Journal of Digital Forensics, Security and Law

Volume 15 Article 2

August 2020

Cryptography, Passwords, Privacy, and the Fifth Amendment

Gary C. Kessler Gary Kessler Associates / Embry-Riddle Aeronautical University - Daytona Beach, [email protected]

Ann M. Phillips Embry-Riddle Aeronautical University - Daytona Beach, [email protected]

Follow this and additional works at: https://commons.erau.edu/jdfsl

Part of the Computer Law Commons, Constitutional Law Commons, Fourth Amendment Commons, Information Security Commons, Law and Society Commons, Privacy Law Commons, and the Science and Technology Law Commons

Recommended Citation Kessler, Gary C. and Phillips, Ann M. (2020) "Cryptography, Passwords, Privacy, and the Fifth Amendment," Journal of Digital Forensics, Security and Law: Vol. 15 , Article 2. DOI: https://doi.org/10.15394/jdfsl.2020.1678 Available at: https://commons.erau.edu/jdfsl/vol15/iss2/2

This Article is brought to you for free and open access by the Journals at Scholarly Commons. It has been accepted for inclusion in Journal of Digital Forensics, Security and Law by an authorized administrator of (c)ADFSL Scholarly Commons. For more information, please contact [email protected]. Cryptography JDFSL V15N3

CRYPTOGRAPHY, PASSWORDS, PRIVACY,AND THE FIFTH AMENDMENT Gary C. Kessler1, Ann M. Phillips2 1Embry-Riddle Aeronautical University Gary Kessler Associates Ormond Beach, FL 2Embry-Riddle Aeronautical University Daytona Beach, FL [email protected], [email protected] ABSTRACT Military-grade cryptography has been widely available at no cost for personal and commercial use since the early 1990s. Since the introduction of Pretty Good Privacy (PGP), more and more people encrypt files and devices, and we are now at the point where our smartphones are encrypted by default. While this ostensibly provides users with a high degree of privacy, compelling a user to provide a password has been interpreted by some courts as a violation of our Fifth Amendment protections, becoming an often insurmountable hurdle to law enforcement lawfully executing a search warrant. This paper will explore some of the issues around this complex legal and social issue, including the evolution in the use of digital cryptography and the evolving legal interpretations of privacy.

Keywords: Cryptography, Fifth Amendment, Law, Passwords, Privacy, Self-incriminating testimony

1. INTRODUCTION trying to execute a search warrant. This raises several questions: While addressing cybersecurity conference attendees at Boston College in 2017, then- 1. How do we, as a society, feel about citi- FBI Director James Comey observed that zens having access to strong encryption the ubiquitous availability and use of strong and devices that are impervious to a cryptography was upsetting the delicate bal- government-sanctioned search? ance between privacy and security that is at the very heart of the U.S. social contract 2. Did the authors of the Constitution (Armerding, 2017). In 2019, Manhattan Dis- envision a container that could never trict Attorney Cyrus Vance, Jr. testified that be opened and, therefore, never be strong iPhone encryption was Apple’s "gift to searched? sex traffickers" ("Written Testimony", 2019, para. 13). Today’s digital cryptography truly 3. Is compelling a user to provide a pass- is military-grade and provides an often insur- word a violation of Fifth Amendment mountable barrier for law enforcement when protections?

c 2020 JDFSL Page 1 JDFSL V15N3 Cryptography

4. Should crypto products have backdoors Cryptography continued to play a major for just these reasons? role in diplomatic and military communica- tion in the 20th century, playing a key role in This paper will explore these issues by ex- the military campaigns of both World Wars amining the growing capabilities of cryptog- (Haufler, 2003; Yardley, 1931). Commercial raphy (Section 2) and the evolving interpreta- use of crypto, while introduced in the 1920s, tion of privacy and self-incrimination (Section started to grow so rapidly in the post-WW II 3). Section 4 will discuss some of the issues era that the U.S. and most of the allied coun- as privacy and the needs of the state collide. tries limited its use by civilians. In the U.S., Section 5 will provide some conclusions. in particular, cryptography was classified as a munition, which placed strict export controls on those products (Kahn, 1996; Levy, 2001). 2. SOME MAJOR The 1950s saw the dawn of the computer age in commercial organizations, notably in EVENTS IN DIGITAL the financial industry. In the early 1970s, the CRYPTOGRAPHY National Bureau of Standards (NBS, now the National Institute of Standards and technol- Cryptography is the science of writing in se- ogy [NIST]) put out a call for a national stan- cret codes. Most historians point to the use dard encryption scheme for use with comput- of non-standard hieroglyphics in Egypt in ers. The Data Encryption Standard (DES), 1900 B.C.E. as the beginning of secret code designed by IBM and derived from an earlier writing although that practice probably ap- IBM cipher called Lucifer, was adopted in pears spontaneously soon after writing was 1977 and published as Federal Information developed (Kahn, 1996; Singh, 1999). Processing Standard (FIPS) Publication 46. For several thousand years, the primary The National Security Agency (NSA) had use of cryptography was for secrecy (aka pri- input into the development of DES, which vacy and confidentiality). It was also the caused many to wonder if they had imple- exclusive domain of the literate and, even mented some sort of backdoor, a purpose- then, employed almost solely at the nation- ful weakening of the algorithm to make is state level to protect diplomatic communica- more susceptible to certain kinds of attack. tion and military secrets (Kahn, 1996; Singh, Ironically, the NSA-designed Substitution 1999). (S)-boxes removed a mathematical weakness, While many advances in cryptographic making the algorithm stronger. However, codes appeared in the 1800s, one of the most IBM offered both 56- and 128-bit key ver- notable practical contributions came from sions of DES and the NSA insisted upon use Auguste Kerckhoffs, a Dutch linguist and of the smaller key, making it more susceptible cryptographer. In 1883, Kerckhoffs proposed to brute force attacks (Schneier, 2004). a number of design principles for military ci- Upon adoption, DES became the newest phers. One that maintains significance today secret key cryptography (SKC) scheme. SKC, says that the cryptographic system must not also called symmetric cryptography, uses a rely upon the secrecy of the encryption al- single key for both encryption and decryption. gorithm but upon the judicious choice, use, The key, then, is a shared secret between the and storage of the keys. In fact, it is best to sending and receiving parties. An important assume that the enemy knows the algorithm aspect of SKC schemes is the process of key (Kahn, 1996; Kerckhoffs, 1883a, 1883b). exchange; specifically, how do the sender and

Page 2 c 2020 JDFSL Cryptography JDFSL V15N3

receiver share the key and keep it a secret? bining hashing, compression, SKC, and PKC In 1977, the best way might be for one party into a method to protect files, devices, and to write it down and send it by armored car e-mail. Public keys were shared via a concept to the other party, using the same keys for known as a Web of Trust; individuals would days or weeks at a time (Kahn, 1996; Singh, directly exchange their public keyrings and 1999). then share their keyrings with other trusted During this same era, Whitfield Diffie and parties (Zimmermann, 2001). Martin Hellman proposed a new form of PGP secret keys, however, were 128 bits encryption called public key cryptography or larger, making it a strong cryptography (PKC). Also called asymmetric cryptography, product. Export of strong crypto products PKC employs two keys, one to encrypt and without a license was a violation of Interna- the other to decrypt. Although the two keys tional Traffic in Arms Regulations (ITAR) are mathematically related and created as a and, in fact, Zimmermann was the target pair, deriving the value of one of the keys of an FBI investigation from February 1993 by knowing the value of the other is compu- to January 1996. Yet, in 1995, perhaps as tationally infeasible. Thus, one of the keys a harbinger of the mixed feelings that this could be widely published and shared, known technology engendered, the Electronic Fron- as the public key, while the other key re- tier Foundation (EFF) awarded Zimmermann mained a closely held private key (Diffie & the Pioneer Award and Newsweek Magazine Hellman, 1976). named him one of the 50 most influential The description of PKC was widely hailed people on the Internet (Sussman, 1995; Zim- as the biggest advance in encryption in hun- mermann, n.d.). dreds of years. For 4,000 years, encryp- With the commercialization of the Inter- tion was used almost solely to keep secrets. net and dawning of the World Wide Web PKC could also provide sender authentica- in the early 1990s, the government realized tion, message integrity, key exchange, and that there were legitimate needs for public non-repudiation. In terms of key exchange use of strong cryptography. But not with- alone, public key methods allowed secret keys out government oversight. In 1993, at the to be generated and exchanged in millisec- same time as the Zimmermann investigation, onds (Kahn, 1996; Levy, 2001). NIST and the NSA introduced the Capstone PKC depends upon the existence of trap- project to provide strong crypto for public door functions. In this context, a trapdoor use. Capstone comprised several components (as opposed to a backdoor) refers to a math- (Crypto Museum, 2018; Kessler, 2020): ematical function that is easy to compute but where the inverse function is significantly 1. Skipjack: An SKC block cipher using an harder to calculate; e.g., it is easier to per- 80-bit key, the design of which was clas- form exponentiation than it is to calculate sified (a violation of Kerckhoffs’ design logarithms and multiplication is easier than principle described above) factorization. The first workable PKC algo- rithm was published by Rivest, Shamir, and 2. Clipper: A tamper-proof computer chip Adleman (1978) and led to the first commer- that ran Skipjack, designed with a cial PKC product, RSA. government-accessible backdoor In June 1991, Phil Zimmermann uploaded Pretty Good Privacy (PGP) to the Internet. 3. Escrowed Encryption Standard (ESS): PGP was the first open cryptosystem, com- A scheme whereby private keys would

