Intel does not support encryption backdoors
June 29, 2016
Shah Sheikh (1294 articles)

Intel does not support encryption backdoors

Intel does not support the US government’s position that encrypted devices need to have backdoors so that they can be accessed by law enforcement.

In an official statement that laid out its position on encryption in the wake of the recent debate over the use of the technology, Intel senior vice-president and general counsel Steven Rodgers said the company believed that governments should not weaken the security of technology.

He said that when it came to the current talk over whether governments should be able to access encrypted communications, Intel believed that encryption was fundamental to the global economy.

And, he added, the company firmly believed that the law should never dictate that companies should include backdoors in their encryption software.

Rodgers said Intel also believed that encryption should not be designed with backdoors. He added that the company inclined to the view that any government mandate on technology design would hinder innovation.”Finding a path forward requires collaboration between industry and law enforcement,” Rodgers wrote.

The debate over the use of encryption has been front and centre ever since NSA whistleblower Edward Snowden revealed three years ago that Americans were being subjected to mass surveillance. More recently, a public tussle between the FBI and Apple over an encrypted iPhone which had been used by a terrorist involved in the San Bernardino killings kept the debate going.

That stoush ended with the FBI finally finding its own means to gain access to the phone in question. Thereafter there has been a push by law enforcement for legislation to mandate that encryption software should always include a backdoor.

Expanding on Intel’s fundamental positions, Rodgers said the company had always supported the use of encryption, going back to the 1990s when the cryptography policy debate was at its height.

“Intel has long had a policy that we do not participate in any efforts to decrease security in technology and do not design backdoors for access into our products. That approach is still the best public policy option. Governments should pursue strengthening the security of technology, while looking for other methods to combat terrorism and prosecute crime,” he wrote.

Rodgers said all sectors of the economy depended on good encryption technology to guard against unauthorised access. He said that as new wearable products and connected home technologies became popular, encryption would become even more important.

“Every backdoor created is another weakness for hackers to exploit. Likewise, a requirement that PCs, mobile phones, or other computing devices contain built-in vulnerabilities is an open invitation for bad actors around the world to target our digital infrastructure,” he wrote.

He pointed out that questions over law enforcement’s access to encrypted communications were not new. “In 1994 Congress weighed in on the issue when it passed the Communications Assistance for Law Enforcement Act (CALEA).

“Acknowledging law enforcement’s legitimate interest in accessing certain digital telephone conversations, CALEA requires certain private sector service providers to build in surveillance capabilities that can be used by law enforcement to intercept encrypted communications. Importantly, however, Congress stopped short of requiring that these providers decrypt or otherwise undermine the security measures on their customers’ personal devices.”

The FBI has used the All Writs Act, an 18th century law, to try and get its way in many cases. But Rodgers said this act was meant as a judicial catch-all to force certain actions where no existing law or statute applied. “While such ‘gap-filling’ jurisdictional authority is properly reserved for those rare instances where Congress has not yet engaged, it is entirely inappropriate to invoke this authority when Congress has clearly spoken on an issue, as it did in CALEA,” he said.

On government moves to dictate the design of technology, Rodgers was clear that such interference would, in the long run, have a negative impact. “The technology industry is fast-moving and depends on rapid innovation to meet customer requirements and address constantly evolving cybersecurity risks,” he wrote.

“Further, US government attempts to mandate the design of technology will decrease the ability of US companies to resist similar attempts by other governments, potentially decreasing US company access to certain markets and thereby hurting the US economy.”

Source | ITWire