Based on an ongoing project, University of Waikato researchers contend that building backdoors into encryption contravenes important encryption principles and should not be pursued as a matter of law and policy.
According to the principal investigators, Dr Michael Dizon, Associate Professor Wayne Rumbles and Associate Professor Ryan Ko, encryption is designed to preserve the objectives of protecting the confidentiality, integrity and authenticity of data and communications. Any legislative proposal that requires the creation of backdoors contravenes all these three cybersecurity objectives because a backdoor is akin to introducing a known weakness in the system.
“Backdoors are also at odds with another key principle that encryption should be resistant to attacks. They compromise a computer system’s security and resilience”, Dr Dizon explains. Their position against backdoors is supported by the recently proposed Assistance and Access Bill 2018 in Australia, where the Australian Government declares that it “has no interest in undermining systems that protect the fundamental security of communications. This includes a prohibition on building a decryption capability. So-called ‘backdoors’ weaken the digital security of Australians and others”.
The Waikato researchers also note that encryption is adversarial in nature. Historically, encryption is a cat-and-mouse game between codemakers and codebreakers. Based on this finding, the researchers suggest that innovation in cybersecurity should be prioritised and continuous improvements to encryption should be encouraged since these are essential to stay ahead in the arms race. The researchers also believe that caution should be exercised when imposing legal obligations on technology providers that end up dissuading them from keeping their systems safe and secure.
The research project on encryption is funded by the New Zealand Law Foundation’s Information Law and Policy Project (ILAPP), which is intended to explore and develop law and policy to help New Zealand adapt to future changes in the information age, and the University of Waikato’s Strategic Investment Fund – Research.