c 2020 JDFSL Page 3 JDFSL V15N3 Cryptography

be escrowed by NIST and the Treasury Showing that 56-bit keys were insufficient Dept. was also a harbinger that the useful life of DES was coming to an end. In March 1998, Irrespective of the government’s intentions, NIST reaffirmed the DES standard for use for pushback against Capstone from privacy ad- one additional five-year cycle but stated that vocates and critics of its poor cryptographic a new standard would be developed. In July, practices – including the discovery of a flaw in however, the EFF introduced Deep Crack, a the Clipper chip’s law enforcement backdoor chip that could be built for $220K and brute – resulted in the termination of the project by force a DES key in an average of 4.5 days 1996 (Blaze, 1994; Meeks, 1994). Ultimately, (EFF, 1998). This development effectively Capstone was never adopted (EPIC, n.d.b). killed DES and caused a scramble as interim By 1995, electronic-commerce (e- fixes and variants to DES became available commerce) started to blossom on the (Kessler, 2020). Internet. At that time, many people – The process of developing NIST’s next- including the first author of this paper – generation SKC standard, called the Ad- were actually sending credit card numbers vanced Encryption Standard (AES), started and other private information in unen- in 1997. The AES process was handled very crypted emails. All of this changed in differently from the one that gave us DES. 1995 with Netscape’s release of the Secure Whereas DES was developed under a shroud Sockets Layer (SSL) protocol, an encryption of secrecy, the AES process was an open, enhancement employed by the Hypertext international competition. Fifteen propos- Transfer Protocol (HTTP) in Web servers als were submitted and reviewed, with all and browsers that were fundamental to algorithms, documentation, and tests were supporting the growth of commercial activity posted on a NIST Web site. In 2001, an algo- on the Internet. Because export of 128-bit rithm named Rijndael (developed by Belgian keys was still prohibited, browsers in this era cryptographers Joan Daemen and Vincent – including Internet Explorer and Netscape – Rijmen) – employing a 128-, 192-, or 256-bit had a domestic version with 128-bit keys and key – was adopted as FIPS Pub. 197 (NIST, an international version with 40-bit keys. In 2018). 1996, however, President Bill Clinton issued It is worth noting several other crypto de- Executive Order (EO) 13026, re-classifying velopments that occurred in the 2000s. Ap- crypto products as technology rather than ple’s Mac OS X, based on the Unix operating munition, which greatly relaxed export system, became available in 2001 (Painter, controls and key sizes (Clinton, 1996; U.S. 2019). Mac OS X 10.3 (Panther) introduced Dept. of Commerce, 2000). FileVault in 2003, which could encrypt a While this sea change was ongoing in the user’s home directory (Apple Inc., 2003). Fil- mid-1990s, Blaze, Diffie, Rivest, Schneier, eVault 2, a re-design of the original, was re- Shimomura, Thompson, and Wiener (1996) leased in 2011 with Mac OS X 10.7 (Lion) released a white paper demonstrating that 56- and supported full startup volume encryp- bit keys were too short for practical, commer- tion. This product was one of the first to cial purposes and that SKC schemes needed employ AES encryption (Apple Inc., 2018; to use longer keys (Figure 1). Given that OSXDaily, n.d.). DES had had a 20-year lifetime in 1996, they In 2004, TrueCrypt, open source encryp- concluded that the minimum key size for an- tion for Windows, MacOS, and Linux, was other twenty years was at least 75 bits. released (TrueCrypt, 2015). TrueCrypt pro-

Page 4 c 2020 JDFSL Cryptography JDFSL V15N3

Figure 1. Effective key lengths for commercial applications (Adapted from Blaze et al., 1996) vided a novel capability called plausible de- these devices was inevitable. In 2014, Ap- niability (Figure 2). When a TrueCrypt en- ple announced that iOS 8 devices would be crypted volume is created, the user can define encrypted by default and Google announced a single encrypted container or two encrypted the same for Android 5.0 (Lollipop) (Miller, containers using different passwords. Because 2014). the encrypted volume is randomized, it is not possible to tell whether there is a single 3. SOME MAJOR container or two. If somehow compelled to provide a password, a user can supply the EVENTS IN THE password to the standard TrueCrypt volume NOTIONS OF PRIVACY and there is no way to know if there is a hid- den volume within (TrueCrypt Foundation, Although the word "privacy" never appears 2012). (On 28 May 2014, the TrueCrypt Web in the U.S. Constitution or the Bill of Rights, site suddenly went dark, announcing that the Zimmermann – the author of PGP – suggests software was no longer being maintained and that privacy is an inalienable right that was that users should seek alternatives. The story understood by the framers (1999). Given of TrueCrypt and the software that followed the technology available in the late-1780s, is beyond the scope of this paper but certainly any two people having a conversation knew an interesting twist.) whether they had privacy or not simply by looking around; if a third person came within With the growth in the use of smartphones earshot, the two people could merely walk and the prodigious amount of personal infor- away. The printed word was always visi- mation they contain, default encryption of ble. People had privacy because physics sup-

c 2020 JDFSL Page 5 JDFSL V15N3 Cryptography

Figure 2. Plausible deniability in TrueCryp

ported it; the framers would no more discuss The Fourth Amendment protects against the right of privacy than they would the right overly invasive government searches but also to breathe air. provides guidelines around when the govern- ment can access an individual’s personal ef- Most people today associate our expecta- fects. In particular, a search is an: tion of privacy with the Fourth Amendment: 1. Action by the state The right of the people to be secure in their persons, houses, papers, and effects, 2. Infringes upon one’s reasonable expecta- against unreasonable searches and seizures, tion of privacy shall not be violated, and no Warrants shall 3. Is legal only if there is a search warrant issue, but upon probable cause, supported by or a valid warrant exception Oath or affirmation, and particularly describ- ing the place to be searched, and the persons In this regard the Fourth Amendment can or things to be seized (U.S. Const. amend. be viewed as involving a level of "taking" IV). some level of privacy by a government entity. The understanding of Fourth Amendment One hundred years after the ratification of protections has changed over time with the the U.S. Constitution, the invention of the current decisional law suggesting that they camera – and an invasive press – brought apply to people, not places (Katz v. U.S., the concept of privacy into public discussion. 1967; Olmstead v. U.S., 1928). Katz also The right to privacy was first described by provides a guideline of what "reasonable ex- Warren and Brandeis (1890) and introduced pectation of privacy" means; namely, a sub- the foundational concept that most Ameri- jective expectation of privacy that is objec- cans just want the "right to be let alone." tively reasonable. This standard is met if

