Encryption Workarounds

Here's the final version of my article with Bruce Schneier.

|The Volokh Conspiracy |

I'm pleased to say that the Georgetown Law Journal has recently published Encryption Workarounds, an article I co-authored with Bruce Schneier. I have posted a final version here. The abstract is below.

The widespread use of encryption has triggered a new step in many criminal investigations: The encryption workaround. We define an encryption workaround as any lawful government effort to reveal unencrypted plaintext of a target's data that has been concealed by encryption. This Article provides an overview of encryption workarounds. It begins with a taxonomy of the different ways investigators might try to bypass encryption schemes. We classify six kinds of workarounds: find the key, guess the key, compel the key, exploit a flaw in the encryption software, access plaintext while the device is in use, and locate another plaintext copy. For each approach, we consider the practical, technological, and legal hurdles raised by its use.

The remainder of this Article develops lessons about encryption workarounds and the broader public debate about encryption in criminal investigations. First, encryption workarounds are inherently probabilistic. None work every time, and none can be categorically ruled out every time. Second, the different resources required for different workarounds will have significant distributional effects on law enforcement. Some techniques are inexpensive and can be used often by many law enforcement agencies; some are sophisticated or expensive and likely to be used rarely and only by a few. Third, the scope of legal authority to compel third-party assistance will be a continuing challenge. And fourth, the law governing encryption workarounds remains uncertain and underdeveloped. Whether encryption will be a game changer or a speed bump depends on both technological change and the resolution of important legal questions that currently remain unanswered.

NEXT: Universal Basic Income Proposal Still Fails to Pass Libertarian Scrutiny

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. It sounded like most of the encryption algorithms used can be cracked by quantum computer.

    If the government has a quantum computer which can crack most all the codes, who decides when/where it can be used?

    It looks like China launched some sort of satellite system last year enabling them to use quantum encryption. Maybe this is part of a data security arms race?

  2. I agree with MightyMouse. It looks like China launched some sort of satellite system last year enabling them to use quantum encryption. Maybe this is part of a data security arms race?
    My friend essay writer online also share this opinion.

Please to post comments

Comments are closed.