Skip to main content
SpringerLink
Log in

Abuse Resistant Law Enforcement Access Systems

  • Conference paper
  • First Online:
Advances in Cryptology – EUROCRYPT 2021 (EUROCRYPT 2021)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12698))

Abstract

The increasing deployment of end-to-end encrypted communications services has ignited a debate between technology firms and law enforcement agencies over the need for lawful access to encrypted communications. Unfortunately, existing solutions to this problem suffer from serious technical risks, such as the possibility of operator abuse and theft of escrow key material. In this work we investigate the problem of constructing law enforcement access systems that mitigate the possibility of unauthorized surveillance. We first define a set of desirable properties for an abuse-resistant law enforcement access system (ARLEAS), and motivate each of these properties. We then formalize these definitions in the Universal Composability (UC) framework, and present two main constructions that realize this definition. The first construction enables prospective access, allowing surveillance only if encryption occurs after a warrant has been issued and activated. The second, more powerful construction, allows retrospective access to communications that occurred prior to a warrant’s issuance. To illustrate the technical challenge of constructing the latter type of protocol, we conclude by investigating the minimal assumptions required to realize these systems.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    The Carnegie Institution report [33] concludes that “In the case of data in motion, for example, our group could identify no approach to increasing law enforcement access that seemed reasonably promising to adequately balance all of the various concerns”.

  2. 2.

    This contrasts with the theft of e.g., digital certificates or signing keys, where abuse may produce artifacts such as fraudulent certificates [64] or malware artifacts that can be detected through Internet-wide surveillance.

  3. 3.

    We later introduce a fourth parameterizing function, but omit it here for the clarity of exposition.

  4. 4.

    Using the weaker witness encryption primitive may be possible if the ledger produces unique proofs of publication.

  5. 5.

    For evidence of this consensus, see e.g., the 2018 National Academies of Sciences Report [62], which provides a framework for discussing such questions. See also a recent report by the Carnegie Endowment [33] which chooses to focus only on the problem of escrow for physical devices rather than data in motion, providing the following explanation: “it is much harder to identify a potential solution to the problems identified regarding data in motion in a way that achieves a good balance” (p. 10).

  6. 6.

    Note that this ideal functionality only handles a single message transfer, but to achieve multiple messages, we rely on universal composition and use multiple instances of the functionality.

  7. 7.

    As specified in the ideal functionality, during verification it will be checked that a warrant was properly requested and activated.

References

  1. Abelson, H., et al.: Keys under doormats: mandating insecurity by requiring government access to all data and communications. J. Cybersecur. 1(1), 69–79 (2015)

    Google Scholar 

  2. Afshar, A., Mohassel, P., Pinkas, B., Riva, B.: Non-interactive secure computation based on cut-and-choose. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 387–404. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-55220-5_22

    Chapter  Google Scholar 

  3. Andrychowicz, M., Dziembowski, S., Malinowski, D., Mazurek, L.: Secure multiparty computations on bitcoin. In: 2014 IEEE Symposium on Security and Privacy, pp. 443–458. IEEE Computer Society Press, May 2014

    Google Scholar 

  4. Apple. Facetime. https://apps.apple.com/us/app/facetime/id1110145091

  5. Apple. icloud security overview. https://support.apple.com/en-us/HT202303

  6. Apple. imessage. https://support.apple.com/explore/messages

  7. Backes, M., Camenisch, J., Sommer, D.: Anonymous yet accountable access control. In: Proceedings of the 2005 ACM Workshop on Privacy in the Electronic Society, WPES 2005, pp. 40–46. Association for Computing Machinery, New York (2005)

    Google Scholar 

  8. Badertscher, C., Gazi, P., Kiayias, A., Russell, A., Zikas, V.: Ouroboros genesis: composable proof-of-stake blockchains with dynamic availability. In: Lie, D., Mannan, M., Backes, M., Wang, X. (eds.) ACM CCS 2018, pp. 913–930. ACM Press (2018)