Page 6 c 2020 JDFSL Cryptography JDFSL V15N3

a person expects privacy (subjective) and ing his expectation that his telephone calls society agrees that that expectation is rea- were private. The Court upheld conviction, sonable (objective). As an example, a person noting that a) police did not view the content standing inside of an enclosed, glass phone of his calls and b) he had already shared the booth might have a reasonable expectation fact that he was calling the woman with a of privacy for a telephone conversation but third party, namely the telephone company. probably does not have a reasonable expecta- These points are important to this discus- tion of privacy if they are taking their clothes sion largely because metadata is typically off. not encrypted while content might be. Thus, The Electronic Communications Privacy metadata would seemingly always be avail- Act (ECPA, 1986), which governs electronic able to law enforcement; it is content where surveillance in the United States, has always the issue of encryption might be directly at drawn a distinction between user data and issue. And content is where incriminating transactional data. User data, also called and exculpatory evidence of crime would be content, is the information that is under di- found. rect control of the user, such as the words The Fifth Amendment addresses, typed into a file or words said during a tele- among other things, issues related to phone conversation. Transactional data, also self-incriminating testimony and says, in called non-content, is the metadata needed by part, "No person... shall be compelled in any an entity such as a communications carrier, criminal case to be a witness against himself" file system, or operating system to actually (U.S. Const. amend. V). This concept was control or manage the data flow. The dis- novel at the time because the prevailing tinction between user content and metadata jurisprudence in the 1700s was that a suspect is consistent with the established legal doc- was guilty until proven innocent. The U.S. trines regarding the privacy of content and system of criminal justice is based upon the the sharing of date under the third-party doc- notion that a defendant is innocent until trine. By refusing to include content in the proven guilty and the state has the burden electronic surveillance data, the traditional of proving guilt beyond a reasonable doubt. Katz doctrine is being followed. Similarly, al- In this way, the Fifth Amendment can be lowing metadata to be included in electronic seen as protecting against a person having to surveillance comports with the third-party "give" evidence. Not forcing a defendant to doctrine. testify is a way of implementing this precept; The third-party doctrine emanated from a criminal suspect does not have to speak Smith v. Maryland (1979). In this case, and not speaking is not an implication of Smith stole a woman’s purse. A few days guilt. later, the woman started to receive harass- Fisher v. U.S. (1976) introduced two rele- ing phone calls. Following the procedures of vant clarifications to Fifth Amendment pro- the ECPA, police placed a trap and trace tections, namely the Act of Production Doc- device on her line to determine the numbers trine and the Foregone Conclusion Doctrine. calling the woman; this process linked calls The Act of Production Doctrine says that a to Smith’s number. Again, following ECPA compelled act is testimonial when the act as- provisions, police placed a pen register on serts information – i.e., the contents of one’s Smith’s line, showing that he was calling the mind – with some aspect of communication. woman. Smith was arrested, tried, and con- In this case, the Court observed that doing victed. He appealed the conviction by assert- something can convey information the same

c 2020 JDFSL Page 7 JDFSL V15N3 Cryptography

as saying something. Thus, if a teacher asks The Foregone Conclusion Doctrine says a group of students to raise their hands if that compelling a person to produce informa- they read a certain paper, the act of raising tion under certain circumstances is not tes- the hand is testimonial since it conveys infor- timonial if the state already, independently mation that is in the students’ heads. Courts knows that the person has the information. have, therefore, come to interpret the Fifth So, as an example, if the state compels a per- Amendment as protecting both forms of com- son to open a safe by using a combination, pulsion, namely, testimony and production. the act of entering the correct combination is It is important to note that knowing a not incriminating testimony that the person password and knowing the contents of an knows the combination if the state can show encrypted device are two different things. It that it had authentic, a priori knowledge is often the case people besides the owner of that the person knew the combination. The a device may know or be aware of the code elements of the Forgone Conclusion Doctrine needed to unlock the device; family members are met when: and friends, for example, often exchange or share this information for myriad reasons. 1. The state has knowledge of the exis- Therefore, knowledge of a password is not a tence in some specified location of the valid test that the person actually knows the demanded evidence (reasonable particu- contents and, therefore, is not in and of itself larity) incriminating. 2. The person is known to have possessed The Act of Production Doctrine considers or controlled the evidence a person’s communication implicit in the act, not what communications may result from 3. The evidence is authentic the act. How incriminating the production may be, or what the computer does when a The Foregone Conclusion Doctrine has two person unlocks is, does not change the testi- elements that apply more to the access to and mony implicit in the act of unlocking it. In acceptance of physical documents than to dig- re Search Warrant Application (2017) notes ital passwords. Reasonable particularity, the that use of biometry to access a device does first such element, is a level of specificity that not gain testimonial significance based on does not really apply to passwords; the state the information revealed; such an argument is seeking a single password with which to ac- "...relies on conflating what it means for an cess a single device (Commonwealth v. Jones, act to be inherently testimonial versus an act 2019; Kerr, 2018; U.S. v. Spencer, 2018). yielding an incriminating result" (Section II, The other element, authenticity, should not para. 11). In a sense, the passcode is akin to be an issue with passwords since they are a fingerprint or a physical key; it can be used self-authenticating; if the password works, it to open the device to further exploration, but is clearly authentic (Commonwealth v. Gelf- neither the code nor the fingerprint nor the gatt, 2014; In the Matter of the Search, 2018; physical key creates any information to be State of Florida v. Stahl, 2016). decrypted; the information either exists or it Doe v. U.S. (1988) provides additional in- doesn’t irrespective of the unlocking of the sight into when Fifth Amendment protections device. Thinking of the issue in this regard attach. According to Doe, "...an accused’s overcomes the dichotomy of being able to communication must itself, explicitly or im- use a fingerprint to unlock a device, but not plicitly, relate a factual assertion or disclose obtain a passcode. information" (Doe, para. 3) in order to be

Page 8 c 2020 JDFSL Cryptography JDFSL V15N3

considered testimonial. Thus, Fifth Amend- ruled that if an individual produces such doc- ment privileges can only be invoked when uments pursuant to a grant of immunity, the these three elements apply: government may not use them to pursue ad- ditional criminal charges against that person. 1. Compulsion 2. Testimonial communication or act 4. PRIVACY V. THE 3. Incrimination NEEDS OF THE STATE

Without these components, there is no The evolution and widespread availability of Fifth Amendment issue. Per Doe (1988), strong cryptography made it inevitable that "If a compelled statement is ’not testimonial an individual’s expectation of privacy would and for that reason not protected by the priv- be on a collision course with the legitimate ilege, it cannot become so because it will needs of the state to execute a valid search lead to incriminating evidence’" (footnote 6). warrant. This relates to the question about whether 4.1 Compelling an Individual’s providing a passcode is testimonial. If the ini- tial compelled communication is testimonial, Password then any derivative evidence would be inad- Since the early days of PGP, everyone from missible; if, however, such information is not pundits and researchers to legal scholars and testimonial, then any derivative information technocrats have wondered, "What happens would be properly admitted into evidence. if law enforcement issues a search warrant U.S. v. Hubbell (2000) further clarifies for an encrypted device and the user chooses the limits of the Fifth Amendment. As part not to comply?" It took more than 15 years of a plea agreement, Hubbell agreed to pro- for a court case to address this question vide certain documents relevant to a govern- (Nakashima, 2008). ment investigation. After the government is- U.S. v. Boucher (2007, 2009) is the first sued a subpoena to Hubbell to produce those known case in the U.S. involving an en- documents, he asserted his Fifth Amend- crypted computer and the question of self- ment privilege against self-incrimination be- incrimination. Boucher, a Canadian citizen, fore a Grand Jury. The prosecutor obtained was stopped at a U.S. border crossing in Ver- a court order for the documents and of- mont. Upon examination, images of child fered immunity to Hubbell who, in turn, pro- pornography were found on his computer, vided the documents, thus was in compli- which was encrypted using PGP Desktop ance with the original plea bargain. The gov- software. The computer was powered down ernment then used the documents to indict upon seizure and was unable to be further ex- Hubbell for additional crimes. The Supreme amined by law enforcement (Cohen & Park, Court dismissed the indictment, observing 2018; Nakashima, 2008; Sacharoff, 2018). Po- that the Fifth Amendment privilege against lice then asked a judge to compel Boucher to self-incrimination protects an individual from provide the password. In 2007, a U.S. Magis- being compelled to disclose the existence trate Judge ruled that compelling a password of, much less produce, incriminating doc- violated Boucher’s Fifth Amendment protec- uments of which the prosecution has no a tions against self-incrimination. Upon the priori knowledge, thus is unable to describe government’s appeal in 2009, a U.S. District with reasonable particularity. The Court also Judge ordered Boucher to supply police with

