Advanced Search

Keys Under Doormats: Mandating insecurity by requiring government access to all data and communications

Research and Teaching Output of the MIT Community

Show simple item record

dc.contributor.advisor Daniel Weitzner Abelson, Harold en_US Anderson, Ross en_US Bellovin, Steven M. en_US Benaloh, Josh en_US Diffie, Whitfield en_US Gilmore, John en_US Green, Matthew en_US Neumann, Peter G. en_US Landau, Susan en_US Rivest, Ronald L. en_US Schiller, Jeffrey I. en_US Schneier, Bruce en_US Specter, Michael en_US Weitzner, Daniel J. en_US Blaze, Matt
dc.contributor.other Decentralized Information Group en 2015-07-07T02:15:02Z 2015-07-07T02:15:02Z 2015-07-06
dc.description.abstract Twenty years ago, law enforcement organizations lobbied to require data and communication services to engineer their products to guarantee law enforcement access to all data. After lengthy debate and vigorous predictions of enforcement channels going dark, these attempts to regulate the emerging Internet were abandoned. In the intervening years, innovation on the Internet flourished, and law enforcement agencies found new and more effective means of accessing vastly larger quantities of data. Today we are again hearing calls for regulation to mandate the provision of exceptional access mechanisms. In this report, a group of computer scientists and security experts, many of whom participated in a 1997 study of these same topics, has convened to explore the likely effects of imposing extraordinary access mandates. We have found that the damage that could be caused by law enforcement exceptional access requirements would be even greater today than it would have been 20 years ago. In the wake of the growing economic and social cost of the fundamental insecurity of today's Internet environment, any proposals that alter the security dynamics online should be approached with caution. Exceptional access would force Internet system developers to reverse forward secrecy design practices that seek to minimize the impact on user privacy when systems are breached. The complexity of today's Internet environment, with millions of apps and globally connected services, means that new law enforcement requirements are likely to introduce unanticipated, hard to detect security flaws. Beyond these and other technical vulnerabilities, the prospect of globally deployed exceptional access systems raises difficult problems about how such an environment would be governed and how to ensure that such systems would respect human rights and the rule of law. en_US
dc.format.extent 34 p. en
dc.relation.ispartofseries MIT-CSAIL-TR-2015-026
dc.rights Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International
dc.title Keys Under Doormats: Mandating insecurity by requiring government access to all data and communications en_US 2015-07-07T16:15:15Z
dspace.orderedauthors Abelson, Harold; Anderson, Ross; Bellovin, Steven M.; Benaloh, Josh; Blaze, Matt; Diffie, Whitfield; Gilmore, John; Green, Matthew; Landau, Susan; Neumann, Peter G.; Rivest, Ronald L.; Schiller, Jeffrey I.; Schneier, Bruce; Specter, Michael; Weitzner, Daniel J.

Files in this item

Name Size Format Description
MIT-CSAIL-TR-2015 ... 229.4Kb PDF Final revised version of report

This item appears in the following Collection(s)

Show simple item record

Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Except where otherwise noted, this item's license is described as Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International