David Chaum, an expert on encryption with more than 30 years of experience in the field, has a system he thinks will end the crypto wars between privacy advocates and government agencies. Recently, many politicians have been demanding that tech companies develop some sort of compromise solution that will allow warrants to be executed on encrypted communications while still protecting privacy, and Chaum's proposal might be the sort of thing they are looking for.
Chaum has been credited as the "father of online anonymity" by some over his development of mix networks in the 1980s. The Tor anonymity network and similar tools are based on the principles he pioneered back then. His latest project is the development of PrivaTegrity, yet another network for sending anonymous encrypted communications. However, this network has a backdoor built-in.
Chaum has devised a system which he believes will allow governments to decrypt communications of criminals without allowing mass surveillance. Decryption of messages on the network can only occur through the cooperation of nine separate servers. Even eight of them working together will be unable to decrypt communications. During PrivaTegrity's upcoming beta, all nine servers will be located in the United States, and will thus be subject to subpoena's by the likes of the NSA, FBI, and DEA.
Chaum eventually plans to move all but one of the servers overseas, so that messages could only be decrypted by the agreement of all nine governments. "It’s like the UN," says Chaum, "I don’t think a single jurisdiction should be able to covertly surveil the planet…In this system, there’s an agreement on the rules, and then we can enforce them." He hasn't decided which countries will get the servers, but suggested they will be democratic countries and offers Switzerland, Canada and Iceland as examples.
While it always makes me feel nice when people speak highly of Canada, it should be pointed out that Canada is one of the five eyes, and is among the countries which we know is cooperating with American mass surveillance. Other democratic countries which are not part of the five eyes have also cooperated with the NSA, such as Germany. There's also the fact that countries which may be reasonably trustworthy right now, may have a complete change in policy when a new government comes to power. Its questionable whether putting the backdoor into the hands of nine democratic governments will be a sufficient roadblock to prevent mass surveillance.
Aside from the trustworthiness of the nine countries, there is also the threat of hackers targeting the servers, in order to decrypt the communications. However Chaum believes that it will be very difficult for hackers to compromise this system. "These systems would be far more hardened than even corporate systems," he said, "and to abuse the backdoor you’d have to break all of them."
Chaum hopes this system can be a model for others to follow, stating, "You have to perfect the traceability of the evil people and the untraceability of the honest people. That’s how you break the apparent tradeoff, this standoff called the encryption wars."
Would you trust Chaum's system to protect your privacy? Leave your comments below.