c 2020 JDFSL Page 9 JDFSL V15N3 Cryptography

an unencrypted version of the hard drive. At of that act, the Government knew of the ex- that point, Boucher accepted a plea agree- istence and location of the hard drive and its ment, was sentenced to three years in prison, files. Compelling Boucher to provide access and then subsequently deported. to the unencrypted drive did not add to the During public discourse of the various sum total of the Government’s information Boucher rulings, many physical world analo- about the presence of possibly incriminat- gies were made to this cyber world case. Most ing files (Kerr, 2019; Sacharoff, 2018; U.S. v. notably, the password was the same as a key Boucher, 2009). to a locked room; providing the key is not In addition, Boucher’s act of producing incriminating even if the contents of the room an unencrypted version of the drive was not are. But, in light of the Act of Production needed to authenticate it since he had already Doctrine, is revealing the key’s location tes- admitted to possession of the computer and timonial? One can be compelled to give a provided the Government access to the drive. fingerprint, cheek swab, hair sample, blood, Since the Government could link Boucher or other DNA; why not a password? But, with the files on his computer without mak- perhaps a more fundamental question: Did ing use of his production of an unencrypted the framers of the Constitution in 1878 ever version of the drive and stated that it would conceive of a Fourth Amendment container not use his act of production as evidence of that could not somehow be opened by physi- authentication, there was no violation of his cal means? Fifth Amendment privileges (Kerr, 2018; U.S. When applying for search warrants for v. Boucher, 2009). physical documents, the government needs to The Boucher case did not provide guidance meet the constitutional threshold of proba- necessarily followed by other courts. In a ble cause, i.e., that there is a fair probability similar case five years later in Massachusetts, that a search will result in evidence of a crime suspect Gelfgatt was charged with multiple being discovered (U.S. Const. amend. IV). counts of forgery. Relevant evidence was The government must also, as specific as is known to be on his computers. Prior to possible, describe the place to be searched, trial, a motion to compel Gelfgatt to "...en- and the persons or things to be seized. The ter his password into encryption software" standard for searching for data on a digital was denied by a Superior Court judge, who device should not be higher. The standard referred the point of law to the Supreme Ju- for compelling the production of a password dicial Court (SJC). The SJC reversed the does not have to do with the eventual re- denial, arguing that the motion violated nei- covery of evidence. Rather, as some courts ther the Fifth Amendment nor Article 12 of have held, the proper question is whether Massachusetts Declaration of Rights since the government can demonstrate that it is a the compelled decryption would not commu- foregone conclusion that the defendant can nicate facts of a testimonial nature beyond decrypt the device (Kerr, 2018, 2019; U.S. v. what Gelfgatt had already admitted to inves- Apple MacPro Computer, 2017). tigators (Commonwealth v. Gelfgatt, 2014). The Foregone Conclusion Doctrine was sig- Yet, five years after that, the state issued nificant in the Boucher Order. Boucher ac- a Gelfgatt order for Jones – indicted for sex cessed his laptop at the Immigration and trafficking – to "provide... in writing... the Customs Enforcement (ICE) agent’s request PIN code" to a mobile phone (Commonwealth at the border, where the agent ascertained v. Jones, 2019). But entering and revealing the presence of child pornography. Because a password are different things, and revealing

Page 10 c 2020 JDFSL Cryptography JDFSL V15N3

the password is not supported by Gelfgatt. the State did not show "reasonable particu- Once the Commonwealth changed the request larity." to entering the password, the order was up- Given that two Florida appellate courts held due to the Foregone Conclusion Doctrine have made different rulings, this question (Kerr, 2019). will likely go to the Florida Supreme Court Requiring the disclosure of a password at some point. The Court in G.A.Q.L. can be compared to the required disclosure openly disagreed with Florida’s Second Dis- of a private document, which may have trict Court of Appeal and cited a U.S. 11th some Fifth Amendment protection. The re- Circuit Court of Appeals case that found that quired oral disclosure of a password is often the privilege against compelled decryption ap- equated to incriminating testimony which is plies unless the government can describe the proscribed by the Fifth Amendment (Kerr, incriminating files that are on the device with 2019). reasonable particularity (In Re Grand Jury Subpoena, 2012). Inconsistencies in rulings have appeared There are other cases that have resulted within states and between federal courts. in conflicting decisions, showing that there is Two cases in Florida provide a classic ex- no clear precedent, among them: ample. In State of Florida v. Stahl (2016), Stahl was arrested for video voyeurism (in 1. U.S. v. Fricosu (2012): Citing the All this case, taking upskirt photos) in Sarasota. Writs Act, ordered the defendant to sup- Stahl gave consent for the search of his mobile ply an unencrypted copy of an encrypted phone, confirmed the phone number, and pro- hard drive for which the Government vided police with the location of the phone – had a search warrant. and then withdrew consent. The State’s mo- tion to compel Stahl to provide the password 2. U.S. v. Apple MacPro Computer (2017): to police officers was denied by the trial judge, Found that compelled decryption did yet Florida’s Second District appellate court not violate prior decisional law and did quashed the trial judge’s order, allowing the not violate Fifth Amendment privilege State to compel the password (Kerr, 2019). against self-incrimination. In 2018, G.A.Q.L., a 17-year-old, was an 3. U.S. v. Spencer (2018): Held that the inebriated driver in a high-speed collision in appropriate test to determine whether the southeastern part of the state, resulting the Foregone Conclusion Doctrine ap- in the death of a passenger in his vehicle plied was whether the government could (G.A.Q.L. v. State of Florida, 2018). The show that it was a foregone conclusion State made a motion to compel an iPhone that the defendant could decrypt the 7 and iTunes password pursuant to a search devices; if so, it allowed compelled de- warrant for the phone, for which they had cryption. credible belief that relevant evidence would be found. The trial court ordered the pass- 4. Seo v. State (2018): Found that ordering words to be provided, per Stahl. In this the defendant to unlock a mobile phone case, Florida’s Fourth District appellate court was a violation of Fifth Amendment quashed the trial judge’s order, protecting protections against self-incrimination, the password on Fifth Amendment grounds. largely because of the unlimited nature The appellate judges ruled that the Foregone of the search warrant and the fact that Conclusion Doctrine did not apply because the device is an intimate record of a

