Yale profs propose openness, crypto for disciplined surveillance
Two computer science professors at Yale University think cryptography and an open system of checks and balances could combine to preserve national security while preventing innocent by-standers from being snared in the nets of zealous lawmen in an age of big data collection and technology-savvy surveillance.
The plan would alter the current data collection model of intelligence agencies and law-enforcement, but still allow relevant information collection and investigations while safeguarding privacy.
The professors, spurred on by the Edward Snowden controversy, have built a framework that includes data owners, repository stewards, and government agencies. They have developed what they call the Lawful Set-Intersection Protocol, built on top of two “communicative” encryption schemes: ElGamal and Pohlig-Hellman. To align with developers, they have posted on GitHub an implementation of the Java-based Lawful Set-Intersection Protocol.
The framework, protocol, and prototype implementations were presented Monday at the 4th USENIX Workshop on Free and Open Communications on the Internet by Bryan Ford, associate professor of computer science at Yale University and the head of the Decentralized/Distributed Systems research group, and Joan Feigenbaum, a Grace Murray Hopper professor and chair of Yale’s computer science department. Aaron Segal, a PhD candidate in Yale’s computer science department, also collaborated on the research entitled “Catching Bandits and Only Bandits.”
“What walks like a duck and squawks like a duck is usually a duck, and since the NSA has been squawking like a law-enforcement agency, it should be subject to open processes like a law-enforcement agency,” Ford and Feigenbaum wrote Monday in an MIT Technology Review article outlining their ideas and presentation.
The title of the presentation is a play on words referencing the case of two men who robbed 16 rural banks in Arizona and Colorado and became known as the High Country Bandits. They were eventually caught via cell tower dumps, records that reveal whose phone “checked-in” around the location and times of three of the robberies. While one bandit’s phone was the only one that showed up on the records of each tower, police also collected in their dragnet information on 149,999 innocent phone users as part of the investigation.
The Yale pair said “modern cryptography could enable agencies to find and surgically extract warrant-authorized data about persons of interest like needles in a haystack of encrypted data, while guarding both the secrecy of the investigation and the privacy of innocent users whose data comprise the haystack.”
The professors argue that cryptography provides the way to pinpoint relevant data. The two professors admit that there are existing algorithms that focus on known targets, but they say they are the first to focus on privacy-preserving surveillance of unknown targets.
Ford and Feigenbaum say an investigation can remain private but that “the data collection process would be—what information was collected, from whom, and how it was encrypted, stored, searched, and decrypted.” They said that structure is no different to the way police today use an “open process to obtain physical search warrants without publicly revealing the target or details of their investigation.”
In addition, authority to conduct surveillance would be spread across multiple and cooperating government agencies. The professors say a “division of trust” is created when all data is encrypted in advance with the public keys of the “agencies that request, authorized or oversee the surveillance.”
The result, the professors said, “would ensure that lawful electronic surveillance activities protect the innocent, are properly authorized and limited in scope, are subject to robust oversight, and follow transparent processes that the public can debate or challenge in court.”