A Man With a Plan to End the Crypto-wars

Stan Ward

Stan Ward

January 7, 2016

The Computer and Electronics show (CES) that starts today in Las Vegas is getting all the play in the media, and deservedly so. In the meantime, another seminal event is taking place in Palo Alto at Stanford University’s Real World Crypto conference, where the celebrated David Chaum is poised to make tech news again, ten years after his last online privacy achievement. With the encryption wars raging now, he may be introducing a solution that is acceptable to both law enforcement types and privacy advocates alike.

Chaum’s new encryption configuration is called Privategrity and with it, he aims to bring the crypto wars to an end, as it will, at the same time, strengthen security and enable access if the technology is being used nefariously. It is designed to be more anonymous and secure than Tor or I2P – fully secret, anonymous communications that no eavesdropper can crack, whether a hacker or an intelligence agency. But, in deference to law enforcement’s concerns, Chaum is also building into Privategrity another feature that’s sure to be far more controversial. It is a carefully controlled backdoor that allows anyone doing something “evil” to have their anonymity and privacy interrupted and negated.

Gauging what is objectionable or dangerous, and who gets to make that call, is a radical notion.To better determine exactly who decides what the threshold for “evil” is – too big a responsibility for any one government or company, he is planning to have “a council of sorts” make the ultimate judgement. When Privategrity’s setup is complete, “nine server administrators in nine different countries will all converge to cooperate to trace criminals within the network and decipher their communications. The hope is that this will satisfy the government’s insatiable appetite for weaker encryption and back doors and assuage the tech companies and privacy advocates in the process.”

In Chaum’s words,

“If you want a way to solve this apparent logjam, here it is. We don’t have to give up on privacy. We don’t have to allow terrorists and drug dealers to use it. We can have a civil society electronically without the possibility of covert mass surveillance.”

Chaum’s security chops actually predate the Internet, and as a result, when he talks (or in this case invents,) the tech community and Internet world listens. Perhaps the most influential of Chaum’s privacy ideas was an early, simple scheme he called a “mix network”, a term he coined in 1979. Mix networks anonymize messages by encrypting them in layers and routing them through a series of computers that serve as intermediaries. Simply put, a chain of computer relays are established so that once information passes from one computer to the next in line, the data is unrecognizable by the previous computer. Today, these privacy innovations have given rise to Tor, and have ramifications for people as disparate as Bitcoin users and Dark Web cretins trafficking in illicit drugs.

Privategrity, he claims, is more elaborate, and thus more secure than Tor, a fact that will immediately endear it to legitimate privacy advocates and cyber criminals alike. But it’s nine, possibly ten, computers in the chain will enable a determined, efficient pursuer, with sophisticated equipment, to come in through the back door – if they can connect the dots with all the computers. “It’s like a backdoor with nine different padlocks on it,” Chaum says. For the time being, Privategrity will operate in the Cloud, with all the attendant lack of security there.

But in the app’s final version, Chaum says he plans to move all but one of those servers abroad, so that they’re spread out to nine different countries, and will require each server to publish its law enforcement cooperation policy (yet unspecified by him,) so that everything is above board. “It’s like the UN,” chirps Chaum. “I don’t think a single jurisdiction should be able to covertly surveil (sic) the planet…In this system, there’s an agreement on the rules, and then we can enforce them.”

Just the mention of a backdoor, despite the promised padlocks, is bound to get some privacy activists in a dither. On the other hand, encryption to which even tech companies haven’t the keys for their own product is something that should be addressed and altered. But it is possible that Privategrity may be the innovation to do the trick, in satisfying all sides on the security-privacy issue. Stay tuned, that is, unless you’re too distracted by the new gizmos at CES!

Stan Ward

Stan Ward has enjoyed writing for 50 years. Writing has been a comfortable companion to a successful business and teaching career for him. Find him on Google+.

2 responses to “A Man With a Plan to End the Crypto-wars

  1. This is an interesting proposal, however the idea of a backdoor still doesn’t sit well with me, as I imagine it won’t with privacy advocates. Despite the ‘locks’ being in 9 different countries, the US government has significant influence throughout the world, and when influence doesn’t work, money sometimes does. At any rate, when there’s a backdoor or backdoors, not only the good guys get to use it.

    The only way I think Privategrity would work would be to distribute the 9 backdoors to privacy advocates like the EFF, Torproject, and maybe even Linux. Of course, the problem again is the US government, as all these are located in the USA.

    It will be interesting to see which entities/people Chaum thinks should hold the keys to his new encryption scheme.

Leave a Reply

Your email address will not be published. Required fields are marked *

Exclusive Offer
Get NordVPN for only