c 2020 JDFSL Page 11 JDFSL V15N3 Cryptography

person’s thoughts and actions. The rul- directed by any particular group (Schmidt & ing was upheld by the Indiana Supreme Pérez-Peña, 2015). Court in 2020 (Lee, 2020; Seo v. State, The FBI believed that access to the iPhone 2020). 5C found in the couple’s vehicle would ad- vance their investigation. As iPhone encryp- It seems that inconsistencies at the Federal tion has evolved, law enforcement has re- level (e.g., Boucher, in the U.S. 2nd Circuit, quested assistance from Apple many times to conflicts with In Re Grand Jury Subpoena, retrieve information so as to advance crim- decided in the U.S. 11th Circuit) suggest inal investigations. When Apple complied, that this issue has to eventually be adju- it employed existing capabilities to access dicated by the U.S. Supreme Court. One the devices (Cohen & Park, 2018; Sacharoff, could argue that the Supreme Court has al- 2018). ready missed one opportunity to address this In 2016, the Court issued an order requir- question. The defendant in Commonwealth v. ing a custom operating system be created and Jones (2019) filed a writ of certiorari with the installed by Apple without unlocking or oth- Court in 2019 (Reidy & Nathanson, 2019). erwise changing the data on the phone (In re The specific questions in the writ were: Apple AWA Order, 2016). What was new in Does the Fifth Amendment’s act of produc- this request was that Apple was asked to de- tion doctrine apply to compelled decryption? velop a new capability to break the advanced If so, what does the foregone conclusion ex- security features found in Apple’s devices. ception to the act of production doctrine re- The basis of the FBI’s request to Apple was quire the government to show before an order the All Writs Act of 1789 that allows the gov- to compel decryption can issue? (Reidy & ernment to issue all necessary and appropri- Nathanson, p. i) ate orders in the furtherance of their rightful Public defenders in Massachusetts filed an duties (In re Apple AWA Application, 2016). amicus curiae brief arguing that Fisher’s rul- Apple opposed the order on the grounds that ing regarding the Act of Production Doctrine it was unlawful and unconstitutional because should not be applied to compelled decryp- it essentially conscripted Apple into writing tion (Rangaviz, 2019). The Supreme Court hacking code for the government. Further, declined to hear the case as they denied cer- they argued that if the order was granted, tiorari (U.S. Supreme Court, 2019). it would undermine the security of all Apple 4.2 Product and Encryption devices and set a dangerous precedent for fu- ture cases (Cohen & Park, 2018; EPIC, n.d.a; Backdoors In re Apple Motion to Vacate, 2016). Subse- In December 2015, a mass shooting in San quently, the FBI found another way into the Bernardino, California resulted in 14 peo- phone and the matter was dropped (Blum, ple being killed and an additional 21 people 2018; Cardozo & Crocker, 2018). wounded. The shooters – a married couple In December 2019, conflicts between the – were both killed in a shootout with police. government and Apple resurfaced after a ter- According to FBI investigators, the couple rorist shooting at Naval Air Station Pensacola were lone operator terrorists; "homegrown (Florida). A member of the Saudi Arabian violent extremists" radicalized over several military in flight training at the air station, years of consuming "poison on the Internet" later found to have ties with al Qaeda, killed and inspired by foreign terrorist groups com- three people and wounded eight others with mitted to jihadism and martyrdom, yet not a handgun before being killed by responding

Page 12 c 2020 JDFSL Cryptography JDFSL V15N3

authorities. Law enforcement wanted to gain social media platforms would exist as they access to two of the assailant’s phones, an do today (for good or for bad). iPhone 5 and iPhone 7. Attorney General The EARN IT Act would remove Section William Barr requested Apple’s assistance 230 immunity unless social media and other in unlocking the phones and Apple, as in content-hosting platforms comply with a set the past, refused the government’s request. of guidelines that would be created by an A.G. Barr was very public in his displeasure unelected National Commission and could be that Apple would not assist in this case while changed unilaterally at the whim of the U.S. Apple made it clear that they had assisted Attorney General. Furthermore, these guide- the government in substantive ways, includ- lines are not laws or rules that go through ing responding rapidly to their requests and any legislative or formal rulemaking process, turning over several terabytes of data; Apple although compliance with them provides im- merely would not unlock the phones (Feiner, munity to the provider (Pfefferkorn, 2020). 2020; Lucas, 2020). Eventually, the FBI was Clearly, this approach provides a way to able to break into the phones and although incent – or coerce – platforms to do what they opined that Apple’s assistance earlier on the Government wants them to do (Cope, would have been helpful, they did not address Mackey, & Crocker, 2020). what new type of information was recovered A threat to the use of end-to-end encryp- (Brewster, 2020). tion is not explicit in the EARN IT Act; in In early 2020, the U.S. Senate introduced fact, the only mention of the word "cryptog- the Eliminating Abusive and Rampant Ne- raphy" is to require that two members of glect of Interactive Technologies (EARN IT) the National Commission be knowledgeable Act of 2020. While the umbrella mission "To about the subject (S.3398, 2020). But the establish a National Commission on Online potential is there for the commission to de- Child Sexual Exploitation Prevention..." is cide to limit the immunity of a platform that noble, the Trump Administration’s publicly employs end-to-end encryption (Pfefferkorn, stated rationale is because child predators 2020). It might also require content providers use virtually unbreakable encryption (S.3398, to examine the content being posted, which 2020). Of course, so do terrorists and crimi- would not only bypass the use of encryption nals, as well as journalists, political activists, but would also make the content provider victims of domestic abuse, and other ordinary an agent of the state without a search war- citizens. While the EARN IT Act does not rant (Cope et al., 2020). At the time of this specifically address encryption, it provides a paper’s submission, the bill is under consid- clear path for the government to force con- eration by the Senate (Ng, 2020). tent platforms to eliminate its use (Newman, 2020; Pfefferkorn, 2020). Section 230 of the Communications De- 5. CONCLUSION cency Act (CDA) holds Internet social media Even before the shooting in Pensacola, the services, such as Facebook and Twitter, im- Apple-FBI conflict had re-energized the de- mune from liability for the content on their bate about the government’s need and ability unmoderated platforms. Thus, if Party A de- to get past strong encryption. Once again, fames Party B on Facebook or Twitter, Party discussion started about requiring manufac- B can sue Party A but cannot sue Facebook turers to install backdoors in all encryption or Twitter (47 U.S. Code §?230, 1996). With- products or on ways to ban end-to-end en- out Section 230 protections, it is unlikely that cryption. While this is an idea that might

c 2020 JDFSL Page 13 JDFSL V15N3 Cryptography

sound good on paper – as it did two decades ple: Imagine a trusted, black box cryptosys- earlier – it is impossible to implement cryp- tem that generates PKC key pairs. Presum- tographic backdoors without weakening the ably, the private key cannot be derived from overall security of any product (Abelson et the widely-distributed public key. Suppose al., 2015). Many practical issues crop up, as that a trapdoor function – called a Secretly well, including (Claburn, 2019): Embedded Trapdoor with Universal Protec- tion (SETUP) – is embedded into the cryp- 1. Who determines who the Good Guys are tosystem that allowed an attacker to access that get access to the backdoor features? or derive the private key from the public key by weakening the key generation pro- 2. How would use of the backdoor be con- cess (Esslinger, 2013; Young & Yung, 1996, trolled? 1997). For a practical application of klep- 3. How would access to the backdoor ever tography, consider Edwards Snowden’s rev- be rescinded? elation in 2013 that the NSA deliberately weakened NIST pseudo-random number gen- But is this not the same idea that the gov- erator (PRNG) standards, the methods at ernment posed – and the marketplace rejected the very heart of generating secret keys and – in the 1990s with Capstone (IEEE, 2018; public key pairs (Zetter, 2013). Stepanovich & Karanicolas, 2018; Young & This paper poses several questions about Yung, 1996)? And, yet, it seems to remain reconciling personal privacy with the legiti- an attractive idea to governments; as recently mate needs of the state to conduct investiga- as June 2019, senior members of the Trump tions. This paper is not intended to answer administration were exploring potential leg- those questions but to inform the debate. islation to crack down on end-to-end encryp- Other related questions might include: tion (Abel, 2019; Claburn, 2019). Indeed, U.S. Attorney General William Barr and offi- 1. Were any of us – as citizens and con- cials in Australia and the U.K. have warned sumers – ever asked what we wanted, in high-tech companies that continued use of terms of strong encryption? strong end-to-end encryption could result in stronger regulations and laws limiting such 2. Is the need for an individual’s personal use ("Attorney General", 2019). Interest- privacy superior to the State’s need to ingly, the European Union Agency for Cy- investigate crimes? bersecurity (ENISA) and Europol released 3. Do we alter the government’s duty to a joint statement in 2016 calling for mecha- provide security with the implementa- nisms to circumvent commercial encryption tion of processes that could block tools methods although they acknowledged that used to reach that objective? weakened cryptography was not the correct forward path ("On lawful", 2016). 4. Is the subjective expectation of privacy A cryptographic backdoor is a slight vari- when using encryption so absolute that it ant on kleptography, the "...study of steal- meets the "objectively reasonable" test? ing information securely and subliminally" In particular, does society agree? (Young & Yung, 1997, p. 63). Unlike a backdoor that weakens a crypto algorithm, 5. How did we manage for the last 230 years kleptography refers to an attack on a cryp- without this level of protection from the tosystem from within. Consider this exam- State?

