Skip to main content
banner image
venafi logo

Is Cryptography Really a Threat to Liberty? [Labor Day Musings]

Is Cryptography Really a Threat to Liberty? [Labor Day Musings]

liberty and cryptography
September 2, 2019 | Guest Blogger: Kim Crawley

It’s Labor Day! My hometown of Toronto has an over century old tradition of celebrating the day with their last chance to enjoy the Canadian National Exhibition, colloquially known as The Ex. On the other side of the border, millions of Americans will be enjoying the end of summer with backyard barbeques. Working people fought hard for liberties which are celebrated on that day with many blue collar parades and perhaps putting away their white trousers until next year. (“Don’t wear white after Labor Day!”)


On this day, people will be thinking of the workplace liberties that were achieved through many struggles in the industrial era. If people feel patriotic, they may recall John F. Kennedy’s famous words during his inaugural address in 1961. “My fellow Americans: ask not what your country can do for you--ask what you can do for your country.” But in the wake of recent controversies, is cryptography beneficial to American interests?


Is cryptography beneficial to American interests?

This summer, US Attorney General William P. Barr has been arguing that law enforcement and intelligence require encryption backdoors in order to investigate crime which may threaten the liberties of Americans.  He said, “As we use encryption to improve cybersecurity, we must ensure that we retain society’s ability to gain lawful access to data and communications when needed to respond to criminal activity.”

He believes that the protection of liberty requires some sort of balance between citizens being able to encrypt their digital communications and law enforcement access. “Our societal response to advances in technology that affect the balance between individual privacy and public safety always has been—and always should be—a two-way street.” Nearly fifty-nine years ago, Kennedy suggested that Americans have a responsibility to serve their country. Barr has said that responsibility should include making it easier for police to intercept encrypted communications if they deem it necessary to investigate crime.

Not all of Silicon Valley agrees with Barr.

Apple is one of the most powerful companies in the world and hundreds of millions of people worldwide have an iPhone in their pocket. Back in 2016, Apple fought the Federal Bureau of Investigation (FBI) when they wanted access to the encrypted data on the iPhone belonging to a suspect in the San Bernardino terrorist attack. Apple won the battle to avoid granting law enforcement a backdoor, but the FBI ultimately won the war by spending about $900,000 to crack the phone’s encryption themselves. Who were the protectors of liberty in that situation? Was it Apple for doing everything they could to protect their customers’ privacy, or the FBI for being able to investigate a person they suspected to be a threat to people’s safety?


I believe that deploying cryptographic technology without government backdoors is what’s in the best interest of Americans’ liberty. Renowned cybersecurity expert Bruce Schneier wrote, “Encryption secures our data and communications against eavesdroppers like criminals, foreign governments, and terrorists. We use it every day to hide our cell phone conversations from eavesdroppers, and to hide our Internet purchasing from credit card thieves. Dissidents in China and many other countries use it to avoid arrest. It's a vital tool for journalists to communicate with their sources, for NGOs to protect their work in repressive countries, and for attorneys to communicate with their clients... Adding backdoors will only exacerbate the risks. As technologists, we can't build an access system that only works for people of a certain citizenship, or with a particular morality, or only in the presence of a specified legal document. If the FBI can eavesdrop on your text messages or get at your computer's hard drive, so can other governments. So can criminals. So can terrorists.”

And that’s the main problem with government backdoors. All backdoors threaten the strength of cryptography, even if they have a noble purpose. If backdoors are created for law enforcement, they probably will become public knowledge and available to cyber attackers. Many of the backdoors, malware, and other exploits used by the Central Intelligence Agency surfaced through Wikileaks’ Vault 7 revelations in 2017. One of those exploits was EternalBlue, which the notorious WannaCry ransomware used to harm countless Windows machines.

"All backdoors threaten the strength of cryptography" 

Schneier isn’t the only computer security expert who agrees with me. During Black Hat USA 2019, Venafi surveyed 384 IT security professionals for their opinions about government-mandated encryption backdoors. 74% said countries with government-mandated encryption backdoors are more susceptible to nation-state attacks. And 84% would never knowingly use a device or program from a company that agreed to install a backdoor. Venafi’s Kevin Bocek said, “On a consumer level, people want technology that prioritizes the security and privacy of their personal data. This kind of trust is priceless. Encryption backdoors would not only make us much less safe at a national level, they also clearly have the potential to inflict significant economic and political damage.”

Trust is Priceless

So, there you go. It may seem patriotic to grant the government backdoors so they can decrypt the communications of crime suspects in the interest of national safety without the hassle of asking a judge for a search warrant. But law enforcement should investigate crime without risking Americans’ privacy and ultimately weakening all encryption. Benjamin Franklin didn’t live to see modern computers, but he might have some words for William Barr. “Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.” So, salute the Stars and Stripes, grill me a Beyond Meat burger (I’m vegan), and encrypt your digital communications in storage and in transit. I think that’s what your founding fathers would have wanted!


Related posts

Like this blog? We think you will love this.
Featured Blog

EARN IT Act Is Back and So Is Debate Over End-To-End Encryption

The Eliminating Abusive and Rampant Neglect of Interactive T

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Guest Blogger: Kim Crawley
Guest Blogger: Kim Crawley

Kim Crawley writes about all areas of cybersecurity, with a particular interest in malware and social engineering. In addition to Venafi, she also contributes to Tripwire, AlienVault, and Cylance’s blogs. She has previously worked for Sophos and Infosecurity Magazine.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud

Venafi Cloud manages and protects certificates

* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
* Please fill in this field
* Please fill in this field
* Please fill in this field

End User License Agreement needs to be viewed and accepted

Already have an account? Login Here

get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more