Yale profs propose openness, crypto for disciplined surveillance

Yale profs propose openness, crypto for disciplined surveillance

Summary: Proposal focuses on balancing national security and end-user privacy.


Two computer science professors at Yale University think cryptography and an open system of checks and balances could combine to preserve national security while preventing innocent by-standers from being snared in the nets of zealous lawmen in an age of big data collection and technology-savvy surveillance.

The plan would alter the current data collection model of intelligence agencies and law-enforcement, but still allow relevant information collection and investigations while safeguarding privacy.

Special Feature

IT Security in the Snowden Era

IT Security in the Snowden Era

The Edward Snowden revelations have rocked governments, global businesses, and the technology world. Here is our perspective on the still-unfolding implications along with IT security and risk management best practices that technology leaders can put to good use.

The professors, spurred on by the Edward Snowden controversy, have built a framework that includes data owners, repository stewards, and government agencies. They have developed what they call the Lawful Set-Intersection Protocol, built on top of two “communicative” encryption schemes: ElGamal and Pohlig-Hellman. To align with developers, they have posted on GitHub an implementation of the Java-based Lawful Set-Intersection Protocol.

The framework, protocol, and prototype implementations were presented Monday at the 4th USENIX Workshop on Free and Open Communications on the Internet by Bryan Ford, associate professor of computer science at Yale University and the head of the Decentralized/Distributed Systems research group, and Joan Feigenbaum, a Grace Murray Hopper professor and chair of Yale’s computer science department. Aaron Segal, a PhD candidate in Yale’s computer science department, also collaborated on the research entitled “Catching Bandits and Only Bandits.”

“What walks like a duck and squawks like a duck is usually a duck, and since the NSA has been squawking like a law-enforcement agency, it should be subject to open processes like a law-enforcement agency,” Ford and Feigenbaum wrote Monday in an MIT Technology Review article outlining their ideas and presentation.

The title of the presentation is a play on words referencing the case of two men who robbed 16 rural banks in Arizona and Colorado and became known as the High Country Bandits. They were eventually caught via cell tower dumps, records that reveal whose phone “checked-in” around the location and times of three of the robberies. While one bandit’s phone was the only one that showed up on the records of each tower, police also collected in their dragnet information on 149,999 innocent phone users as part of the investigation.


The guide to password security (and why you should care)

The guide to password security (and why you should care)

Find out how your password security can be compromised, and how to create and manage secure passwords.

The Yale pair said “modern cryptography could enable agencies to find and surgically extract warrant-authorized data about persons of interest like needles in a haystack of encrypted data, while guarding both the secrecy of the investigation and the privacy of innocent users whose data comprise the haystack.”

The professors argue that cryptography provides the way to pinpoint relevant data. The two professors admit that there are existing algorithms that focus on known targets, but they say they are the first to focus on privacy-preserving surveillance of unknown targets.

Ford and Feigenbaum say an investigation can remain private but that “the data collection process would be—what information was collected, from whom, and how it was encrypted, stored, searched, and decrypted.”  They said that structure is no different to the way police today use an “open process to obtain physical search warrants without publicly revealing the target or details of their investigation.”

In addition, authority to conduct surveillance would be spread across multiple and cooperating government agencies.  The professors say a “division of trust” is created when all data is encrypted in advance with the public keys of the “agencies that request, authorized or oversee the surveillance.”

The result, the professors said, “would ensure that lawful electronic surveillance activities protect the innocent, are properly authorized and limited in scope, are subject to robust oversight, and follow transparent processes that the public can debate or challenge in court.”

Topics: Security, Government, Government US


John Fontana is a journalist focusing on authentication, identity, privacy and security issues. Currently, he is the Identity Evangelist for strong authentication vendor Yubico, where he also blogs about industry issues and standards work, including the FIDO Alliance.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • "Disciplined Surveillance"

    Talk about ignoring the elephant in the bedroom...

    The problem here is not a lack of technical means by which the NSA (or any other spook agency), could do surveillance, "lawfully". They already have this, in spades.

    The problem IS the deeply-ingrained, institutional belief within the U.S. spook community in general, and the NSA in particular, that they should be subject to NO restrictions (at ALL) about how they operate, or to whom they should be accountable. (I give you, as evidence, the fact that James Clapper and Keith Alexander have been lying to Congress, an action which -- if undertaken by a subordinate in ANY other context -- would get that person fired, "for cause", on the spot. Yet these two, plus Michael Hayden, lie both to Congress and to the public, on a routine basis... and they suffer no sanction WHATSOEVER, for so doing.)

    So you can implement whatever "Lawful Self-Interdiction" that you want. NSA and the other spooks will just ignore its carefully-crafted "controls" and will go off and do whatever they want.

    The problem is not technical -- it's institutional, and attitudinal. The problem is that the United States has a spy agency that is in open contempt both of the law and of its political masters, who are so terrified of what the spooks know, that the Senators and Congressmen just meekly shut up and nod respectfully, as they listen to the lies.

      There is nothing that needs to be added to this post except further support. Completely accurate, unfortunately.