Page 14 c 2020 JDFSL Cryptography JDFSL V15N3

6. Who gave Apple, Google, et al. the right 2. Abel, R. (2019, July 1). Cellebrite to have unilaterally made the decision Claims it Can Crack any iPhone or about use of strong cryptography with- Android, Trump Admins Weigh out an informed debate? Encryption Ban. SC Maga- zine. Retrieved from https:// 7. How do we resolve conflicts between the www.scmagazine.com/encryption- protections of two amendments? data-security/isreali-data-extraction- firm-cellebrite-announced-the-ability- The evolution of technology has always to-break-into-any-iphone-or-android- moved faster than the legislative process and device-for-law-enforcement-agencies-as- the fact that both use a different vernacular feds-weigh-banning-tough-encryption/ does not help in the mutual understanding necessary for the implementation of good 3. Abelson, H., Anderson, R., Bellovin, laws and regulations (Kessler, 1999). Society, S.M., Benaloh, J., Blaze, M., Diffie, however, cannot address these questions if W., Gilmore, J., Green, M., Landau, we are not having the discussion. We cannot S., Neumann, P.G., Rivest, R.L., move forward toward any type of solution if Schiller, J.I., Schneier, B., Specter, the various stakeholders continue to hold on M., & Weitzner, D.J. (2015, July 6). to decades-old arguments; our way of think- Keys Under Doormats: Mandating ing about this topic must evolve since neither Insecurity by Requiring Government technology nor the law can afford to stand Access to All Data and Communica- still. tions. MIT Computer Science and In June 2020, the Lawful Access to En- Artificial Intelligence Laboratory crypted Data (LAED) Act was introduced in Technical Report (MIT-CSAIL-TR- the U.S. Senate (Bradbury, 2020; Committee 2015-026). Retrieved from https:// on the Judiciary, 2020; Franceschi-Bicchierai, dspace.mit.edu/bitstream/handle/1721.1 2020; S.4051, 2020). Legislators are again /97690/MIT-CSAIL-TR-2015-026.pdf insisting that technology companies insert cryptographic backdoors into their products 4. Apple Inc. (2003, June 23). Ap- and requires similar backdoors in any plat- ple Previews Mac OS X "Panther." form supporting end-to-end encryption, so Press release. Retrieved from https:// that they can comply with search warrants. www.apple.com/newsroom/2003/06/23 The debate continues. Apple-Previews-Mac-OS-X-Panther/

5. Apple Inc. (2018, November 30). Use 6. REFERENCES FileVault to Encrypt the Startup Disk 1. 47 U.S. Code §230. Protection for on Your Mac. Retrieved from https:// private blocking and screening of support.apple.com/en-us/HT204837 offensive material. (1996, February). U.S. Code, Title 47. Telecommuni- 6. Armerding, T. (2017, March 8). Comey: cations, Chapter 5. Wire or Radio Strong Encryption "Shatters" Privacy- Communication, Subchapter II. Com- Security Bargain. CSO. Retrieved from mon Carriers, Part I. Common Carrier https://www.csoonline.com/article/ Regulation. Retrieved from https:// 3178299/comey-strong-encryption- www.law.cornell.edu/uscode/text/47/230 shatters-privacy-security-bargain.html

c 2020 JDFSL Page 15 JDFSL V15N3 Cryptography

7. Attorney General William P. Barr Case, But the War With Apple Goes Delivers Keynote Address at the On. Forbes. Retrieved from https:// International Conference on Cyber www.forbes.com/sites/thomasbrewster/ Security. (2019, July 23). Remarks as 2020/05/18/feds-hack-iphones-in- prepared for delivery, U.S. Department pensacola-case-apple-not-needed-after- of Justice. Retrieved from https:// all/#1f50e57575e9 www.justice.gov/opa/speech/ attorney- general-william-p-barr-delivers-keynote- 13. Cardozo, N., & Crocker, A. (2018, address-international-conference-cyber April 2). The FBI Could Have Gotten Into the San Bernardino 8. Blaze, M. (1994, August 20). Protocol Shooter’s iPhone, But Leadership Failure in the Escrowed Encryp- Didn’t Say That. Electronic Frontier tion Standard. In Proceedings of Foundation. Retrieved from https:/ the 2nd ACM Conference on Com- /www.eff.org/deeplinks/2018/04/fbi- puter and Communications Security, could-have-gotten-san-bernardino- pp. 59–67. Retrieved from http:// shooters-iphone-leadership-didnt-say www.mattblaze.org/papers/eesproto.pdf 14. Claburn, T. (2019, December 10). 9. Blaze, M., Diffie, W., Rivest, R.L., Americans Should Have Strong Privacy- Schneier, B., Shimomura, T., Thomp- Protecting Encryption... That the Feds son, E., & Wiener, M. (1996, January). and Cops can Break, say Senators. Minimal Key Lengths for Symmetric The Register. Retrieved from https:/ Ciphers to Provide Adequate Commer- /www.theregister.co.uk/2019/12/10/ cial Security: A Report by an Ad Hoc us_congress_encryption_backdoor Group of Cryptographers and Com- _hearings/ puter Scientists. Retrieved from https:// 15. Clinton, B. (1996, November 15). Ex- www.schneier.com/academic/paperfiles/ ecutive Order (EO) 13026: Adminis- paper-keylength.pdf tration of Export Controls on Encryp- tion Products. Homeland Security Dig- 10. Blum, S. (2018, October 25). Ap- ital Library. Retrieved from https:// ple Just Made Its Phones Impossi- www.hsdl.org /?abstract&did=799501 ble For Police to Hack. Popular Mechanics. Retrieved from https:// 16. Cohen, A., & Park, S. (2018, Fall). www.popularmechanics.com/ technolo- Compelled Decryption and the gy/security /a24219241/apple-greykey- Fifth Amendment: Exploring the ios12-police-hacking/ Technical Boundaries. Harvard Jour- nal of Law & Technology, 32 (1), 11. Bradbury, D. (2020, July 8). LAED 169-234. Retrieved from https:// Act Poses Direct Threat to End-to- jolt.law.harvard.edu/assets/articlePDFs/ End Encryption. infosecurity. Re- v32/32HarvJLTech169.pdf trieved from https://www.infosecurity- magazine.com/infosec/laed-act-threat- 17. Commonwealth v. Gelfgatt (468 encryption/ Mass 512, 2014). Retrieved from https://law.justia.com/cases 12. Brewster, T. (2020, May 19). FBI Hacks /massachusetts/supreme- iPhones in Pensacola Terrorist Shooting court/2014/sjc-11358.html

