Jonathan Logan – A battle is underway about the limits of cryptography. On the one side are people who want to break into iPhones, tap into conversations and decrypt our backups. On the other side are those who want to prevent the government from mass intrusions but accept targeted attacks. And then there are those who take a so-called “extremist” position that government shouldn’t be allowed to undertake even targeted attacks on cryptographic systems.
This isn’t the first time this battle has been fought, and it won’t be the last. But it’s our turn to fight it right now. And we had better fight it well.
I will begin by admitting that I am an ‘extremist’ in this debate. If my wishes came true, no government or any other uninvited third party would be able to break cryptographic protections.
This is not the first time I’ve been involved in this battle. My job involves designing, writing and deploying cryptographic services.
I wrote my first PGP-encrypted email in 1991 or 1992, I’ve been using OTR since 2005 and all my Internet access has been routed through VPNs since 2000. (Yes…. that early.) I never access the Internet unencrypted, out of principle. I’ve been using Tor since its earliest days, have been surfing Freenet and run I2P eepsites.
If you have no idea what these terms mean, please don’t worry; I’m just mentioning them to emphasize that I am very much in favor of the daily use of good cryptography. I won’t use most of these terms again.
So, while I am a crypto extremist myself, honesty compels me to point how wrongly the “pro-cryptography” side in the current debate has made their case.
The State of the Debate
If you search the arguments made in favor of strong cryptography and against government “backdoors,” you’ll come up with a collection of statements that are uncharitable and shallow.