    Google Scholar 

  9. Badertscher, C., Maurer, U., Tschudi, D., Zikas, V.: Bitcoin as a transaction ledger: a composable treatment. In: Katz, J., Shacham, H. (eds.) CRYPTO, Part I. LNCS, vol. 10401, pp. 324–356. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63688-7_11

    Chapter  Google Scholar 

  10. Barr, W.: Attorney general William P. Barr delivers keynote address at the international conference on cyber security, July 2019

    Google Scholar 

  11. Barr, W.: Attorney general William P. Barr delivers keynote address at the international conference on cyber security, July 2019. https://www.justice.gov/opa/speech/attorney-general-william-p-barr-delivers-keynote-address-international-conference-cyber

  12. Bates, A.M., Butler, K.R.B., Sherr, M., Shields, C., Traynor, P., Wallach, D.S.: Accountable wiretapping -or- I know they can hear you now. In: NDSS 2012. The Internet Society, February 2012

    Google Scholar 

  13. Bellare, M., Rivest, R.L.: Translucent cryptography - an alternative to key escrow, and its implementation via fractional oblivious transfer. J. Cryptol. 12(2), 117–139 (1999)

    Article  Google Scholar 

  14. Bellovin, S.M., Blaze, M., Boneh, D., Landau, S., Rivest, R.R.: Analysis of the CLEAR protocol per the National Academies’ framework. Technical report CUCS-003-18, Columbia University, May 2018

    Google Scholar 

  15. Bentov, I., Kumaresan, R.: How to use bitcoin to design fair protocols. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part II. LNCS, vol. 8617, pp. 421–439. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44381-1_24

    Chapter  Google Scholar 

  16. Blaze, M.: Oblivious key escrow. In: Anderson, R. (ed.) IH 1996. LNCS, vol. 1174, pp. 335–343. Springer, Heidelberg (1996). https://doi.org/10.1007/3-540-61996-8_50

    Chapter  Google Scholar 

  17. Boneh, D., Bonneau, J., Bünz, B., Fisch, B.: Verifiable delay functions. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018, Part I. LNCS, vol. 10991, pp. 757–788. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96884-1_25

    Chapter  Google Scholar 

  18. Boyle, E., Chung, K.-M., Pass, R.: On extractability obfuscation. In: Lindell, Y. (ed.) TCC 2014. LNCS, vol. 8349, pp. 52–73. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54242-8_3

    Chapter  Google Scholar 

  19. Bryan-Low, C.: Vodafone, Ericsson get hung up in Greece’s phone-tap scandal. Wall Street J. (2006)

    Google Scholar 

  20. Camenisch, J., Drijvers, M., Gagliardoni, T., Lehmann, A., Neven, G.: The wonderful world of global random oracles. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018, Part I. LNCS, vol. 10820, pp. 280–312. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78381-9_11

    Chapter  Google Scholar 

  21. Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: 42nd FOCS, pp. 136–145. IEEE Computer Society Press, October 2001

    Google Scholar 

  22. Canetti, R., Krawczyk, H., Nielsen, J.B.: Relaxing chosen-ciphertext security. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 565–582. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45146-4_33

    Chapter  Google Scholar 

  23. Canetti, R., Lindell, Y., Ostrovsky, R., Sahai, A.: Universally composable two-party and multi-party secure computation. In: 34th ACM STOC, pp. 494–503. ACM Press, May 2002

    Google Scholar 

  24. Choudhuri, A.R., Goyal, V., Jain, A.: Founding secure computation on blockchains. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019, Part II. LNCS, vol. 11477, pp. 351–380. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17656-3_13

    Chapter  Google Scholar 

  25. Choudhuri, A.R., Green, M., Jain, A., Kaptchuk, G., Miers, I.: Fairness in an unfair world: fair multiparty computation from public bulletin boards. In: Thuraisingham, B.M., Evans, D., Malkin, T., Xu, D. (eds.) ACM CCS 2017, pp. 719–728. ACM Press, October/November 2017