Page 16 c 2020 JDFSL Cryptography JDFSL V15N3

18. Commonwealth v. Jones (Mass 26. Electronic Privacy Information Cen- SJC-12564, 481 Mass. 540, 552 ter (EPIC). (n.d.b). The Clip- n.14, 2019). Retrieved from https:// per Chip. Retrieved from https:// cases.justia.com/massachusetts/supreme- www.epic.org/crypto/clipper/ court/2019-sjc-12564.pdf 27. Esslinger, B. (2013, February 20). The 19. Cope, S., Mackey, A., & Crocker, A. Dark Side of Cryptography: Kleptog- (2020, March 31). The EARN IT Act Vi- raphy in Black-Box Implementations olates the Constitution. Electronic Fron- (P. Vacek, Trans.). Info Security. Re- tier Foundation. Retrieved from https:/ trieved from https://www.infosecurity- /www.eff.org/deeplinks/2020/03/earn- magazine.com/magazine-features/the- it-act-violates-constitution dark-side-of-cryptography- kleptography-in/ 20. Crypto Museum. (2018, November 25). Clipper Chip. Retrieved from https:// 28. Feiner, L. (2020, January 14). Apple www.cryptomuseum.com /crypto/usa/- Refuses Government’s Request to clipper.htm Unlock Pensacola Shooting Suspect’s iPhones. CNBC. Retrieved from https:/ 21. Diffie, W., & Hellman, M.E. (1976, /www.cnbc.com/2020/01/14/apple- November). New Directions in refuses-barr-request-to-unlock- Cryptography. IEEE Transactions pensacola-shooters-iphones.html on Information Theory, IT-22 (6), 29. Fisher v. U.S. (425 U.S. 391, Case No. 644-654. Retrieved from https:// 74-18, 1976). Retrieved from https:/ ee.stanford.edu/∼hellman/publications/ /caselaw.findlaw.com/us-supreme- 24.pdf court/425/391.html and https:// supreme.justia.com/cases/federal/us/ 22. Doe v. U.S. (487 U.S. 201, 210, 425/391/ 1988). Retrieved from https:// supreme.justia.com/cases/federal/us/487 30. Franceschi-Bicchierai, L. (2020, June 24). /201/ Republicans Who Don’t Understand Encryption Introduce Bill to Break It. 23. Electronic Communications Privacy Motherboard. Retrieved from https:// Act (ECPA) of 1986 (18 U.S.C. §§ www.vice.com/en_us/article/y3z3z7/ 2510-2523). Retrieved from https:// republican-encryption-bill-privacy- it.ojp.gov/PrivacyLiberty/authorities/ signal statutes/1285 31. G.A.Q.L. v. State of Florida (Case 24. Electronic Frontier Foundation. (1998). No. 4D18-1811, Fla 4th DCA, Cracking DES: Secrets of Encryption Re- 2018). Retrieved from https:// search, Wiretap Politics & Chip Design. www.documentcloud.org/documents/ Sebastopol, CA: O’Reilly & Associates. 5021228-181811-1704-10242018- 09282906-I.html 25. Electronic Privacy Information Cen- ter (EPIC). (n.d.a). Apple v. FBI. 32. Committee on the Judiciary. (2020, Retrieved from https://epic.org /ami- June 23). Graham, Cotton, Black- cus/crypto/apple/ burn Introduce Balanced Solution

c 2020 JDFSL Page 17 JDFSL V15N3 Cryptography

to Bolster National Security, End 39. In re Search Warrant Application Use of Warrant-Proof Encryption (279 F. Supp. 3d 800, 805–06, That Shields Criminal Activity. U.S. N.D. Ill. 2017). Retrieved from Senate. Retrieved from https:// https://www.leagle.com/decision/ www.judiciary.senate.gov/press/rep/ infdco20171011995 releases/graham-cotton-blackburn- introduce-balanced-solution-to-bolster- 40. In the Matter of the Search of a Resi- national-security-end-use-of-warrant- dence in Aptos, California 95003. (Case proof-encryption-that-shields-criminal- No. 17-mj-70656-JSC-1, 2018 WL activity 1400401, N.D. Cal, 2018). Retrieved from https://www.leagle.com/decision 33. Haufler, H. (2003). Codebreakers’ Vic- /infdco20180321a43 tory: How the Allied Cryptographers Won World War II. New York: New 41. Kahn, D. (1996). The Codebreakers: American Library. The Comprehensive History of Secret Communication from Ancient Times to 34. IEEE. (2018, June 24). In Sup- the Internet, revised ed. New York: port of Strong Encryption. IEEE Scribner. Position Statement. Retrieved 42. Katz v. U.S. (389 U.S. 347, 88 from http://globalpolicy.ieee.org/wp- S.Ct. 507, 19 L.Ed. 2d 576, content/uploads/2018/06/IEEE18006.pdf 1967). Retrieved from https:// 35. In re Apple AWA Application. (ED supreme.justia.com/cases/federal/us/ No. 15-0451M, C.D. Cal, 2016). 389/347/case.html Retrieved from https://epic.org 43. Kerckhoffs, A. (1883a, January). La /amicus/crypto/apple/In-re-Apple- Cryptographie Militaire. Journal des FBI-AWA-Application.pdf sciences militaires, 9, 5-38.

36. In re Apple AWA Order. (No. ED 44. Kerckhoffs, A. (1883b, February). La 15-0451M, C.D. Cal, 2016). Re- Cryptographie Militaire. Journal des trieved from https://epic.org/amicus sciences militaires, 9, 161-191. /crypto/apple/In-re-Apple-AWA- Order.pdf 45. Kerr, O. (2018, April 29). Suspect Can Be Compelled to Decrypt Devices If 37. In re Apple Motion to Vacate. (ED Government Proves He Has The Abil- No. CM 16-10 (SP), C.D. Cal, ity To Do So, Court Rules. The Volokh 2016). Retrieved from https:// Conspiracy. Retrieved from https:/ epic.org/amicus/crypto/apple/In-re- /reason.com /2018/04/29/suspect-can- Apple-Motion-to-Vacate.pdf be-compelled-to-decrypt-devi

38. In Re Grand Jury Subpoena. 46. Kerr, O.S. (2019, March). Com- (670 F.3rd 1335, 11th Cir. pelled Decryption and the Privilege 2012). Retrieved from https:// Against Self-Incrimination. Texas Law www.courtlistener.com/opinion/624132/ Review, 97 (4), 767-799. Retrieved in-re-grand-jury-subpoena-duces- from https://texaslawreview.org/wp- tecum/ content/uploads/2019/03/Kerr.V97.4.pdf

Page 18 c 2020 JDFSL Cryptography JDFSL V15N3

47. Kessler, G.C. (1999, September). 54. Meeks, B.N. (1994, September 1). Catch My Drift? Can You Define Clipping Clipper: Matt Blaze. "Digital Signature" in Non-Technical WIRED. Retrieved from https:// Terms? The Future of E-Commerce www.wired.com/1994/09/clipping- Law May Depend on it. Information clipper-matt-blaze/ Security Magazine. Retrieved from https://www.garykessler.net/library/ 55. Miller, J. (2014, September 19). Google is_language.html and Apple to Introduce Default Encryp- tion. BBC News. Retrieved from https:/ 48. Kessler, G.C. (2020, June 1). /www.bbc.com/news/technology- An Overview of Cryptogra- 29276955 phy. Retrieved from https:// 56. Nakashima, E. (2008, January 16). In www.garykessler.net/library/crypto.html Child Porn Case, a Digital Dilemma. 49. Lee, T.B. (2020, June 24). It’s Washington Post. Retrieved from Unconstitutional For Cops to http://www.washingtonpost.com/wp- Force Phone Unlocking, Court dyn/content/article/2008/01/15 Rules. Ars Technica. Retrieved /AR2008011503663.html from https://arstechnica.com/tech- 57. National Institute of Standards & policy/2020/06/indiana-supreme-court- Technology (NIST). (2018, October 10). its-unconstitutional-to-force-phone- Cryptographic Standards and Guidelines: unlocking/ AES Development. Information Tech- nology Laboratory, Computer Security 50. Levy, S. (1999, April). The Open Resource Center. Retrieved from https:/ Secret. WIRED Magazine, 7 (??). /csrc.nist.gov/projects/cryptographic- Retrieved from http://www.wired.com standards-and-guidelines/archived- /wired/archive/7.04/crypto.html crypto-projects/aes-development

