Crypto Crumple Zones: Enabling Limited Access Without Mass Surveillance

Governments around the world are demanding more access to encrypted data, but it has been difficult to build a system that allows the authorities some access without providing unlimited access in practice.
In this talk, Mayank Varia, Co-Director of the Center for Reliable Information Systems and Cyber Security (RISCS) will present proof-of-concept techniques developed with Charles V. Wright (Portland State) for maximizing user privacy in jurisdictions that require support for so-called "exceptional access" to encrypted data. In contrast to previous work on this topic (e.g., key escrow), their approach places most of the responsibility for achieving exceptional access on the government, rather than on the users or developers of cryptographic tools. As a result, their constructions are very simple and lightweight, and they can be easily integrated into common applications and protocols for protecting data at rest such as PGP, Signal, SRTP, full-disk encryption, and file-based encryption. Refreshments provided. Please send RSVPs to tgabs@bu.edu.