On December 2, 2015, Syed Rizwan Farook and Tashfeen Malik entered the Inland Regional Center in San Bernardino, California and opened fire on the attendees of a holiday party underway inside. After four minutes of shooting, the married couple fled the scene and left 19 dead in their wake. At the time, it was the deadliest act of terrorism in the United States since 9/11.
Farook and Malik were both killed in a shootout with authorities later that day, and in the weeks that followed the tragedy, it became apparent that this act of terrorism was an inciting incident in the renewal of another war which began over 20 years ago. This war, however, is only tangentially related to religiously motivated terrorism. Rather, its frontline combatants are programmers and hackers, the battlefield is cyberspace and the munitions are lines of code.
It is Crypto War 2.0, and its outcome will affect every internet user on Earth, for better or worse.
THE FIRST CRYPTO WAR
What you are about to see was considered to be a highly dangerous and easily accessible weapon in the early 1990s. It was classed as a munition by the US government, and its traffic across borders was regulated in the same manner as hand grenades and tanks. It looked like this:
It may not look like much, but putting these three lines of code on the internet without a permit technically made you an illicit arms dealer under the International Traffic of Arms Regulations (but in a bizarre twist, putting it on a t-shirt or in a book was totally chill). The script is an RSA signature coded in the PERL programming language and was used early on in the development of Pretty Good Privacy (PGP), a method of digitally encrypting messages.
Although the first crypto war is rooted in export regulations established at the height of the Cold War with the development of the Data Encryption Standard for use by commercial and military entities, the effects of these crypto regulations didn’t become apparent until 1991. This was the year that the software engineer Phil Zimmerman wrote his PGP program and began disseminating it on the internet, making public key encryption widely available for the first time.
As the US News reported in 1995, the feds came after Zimmerman for violating regulations relating to export of munitions because his software had been exported out of the country on the internet. The first crypto war had begun.
“The government's fear was that if we didn't regulate this [RSA implementation], it would allow the bad guys to have perfect security,” said Nate Cardozo, a senior attorney at the Electronic Frontier Foundation, during a presentation at DEF CON last weekend.
Around the same time that the feds were trying to prosecute Zimmerman, two other major battles of the first crypto war were being fought.
The first was being waged by Netscape Communications, the company responsible for the first widely used web browser, Netscape Navigator. The company was working on developing its SSL encryption protocol to ensure security on its networks, which would eventually lead to the HTTPS web encryption standard used today. But Netscape had a problem: It was in the business of supplying access to the global internet, but the United States’ ITAR regulations meant that it couldn’t export its full, 128-bit SSL encryption protocol outside the US and Canada. So they created a significantly less secure 40-bit encryption protocol that was legal to provide to non-US citizens.
"The government is not stupid. They know there is no way of keeping strong crypto out of the hands of people who are determined to get it."
Yet as Cardozo pointed out, Netscape’s dual standard did little beside highlight the absurdity of the US government’s attempt to regulate encryption. In 1995 there was no way to block Netscape users based on the geographical location of their IP address, which meant that when you logged on to Netscape Navigator, you were presented with a choice between the US/Canada 128-bit SSL version of Netscape or the International 40-bit version. The choice was made by clicking a radio button for either version.
There was no way to verify whether or not you were actually in the US when you selected the 128-bit protocol—it was just as accessible to someone in the Kremlin as it was to someone in Kansas. In other words, Netscape was in the business of exporting munitions around the globe.
The same year as the US News report on Zimmerman’s trial, a 24-year-old Daniel Bernstein contacted the Electronic Frontier Foundation. He wanted to sue the US Department of State for a right to write about his cryptographic algorithm, Snuffle. In April of 1996, the case was settled in favor of Bernstein, who is now a computer scientist at Eindhoven University of Technology, in a landmark ruling that classed code as a form of speech, which meant it was subject to First Amendment protections. That same year, President Bill Clinton signed executive order 13026 which removed encryption as a munition regulated by ITAR, and feds dropped their investigation of Zimmerman.
