire Ohio State University Consultant, Morrison & Foerster, LLP Data Protection Commissioner.

The Strategy of Using Security to Protect Privacy Peter P. Swire Ohio State University Consultant, Morrison & Foerster, LLP Data Protection Commissioner.
Rocket Software, Inc. Confidential James Storey General Manager, OSS Unit Rocket Software APNOMS 2003: Managing Pervasive Computing and Ubiquitous Communications.

Rocket Software, Inc. Confidential James Storey General Manager, OSS Unit Rocket Software APNOMS 2003: Managing Pervasive Computing and Ubiquitous Communications.
Privacy and Cybersecurity Law in India and the U.S. Professor Peter Swire Ohio State University National Law University, Dwarka March 31, 2011.

Privacy and Cybersecurity Law in India and the U.S. Professor Peter Swire Ohio State University National Law University, Dwarka March 31, 2011.
Secure Mobile IP Communication

Secure Mobile IP Communication
Lawful Access in the EU: The Pipe to the Cloud? Professor Peter Swire Ohio State University & Future of Privacy Forum Georgetown Law School Conference.

Lawful Access in the EU: The Pipe to the Cloud? Professor Peter Swire Ohio State University & Future of Privacy Forum Georgetown Law School Conference.
Voice over the Internet Protocol (VoIP) Technologies… How to Select a Videoconferencing System for Your Agency Based on the Work of Watzlaf, V.M., Fahima,

Voice over the Internet Protocol (VoIP) Technologies… How to Select a Videoconferencing System for Your Agency Based on the Work of Watzlaf, V.M., Fahima,
Security Strategy. You will need to be able to explain:  Data Security  Data Integrity and  Data Privacy  Risks  Hacking  Denial of Service DOS.

Security Strategy. You will need to be able to explain:  Data Security  Data Integrity and  Data Privacy  Risks  Hacking  Denial of Service DOS.
1 Future of the Internet Current Issues EDUCAUSE Policy Conference Crystal City, VA 2008 Joe Tasker Sr. Vice President and General Counsel Information.

1 Future of the Internet Current Issues EDUCAUSE Policy Conference Crystal City, VA 2008 Joe Tasker Sr. Vice President and General Counsel Information.
A-Level Computing data damage and prevention. Objectives To know the dangers associated with a computer system To understand the methods of prevention.

A-Level Computing data damage and prevention. Objectives To know the dangers associated with a computer system To understand the methods of prevention.
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
“Encryption’s Vital Role in Safeguarding the Digital Economy” Professor Peter Swire Ohio State University ASSOCHAM International Conference Safeguarding.

“Encryption’s Vital Role in Safeguarding the Digital Economy” Professor Peter Swire Ohio State University ASSOCHAM International Conference Safeguarding.
Encryption and Globalization Professor Peter Swire IP Scholars Conference Chicago August 11, 2011.

Encryption and Globalization Professor Peter Swire IP Scholars Conference Chicago August 11, 2011.
A Gift of Fire, 2edChapter 3: Encryption and Interception of Communications1 PowerPoint ® Slides to Accompany A Gift of Fire : Social, Legal, and Ethical.

A Gift of Fire, 2edChapter 3: Encryption and Interception of Communications1 PowerPoint ® Slides to Accompany A Gift of Fire : Social, Legal, and Ethical.
A Gift of Fire, 2edChapter 3: Encryption and Interception of Communications1 PowerPoint ® Slides to Accompany A Gift of Fire : Social, Legal, and Ethical.

A Gift of Fire, 2edChapter 3: Encryption and Interception of Communications1 PowerPoint ® Slides to Accompany A Gift of Fire : Social, Legal, and Ethical.
Written By KEVIN J. O’BRIEN Published: December 28, 2009 By The New York Times A Report by Michael Abdullah.

Written By KEVIN J. O’BRIEN Published: December 28, 2009 By The New York Times A Report by Michael Abdullah.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.

Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.
VoIP Voice over Internet Protocol or “It is not Voice over IP; it is Everything over IP…” Bob Pepper, FCC.

VoIP Voice over Internet Protocol or “It is not Voice over IP; it is Everything over IP…” Bob Pepper, FCC.

Similar presentations

Ads by Google