Niels Ferguson, developer & cryptographer within Microsoft’s System Integrity team posted earlier this week:
“Two weeks ago BBC News published an article speculating about a possible “back door” in BitLocker (http://news.bbc.co.uk/1/hi/uk_politics/4713018.stm). The suggestion is that we are working with governments to create a back door so that they can always access BitLocker-encrypted data.
Over my dead body.”
“Referring the Microsoft’s encryption technology known as BitLocker (the technology that could keep law enforcement agencies from getting at the contents of a hard drive or thumb drive), Ferguson also wrote “Like any security technology BitLocker has its avenues of attack and law enforcement should know about them.”
I’m not making this up. So, if it has avenues of attack, why bother? Or is it just to keep casual hackers at bay? (in other words, why bother?)”
Let’s get one thing straight before I make my point. I’m not a ‘security expert’ and I do not represent Microsoft’s security team. Niels can respond for himself (and I’m sure he will). So, the following is my response, not his.
And my response is this:
Let’s say I have a door. And that door has a key. And that when that door is locked, it can be assumed – for the sake of argument – that the room behind the door is ‘secure’ (and that the door is ‘unbreakable’). Secure in that there is no way to get inside that room without using the (only) key to unlock the door.
Now, at this point you might think that that’s that. But, as the user of the door, I should know that there are things I should do / not do in order to ensure that my room really is secure once I’ve locked it.
1. Not to leave my key lying next to the door
2. If the door were secured by a combination lock, don’t leave the combination on a Post-It Note stuck to that door.
In other words, in using the analogy above, I need to secure my key in order to secure my room.
Without taking sensible and informed precautions, I can therefore leave myself open to these ‘avenues of attack’. In the security world, these above examples are called ‘avenues of attack’. No matter how obvious they might seem.
So, two points that David entirely overlooks. The first is that any practicable security technology has ‘avenues of attack’. Fact.
The second point David misses, and this goes back to the analogy above, is that if ‘I’ – as the user of the lock – know what the avenues of attack are and that ‘law enforcement’ and everybody else has exactly the same knowledge about what these ‘avenues of attack’ are as I do, then by definition there are no secrets and is no back door.