Built-in 'backdoors' can sabotage encryption

Many encrypted systems have built-in "backdoors" that allow for eavesdropping on communications, but some are stealthier and more secure than others.

An analysis published by researchers at the Universities of Wisconsin in Madison and Washington in Seattle and led by cryptographer and author Bruce Schneider analyzed the weaknesses and strengths of coding in backdoors in encryption systems. Although they are often mentioned with paranoia — the National Security Administration used backdoors to spy on many Internet users, according to the Daily Beast — studying how they work can help coders set up better protections against them, according to Wired.

The researchers analyzed a set of variables and their potential usefulness to spies, including how much work it takes to secretly set up a backdoor, the precision of what it surveils, its durability and its ease of use. Systems analysts who know the particular weaknesses of backdoors can more easily spot them and report them, according to the report. The goal of the report was to make more analysts aware so the tools can be eradicated, Mr. Schneider told Wired.

"Certainly there are ways to do this that are better and worse," Mr. Schneider said. "The most secure way is not to do it at all."

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Featured Whitepapers

Featured Webinars