    Google Scholar 

  26. Cramer, R., Shoup, V.: Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 45–64. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-46035-7_4

    Chapter  Google Scholar 

  27. Damgård, I., Nielsen, J.B., Orlandi, C.: Essentially optimal universally composable oblivious transfer. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 318–335. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-00730-9_20

    Chapter  Google Scholar 

  28. David, B., Gaži, P., Kiayias, A., Russell, A.: Ouroboros praos: an adaptively-secure, semi-synchronous proof-of-stake blockchain. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018, Part II. LNCS, vol. 10821, pp. 66–98. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78375-8_3

    Chapter  Google Scholar 

  29. De Santis, A., Di Crescenzo, G., Ostrovsky, R., Persiano, G., Sahai, A.: Robust non-interactive zero knowledge. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 566–598. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_33

    Chapter  Google Scholar 

  30. Denning, D.E.: The US key escrow encryption technology. Comput. Commun. 17(7), 453–457 (1994)

    Article  Google Scholar 

  31. Denning, D.E., Branstad, D.K.: A taxonomy for key escrow encryption systems. Commun. ACM 39(3), 34–40 (1996)

    Article  Google Scholar 

  32. EncroChat. Encrochat network. http://encrochat.network/

  33. Encryption Working Group: Moving the Encryption Policy Conversation Forward. Technical report, Carnegie Endowment for International Peace (2019)

    Google Scholar 

  34. Federal Bureau of Investigation. Going Dark. https://www.fbi.gov/services/operational-technology/going-dark

  35. Feigenbaum, J., Weitzner, D.J.: On the incommensurability of laws and technical mechanisms: or, what cryptography can’t do. In: Matyáš, V., Švenda, P., Stajano, F., Christianson, B., Anderson, J. (eds.) Security Protocols 2018. LNCS, vol. 11286, pp. 266–279. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03251-7_31

    Chapter  Google Scholar 

  36. Franceschi-Bicchierai, L.: FBI director: encryption will lead to a ‘very dark place’. Mashable, October 2014

    Google Scholar 

  37. Frankle, J., Park, S., Shaar, D., Goldwasser, S., Weitzner, D.J.: Practical accountability of secret processes. In: Enck, W., Felt, A.P. (eds.) USENIX Security 2018, pp. 657–674. USENIX Association, August 2018

    Google Scholar 

  38. Garg, S., Gentry, C., Halevi, S., Wichs, D.: On the implausibility of differing-inputs obfuscation and extractable witness encryption with auxiliary input. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part I. LNCS, vol. 8616, pp. 518–535. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44371-2_29

    Chapter  Google Scholar 

  39. Garg, S., Ostrovsky, R., Visconti, I., Wadia, A.: Resettable statistical zero knowledge. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 494–511. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28914-9_28

    Chapter  Google Scholar 

  40. Gazi, P., Kiayias, A., Zindros, D.: Proof-of-stake sidechains. In: 2019 IEEE Symposium on Security and Privacy, pp. 139–156. IEEE Computer Society Press, May 2019

    Google Scholar 

  41. Gentry, C., Lewko, A., Waters, B.: Witness encryption from instance independent assumptions. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part I. LNCS, vol. 8616, pp. 426–443. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44371-2_24

    Chapter  Google Scholar 

  42. Goldwasser, S., Park, S.: Public accountability vs. secret laws: can they coexist? A cryptographic proposal. In: Proceedings of the 2017 on Workshop on Privacy in the Electronic Society, WPES 2017, pp. 99–110. Association for Computing Machinery, New York (2017)

    Google Scholar 

  43. Google. Encrypt your data - pixel phone help. https://support.google.com/pixelphone/answer/2844831?hl=en

  44. Gorman, S.: NSA officers spy on love interests. Wall Street J. (2013)

    Google Scholar 

  45. Goyal, R., Goyal, V.: Overcoming cryptographic impossibility results using blockchains. In: Kalai, Y., Reyzin, L. (eds.) TCC 2017, Part I. LNCS, vol. 10677, pp. 529–561. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70500-2_18