The crypto wars appeared to be over, with encryption and its infosec champions emerging as the victors. But the celebrations would be short lived.
CRYPTO WAR 2.0
Fast forward 20 years from the Bernstein ruling to the aftermath of the San Bernardino attacks. In the weeks that followed the shooting, federal investigators were faced with a problem: the iPhone 5C used by Farook was encrypted and the investigators were unable to access the data stored on the phone. This prompted FBI officials to contact Apple with requests to help them unlock the phone by creating a version of iOS with a backdoor that would allow the government access to the data on the phone. Apple denied their requests on the grounds that it would never compromise the security of its projects and so the FBI applied for a court order which would force Apple to create the requested software.
Cardozo speaks at DEF CON 24. Image: Daniel Oberhaus
The legal dispute was settled on March 28 when prosecutors dropped the case after the FBI managed to gain access to the phone without the tech giant’s help. While this is a small victory insofar as Apple wasn't forced to compromise its security on this one particular phone, the truly troubling aspect of the case lies in its parallels with the events in first crypto war. As Cardozo observed during his DEF CON presentation, “now we're back to exactly where we started—everything that was old is new again.”
The FBI’s call for technology companies to be forced to include backdoor access into their encrypted devices is highly reminiscent of the NSA’s development of the Clipper chip in 1993, which was used to encrypt phone communications while providing a backdoor for government intelligence agencies. This was justified through the 1994 Communications Assistance for Law Enforcement Act (CALEA) which required telecom operators to support wiretap capabilities in their products.
Even though a number of security researchers came together to demonstrate the profound insecurities in Clipper chips (much the same as security researchers have done for the FBI’s current demands for a backdoor), Cardozo still thinks there is a “decent possibility” that we might see an internet equivalent to CALEA emerge in the coming months.
This past year has seen full-disk encryption come standard on iOS 8 and Android M phones, as well as end-to-end encryption implemented on the two most popular messaging apps in the world, WhatsApp and iMessenger.
Cardozo thinks the three letter agencies (CIA, FBI and NSA) are going to try to get rid of these features as defaults on the product, rather than trying to outlaw encryption outright like they did in the 1990s. Indeed, nearly identical lawsuits in California and New York earlier this year have already tried to make this happen.
“The government is not stupid,” said Cardozo. “They know there is no way of keeping strong crypto out of the hands of people who are determined to get it. But there is a way to keep strong crypto out of the hands of everyone who just walks into the store to buy an iPhone. They know they're not going to get terrorists, organized crime or pedophiles. They're going to get normal Americans.”
Another tactic is simply to put pressure on companies in an extralegal fashion—Cardozo said he has worked with companies who have received visits from the FBI during which the agents asked them to start providing backdoor capabilities. When the companies refuse, the agents would tell the company they were going to have “blood on their hands” and show them photos of terrorists using their products.
Even with the new wave of encryption ready software and hardware, as well as the not-so-bad resolution of the Apple-FBI dispute, the future of encryption in the US looks increasingly precarious. In October, the Obama administration said it will not—“for now”—require companies to decrypt messages for law enforcement.
Yet the following month, a memo from the National Security Council, and leaked to Bloomberg, outlined the administration’s plans to seriously focus on developing encryption workarounds (something which Snowden revealed the NSA had already been doing for years with its Project Bullrun). Then in March, the government made moves on WhatsApp for circumventing wiretap orders and since then the proceedings have been shrouded in secrecy.
Nevertheless, the US is still doing a lot better than many other countries simply because it hasn’t totally outlawed any forms of encryption yet, as is the case with Australia, China, India, and soon the UK, if the House of Lords passes the Investigatory Powers Bill (which is looking increasingly likely).
Despite the dire state of the second Crypto War, Cardozo remained optimistic that encryption will win out against its federal adversaries in the end.
“It's not going to work any better this time than it did the last,” he said. “Information doesn't give a crap about your orders. These [technologies] aren't centrifuges, missiles or nerve gas. You can't stop code at the border. We live in a world of strong cryptography and there's nothing the United States government or any other government can possibly do to change that fact.”