Government’s Role in Standard Setting of Cryptographic Primitives

PIs: Prof. Orr Dunkelman, Prof. Niva Elkin-Koren, Ms. Dalit Ken-Dror Feldman. 

Surveillance and monitoring is often required by law enforcement and national security agencies to protect security and safety. Strong encryption may challenge these efforts. At the same time however, strong encryption is essential for protecting economic interests of considerable importance and ensuring civil rights (e.g., privacy, free speech). The strength of encryption is shaped, among other things, by standard setting bodies. While many countries strive to make these standards as secure as possible, evidence shows that several countries are working to weaken these standards. Specifically, some governmental entities allegedly address the challenges of strong encryption by secretly promoting weaker standards in standard setting bodies. Are these strategies legitimate and useful? Can governments legitimately endorse such standards and present them as a strong encryption even when they know they have a built-in backdoor? This study will examine different strategies to promote weaker standards in encryption, without disclosing vulnerabilities, as a matter of law and ethics. The study will analyze the potential legal implications of such practices, with emphasis on Israel and selected key countries, and propose alternative strategies for promoting innovation, national security, and privacy in cryptography standards