    Chapter  Google Scholar 

  46. Graham, S.L.: Eliminating abusive and rampant neglect of interactive technologies act of 2020, March 2020

    Google Scholar 

  47. Horel, T., Park, S., Richelson, S., Vaikuntanathan, V.: How to subvert backdoored encryption: security against adversaries that decrypt all ciphertexts. In: Blum, A. (ed.) ITCS 2019, vol. 124, pp. 42:1–42:20. LIPIcs (2019)

    Google Scholar 

  48. Horvitz, O., Katz, J.: Universally-composable two-party computation in two rounds. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 111–129. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74143-5_7

    Chapter  MATH  Google Scholar 

  49. Ishai, Y., Kushilevitz, E., Ostrovsky, R., Prabhakaran, M., Sahai, A.: Efficient non-interactive secure computation. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 406–425. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20465-4_23

    Chapter  Google Scholar 

  50. Kamara, S.: Restructuring the NSA metadata program. In: Böhme, R., Brenner, M., Moore, T., Smith, M. (eds.) FC 2014. LNCS, vol. 8438, pp. 235–247. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44774-1_19

    Chapter  Google Scholar 

  51. Kaptchuk, G., Green, M., Miers, I.: Giving state to the stateless: augmenting trustworthy computation with ledgers. In: NDSS 2019. The Internet Society, February 2019

    Google Scholar 

  52. Kiayias, A., Russell, A., David, B., Oliynykov, R.: Ouroboros: a provably secure proof-of-stake blockchain protocol. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017, Part I. LNCS, vol. 10401, pp. 357–388. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63688-7_12

    Chapter  Google Scholar 

  53. Kroll, J., Felten, E., Boneh, D.: Secure protocols for accountable warrant execution (2014)

    Google Scholar 

  54. Kroll, J.A., Zimmerman, J., Wu, D.J., Nikolaenko, V., Felten, E.W., Boneh, D.: Accountable cryptographic access control (2018)

    Google Scholar 

  55. Levy, I., Robinson, C.: Principles for a more informed exceptional access debate. Lawfare (2018)

    Google Scholar 

  56. Lichtblau, E., Goldstein, J.: Apple faces U.S. demand to unlock 9 more iPhones. The New York Times, February 2016

    Google Scholar 

  57. Liu, J., Ryan, M.D., Chen, L.: Balancing societal security and individual privacy: accountable escrow system. In: 2014 IEEE 27th Computer Security Foundations Symposium, pp. 427–440, July 2014

    Google Scholar 

  58. Liu, J., Jager, T., Kakvi, S.A., Warinschi, B.: How to build time-lock encryption. Des. Codes Crypt. 86(11), 2549–2586 (2018)

    Article  MathSciNet  Google Scholar 

  59. Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008)

    Google Scholar 

  60. Nakashima, E.: Chinese hackers who hacked Google gained access to sensitive data, U.S. officials say. The Washington Post, May 2013

    Google Scholar 

  61. National Academies of Sciences, Engineering, and Medicine. Exploring Encryption and Potential Mechanisms for Authorized Government Access to Plaintext, The National Academies Press (2016)

    Google Scholar 

  62. National Academies of Sciences, Engineering, and Medicine. Decrypting the Encryption Debate: A Framework for Decision Makers: The National Academies Press, Washington, DC (2018)

    Google Scholar 

  63. Nielsen, J.B., Orlandi, C.: LEGO for two-party secure computation. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 368–386. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-00457-5_22

    Chapter  Google Scholar 

  64. Nightingale, J.: Fraudulent *.google.com Certificate, August 2011

    Google Scholar 

  65. Panwar, G., Vishwanathan, R., Misra, S., Bos, A.: SAMPL: scalable auditability of monitoring processes using public ledgers. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) ACM CCS 2019, pp. 2249–2266. ACM Press, November 2019

