About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline
LOG IN
LOG IN

106 Geo. L.J. 989 (2017-2018)
Encryption Workarounds

handle is hein.journals/glj106 and id is 1001 raw text is: Encryption Workarounds ORIN S. KERR* & BRUCE SCHNEIER** The widespread use of encryption has triggered a new step in many criminal investigations: The encryption workaround. We define an encryption workaround as any lawful government effort to reveal unencrypted plaintext of a target's data that has been concealed by encryption. This Article provides an overview of encryption workarounds. It begins with a taxonomy of the different ways investigators might try to bypass encryption schemes. We classify six kinds of workarounds: find the key, guess the key, compel the key, exploit a flaw in the encryption software, access plaintext while the device is in use, and locate another plaintext copy. For each approach, we consider the practical, technological, and legal hurdles raised by its use. The remainder of this Article develops lessons about encryption workarounds and the broader public debate about encryption in criminal investigations. First, encryption workarounds are inherently probabilis- tic. None work every time, and none can be categorically ruled out every time. Second, the different resources required for different workarounds will have significant distributional effects on law enforcement. Some techniques are inexpensive and can be used often by many law enforce- ment agencies; some are sophisticated or expensive and likely to be used rarely and only by a few. Third, the scope of legal authority to compel third-party assistance will be a continuing challenge. And fourth, the law governing encryption workarounds remains uncertain and underdevel- oped. Whether encryption will be a game changer or a speed bump depends on both technological change and the resolution of important legal questions that currently remain unanswered. TABLE OF CONTENTS INTRODUCTION.. ................................................... 990 1. THE BASIC PRINCIPLES OF ENCRYPTION ........................... 993 II. Six TYPES OF ENCRYPTION WORKAROUNDS ........................ 996 * Frances R. and John J. Duggan Distinguished Professor, University of Southern California Gould School of Law. 0 2018, Orin S. Kerr & Bruce Schneier. ** Fellow, Berkman Klein Center for Internet & Society at Harvard University; Chief Technology Officer, IBM Resilient. The authors thank Dan Richman, Catherine Crump, Andrea Roth, Holly Doremus, Mark Rumold, Steven Bellovin, the University of California at Berkeley Law School Public Law and Policy Colloquium, and the Privacy Law Scholars Conference for comments on an earlier draft. 989

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.



Short-term subscription options include 24 hours, 48 hours, or 1 week to HeinOnline.

Purchase Access

Contact us for annual subscription options:

Contact Us

Already a HeinOnline Subscriber?

Log In

profiles profiles most