Encryption & Key Management , Enterprise Mobility Management / BYOD , Next-Generation Technologies & Secure Development

RSA Conference Debates Apple vs. FBI

Cryptographers, U.S. Attorney General, NSA Director Make Their Pitches
RSA Conference Debates Apple vs. FBI
"The Cryptographers' Panel" at RSA Conference 2016. (Photo: Schwartz/ISMG)

"The road to hell starts with a backdoor."

See Also: The Operationalization of Threat Intelligence Programs

So said Brad Smith, president and chief legal officer of Microsoft, in a March 1 keynote speech on the opening day of the RSA Conference 2016 briefings in San Francisco (see Preview: 8 Hot RSA 2016 Sessions).

Smith was referring to the ongoing legal battle between the U.S. Department of Justice and Apple, over the FBI's attempt to compel Apple into unlocking an iPhone seized during the course of an investigation. Many in the information security community see the case as a "backdoor" legal attempt by the Justice Department to force Apple - and by extension any U.S. technology company - to bypass any encryption they've built into their devices.

The case, which has escalated in recent weeks, shows that cybersecurity is more relevant than ever. That importance was reflected by the 2015 A.M. Turing Award - widely considered to be the "Nobel Prize in Computing" - being awarded to the two men behind the Diffie-Hellman protocol. It specifies a method via which two computer users can generate a shared private key, to then securely exchange information across an insecure channel.

The award was publicly announced during the day's "Cryptographers' Panel," featuring six leading cryptographers, including the two men behind the protocol: Whitfield Diffie, former chief security officer of Sun Microsystems, and Martin Hellman, professor emeritus of electrical engineering at Stanford University. They received several enthusiastic rounds of applause and will share the $1 million prize. Also on stage were Ron Rivest and Adi Shamir - two of the three men responsible for inventing RSA, which was the world's first practical public-key cryptosystem, which led to the inventors receiving the 2002 Turing prize. Shamir, a professor in the computer science department at the Weizmann Institute of Science in Israel, said he believes this is the third time in 25 years that the world's most prestigious technology award has been awarded to cryptographers, demonstrating just how important the discipline continues to be.

As the technology industry continues to embrace cryptography, of course, related legal battle lines have been drawn by senior Obama administration officials, who have argued that technology firms must comply with court orders, regardless of whether they've designed their products to encrypt users' data or communications (see Report: Apple Building iPhone It Can't Hack). But Apple has argued that strong encryption is essential for keeping information secure.

NSA Director: Just Connect

"In many ways we're not talking to each other, we're talking past each other," NSA and U.S. Cyber Command director Adm. Michael Rogers said, joking about the challenge of attempting to speak directly after a panel of world-renowned cryptographers. "We have got to get to a dialog, and we have got to figure out how we do this," he added, saying the conversation he wanted to have with technology companies should focus on, "what's in the realm of the possible?"

NSA and U.S. Cyber Command Director Mike Rogers addresses the RSA Conference 2016.

U.S. Attorney General Pitches RSA

Loretta E. Lynch, Attorney General of the United States, likewise wasn't afraid to use humor to help make her case for why Apple should help the FBI unlock an iPhone as part of an investigation. "I actually received this invitation some months ago, and we thought, gee, what could we do to make it interesting?"

Joking aside, she portrayed this case as involving just a single device. "What we're asking them to do is to help us with this one particular device ... but not to give the technology to us," Lynch says. She also responded to a Feb. 29 New York court ruling that the government cannot compel Apple to help law enforcement bypass a locked screen on an iPhone seized by prosecutors (see Apple Wins Legal Round Over Unlocking a 2nd iPhone ). Lynch said she was "disappointed" by the decision and that the Justice Department would appeal.

Speaking on the cryptographers panel, however, Moxie Marlinspike, founder of Open Whisper Systems and former head of security for Twitter, said the debate demonstrates just how far the technology industry has come. "We should just at least acknowledge that the reason we're having this discussion right now is because Apple decided to make a product that serves its customers," he said, adding that he sees the government's moves as overreach. "They have a tremendous amount of information, but the FBI is saying we need this, because there's something we might be missing."

Lynch, however, attempted to portray the matter as simply a question of complying with the law and responding to government requests for assistance, and being part of the American "social compact" that has allowed businesses such as Apple to flourish.

"Do we let one company - not matter how great the company, no matter how beautiful its devices - decide this issue for all of us?" (see House IT Panel Chairman: Don't Weaken Encryption).

Channeling Sun Tzu

One counterpoint, of course, is that rather than Apple picking this particular fight, the Justice Department picked it, and decided to make an example out of Apple. At least, that's what Shamir said during the cryptographers' panel discussion, referencing the author of the "Art of War."

"Sun Tzu says that you need to choose very carefully where you are fighting," Shamir said, noting that if he were Apple, he would have complied with this one particular request, while waiting for a better case with which to try and set a legal crypto decision in its favor.

On the same panel, Hellman likened the current debate between crypto proponents and government agencies to a marital spat, referencing discussions he's had with his wife, Dorothy. "We need to work with the FBI, we need to work with the NSA. Life got a lot better at home when Dorothy and I stopped fighting and started working towards solutions that meet our needs," Hellman said. "I would encourage us to put ourselves in the shoes of these agencies, and not to necessarily agree with each other, but to work with each other."

That said, Hellman also quoted Gen. Michael Hayden, the director of the NSA from 1999 to 2005 and head of the CIA from 2006 to 2009, who said that he think FBI Director James Comey erred in demanding a backdoor from Apple. Hayden last month told The Wall Street Journal: "I think Comey is wrong, America is simply more secure with end-to-end, unbreakable encryption."

And all of the cryptographers on the RSA panel unequivocally agreed that more encryption - and strong crypto - is the best way forward for all.

"The good of the country begins with having strong security," MIT professor Rivest said.

Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.