    Google Scholar 

  66. Poplin, C.M.: Burr-feinstein encryption legislation officially released. Lawfare, April 2016

    Google Scholar 

  67. Sahai, A.: Non-malleable non-interactive zero knowledge and adaptive chosen-ciphertext security. In: 40th FOCS, pp. 543–553. IEEE Computer Society Press, October 1999

    Google Scholar 

  68. Savage, S.: Lawful device access without mass surveillance risk: a technical design discussion. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS 2018, pp. 1761–1774. Association for Computing Machinery, New York (2018)

    Google Scholar 

  69. Scafuro, A.: Break-glass encryption. In: Lin, D., Sako, K. (eds.) PKC 2019, Part II. LNCS, vol. 11443, pp. 34–62. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17259-6_2

    Chapter  Google Scholar 

  70. Segal, A., Ford, B., Feigenbaum, J.: Catching bandits and only bandits: Privacy-preserving intersection warrants for lawful surveillance. In: 4th USENIX Workshop on Free and Open Communications on the Internet (FOCI 14). USENIX Association, San Diego, CA, August 2014

    Google Scholar 

  71. Blackburn, Sen.M., Graham, Sen.L., Cotton, Sen.T.: Lawful access to 5 encrypted data act, June 2020

    Google Scholar 

  72. Servan-Schreiber, S., Wheeler, A.: Judge, jury & encryptioner: exceptional access with a fixed social cost (2019)

    Google Scholar 

  73. Signal. Signal secure messaging system

    Google Scholar 

  74. Sing, M.: Over two dozen encryption experts call on India to rethink changes to its intermediary liability rules. TechCrunch, February 2020

    Google Scholar 

  75. Tait, M.: An approach to James Comey’s technical challenge. Lawfare, April 2016

    Google Scholar 

  76. Tarabay, J.: Australian government passes contentious encryption law. The New York Times, December 2018

    Google Scholar 

  77. Watt, N., Mason, R., Traynor, I.: David Cameron pledges anti-terror law for internet after Paris attacks. The Guardian, January 2015

    Google Scholar 

  78. WhatsApp. WhatsApp Encryption Overview, December 2017

    Google Scholar 

  79. Wright, C., Varia, M.: Crypto crumple zones: enabling limited access without mass surveillance. In: 2018 IEEE European Symposium on Security and Privacy (EuroS P), pp. 288–306, April 2018

    Google Scholar 

Download references

Acknowledgments

The first author funded in part from the National Science Foundation under awards CNS-1653110 and CNS-1801479, a Google Security & Privacy Award. The second author is supported by the National Science Foundation under Grant #2030859 to the Computing Research Association for the CIFellows Project. Additionally, this material is based upon work supported by DARPA under Agreements No. HR00112020021 and Agreements No. HR001120C0084. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the United States Government or DARPA.

Author information

Authors and Affiliations

  1. Johns Hopkins University, Baltimore, USA

    Matthew Green & Gijs Van Laer

  2. Boston University, Boston, USA

    Gabriel Kaptchuk

Authors
  1. Matthew Green
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Gabriel Kaptchuk
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Gijs Van Laer
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Matthew Green .

Editor information

Editors and Affiliations

  1. Inria, Paris, France

    Anne Canteaut

  2. UCLouvain, Louvain-la-Neuve, Belgium

    François-Xavier Standaert

Rights and permissions

Reprints and permissions

Copyright information

© 2021 International Association for Cryptologic Research

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Green, M., Kaptchuk, G., Van Laer, G. (2021). Abuse Resistant Law Enforcement Access Systems. In: Canteaut, A., Standaert, FX. (eds) Advances in Cryptology – EUROCRYPT 2021. EUROCRYPT 2021. Lecture Notes in Computer Science(), vol 12698. Springer, Cham. https://doi.org/10.1007/978-3-030-77883-5_19

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-77883-5_19

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-77882-8

  • Online ISBN: 978-3-030-77883-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

Search

Navigation