51. Levy, S. (2001). Crypto: How the Code 58. Newman, L.H. (2020, March 5). The Rebels Beat the Government - Saving EARN IT Act is a Sneak Attack on Privacy in the Digital Age. New York: Encryption. WIRED. Retrieved from Viking Press. https://www.wired.com/story/earn-it- act-sneak-attack-on-encryption/ 52. Lucas, S. (2020, January 13). Apple Said it is Helping in the Pensacola 59. Ng, A. (2020, July 2). Why Your Shooting Investigation, But it Won’t Privacy Could be Threatened by a Bill Unlock the Shooter’s iPhone. Buz- to Protect Children. CNET. Retrieved zFeed News. Retrieved from https:/ from https://www.cnet.com/news/why- /www.buzzfeednews.com/article/ your-privacy-could-be-threatened-by-a- scottlucas/william-barr-apple-request- bill-to-protect-children/ unlock-iphones 60. Olmstead v. U.S. (277 U.S. 438, 53. Marks, L. (1998). Between Silk and 19 F. (2d) 842, 848, 850, affirmed, Cyanide: A Codemaker’s War, 1941- 1928). Retrieved from https:// 1945. New York: The Free Press (Simon www.law.cornell.edu/supremecourt/text/ & Schuster). 277/438

c 2020 JDFSL Page 19 JDFSL V15N3 Cryptography

61. On Lawful Criminal Investigation Dennis Jones, Petitioner v. Common- That Respects 21st Century Data wealth of Massachusetts, Respondent Protection. (2016, May 20). Eu- (No. 19-6275). Supreme Court of the ropol and ENISA Joint State- United States. Retrieved from http:/ ment. Retrieved from https:// /www.supremecourt.gov/DocketPDF/ www.enisa.europa.eu/publications/enisa- 19/19-6275/118752/20191010183703372 position-papers-and-opinions/on- _Jones%20Cert%20Petition%20Final.pdf lawful-criminal-investigation-that- respects-21st-century-data-protection 67. Rivest, R.L., Shamir, A., & Adleman, L. (1978, February). A Method for 62. OSXDaily. (n.d.). What is File- Obtaining Digital Signatures and Vault? FileVault for Mac Explained. Re- Public-Key Cryptosystems. Com- trieved from http://osxdaily.com /what- munications of the ACM, 21(2), is-filevault/ 120-126. Retrieved from https:// people.csail.mit.edu/rivest/Rsapaper.pdf 63. Painter, L. (2020, June 22). Complete List of Mac OS X & MacOS Versions. 68. S.3398. (2020, March 5). EARN Macworld. Retrieved from https:// IT Act of 2020: A Bill to Establish www.macworld.co.uk/feature/mac/mac- a National Commission on Online os-x-macos-version-code-names- Child Sexual Exploitation Preven- 3662757/ tion, and for other purposes. 116th 64. Pfefferkorn, R. (2020, January 30). Congress (2019-2020). Retrieved from The EARN IT Act: How to Ban https://www.congress.gov/bill/116th- End-to-End Encryption Without congress/senate-bill/3398/text Actually Banning it. The Center for Internet and Society at Stanford 69. S.4051. (2020, June 23). Lawful Access Law School. Retrieved from https:// to Encrypted Data Act. 116th Congress cyberlaw.stanford.edu/blog/2020/01/earn- (2019-2020). Retrieved from https:// it-act-how-ban-end-end-encryption- www.judiciary.senate.gov/download/ without-actually-banning-it s4051_-lawful-access-to-encrypted- data-act 65. Rangaviz, D.R. (2019, October 22). Brief Of Amicus Curiae Committee For 70. Sacharoff, L. (2018). Unlocking the Public Counsel Services In Support Fifth Amendment: Passwords and En- Of Petition For A Writ Of Certiorari: crypted Devices. Fordham Law Re- Dennis Jones, Petitioner, v. Common- view, 87 (1). Retrieved from https:// wealth Of Massachusetts, Respondent ir.lawnet.fordham.edu/flr/vol87/iss1/9 (No. 19-6275). Retrieved from http:// www.supremecourt.gov/DocketPDF/19/ 71. Schmidt, M.S., & Pérez-Peña, R. 19-6275/120068/20191024102615254 (2015, December 4). F.B.I. Treat- _Jones%20v.%20Massachusetts ing San Bernardino Attack as %20CPCS%20Amicus%20Brief.pdf Terrorism Case. The New York Times. Retrieved from https:// 66. Reidy, J.A., & Nathanson, D. (2019, Au- www.nytimes.com/2015/12/05/us/ gust 7). Petition for a Writ of Certiorari: tashfeen-malik-islamic-state.html

Page 20 c 2020 JDFSL Cryptography JDFSL V15N3

72. Schneier, B. (2004, October 6). 80. TrueCrypt. (2015, July 31). True- The Legacy of DES. Schneier on Crypt Version History. Retrieved Security. Retrieved from https:// from https://www.truecrypt71a.com www.schneier.com/blog/archives/2004/ /documentation/version-history/ 10/the_legacy_of_d.html 81. TrueCrypt Foundation. (2012, Febru- 73. Seo v. State (109 N.E.3d 418, 425– ary 7). TrueCrypt User’s Guide, ver- 31, Ind. Ct. App. 2018). Re- sion 7.1a. Retrieved from https:/ trieved from https://www.leagle.com /www.grc.com/misc/truecrypt/ True- /decision/ininco20180821261 Crypt%20User%20Guide.pdf 82. U.S. Const. amends. IV, V. 74. Seo v. State (Supreme Court Case No. 18S-CR-595, 2020). Re- 83. U.S. Department of Commerce. (2000, trieved from https://www.eff.org/files January 10). Revisions to Encryp- /2020/06/23/opinion_issued_reversed tion Items. Bureau of Export Ad- _and_rem.pdf ministration, 15 CFR Parts 734, 740, 742, 770, 772, and 774. Re- 75. Singh, S. (1999). The Code Book: The trieved from https://epic.org /crypto/- Evolution of Secrecy from Mary Queen export_controls/regs_1_00.html of Scots to Quantum Cryptography. New York: Doubleday. 84. U.S. Supreme Court. (2019, October 16). Petition for a Writ of Certiorari 76. Smith v. Maryland (442 U.S. 735, Related to Dennis Jones, Petitioner v. 1979). Retrieved from https:// Massachusetts (No. 19-6275). Retrieved supreme.justia.com/cases/federal/us from https://www.supremecourt.gov /442/735/ /search.aspx?filename=/docket/ docketfiles/html/public/19-6275.html 77. State of Florida v. Stahl (206 So. 3d 124, 136–37, Fla 2nd DCA, 2016). Retrieved 85. U.S. v. Apple MacPro Com- from https://www.leagle.com/decision/ puter (851 F.3d 238, 248 & n.7, inflco20161207102 3d Cir. 2017). Retrieved from https://www.leagle.com/decision/ 78. Stepanovich, A., & Karanicolas, infco20170320056 M. (2018, March 2). Why An Encryption Backdoor for Just 86. U.S. v. Boucher (2007 WL 4246473, the "Good Guys" Won’t Work. 2009). Retrieved from http:// Just Security. Retrieved from www.volokh.com/files/Boucher.pdf https://www.justsecurity.org/53316 87. U.S. v. Fricosu (841 F. Supp. 2d 1232, /criminalize-security-criminals-secure/ 1237, D. Colo. 2012). Retrieved from https://www.leagle.com/decision/ inad- 79. Sussman, V. (1995, March 26). Lost vfdco120925000244 in Kafka Territory. U.S. News & World Report. Retrieved from https:// 88. U.S. v. Hubbell (530 U.S. 27, web.archive.org/web/20130616165334/ 2000). Retrieved from https:// http://www.usnews.com/usnews/news/ supreme.justia.com/cases/federal/us/530 articles/950403/archive_010975.htm /27/

c 2020 JDFSL Page 21 JDFSL V15N3 Cryptography

89. U.S. v. Spencer (No. 17-CR-00259- Cryptography. In W. Fumy (Ed.), CRB-1, 2018 WL 1964588, N.D. Advances in Cryptology - EUROCRYPT Cal, 2018). Retrieved from https:// ’97: International Conference on the orinkerrblog.files.wordpress.com/2018/ Theory and Application of Cryptographic 04/usvspencer.pdf Techniques, Konstanz, Germany, May 11-15 (pp.62-74). New York: Springer- 90. Warren, S., & Brandeis, L. (1890, Verlag. Retrieved from https:// December 15). The Right to www.researchgate.net/publication/ Privacy. Harvard Law Review, 221348188_Kleptogra- 4, 193. Retrieved from http:// phy_Using_Cryptography_Against groups.csail.mit.edu/mac/classes/6.805/ _Cryptography articles/privacy/Pri- vacy_brand_warr2.html 95. Zetter, K. (2013, September 24). How a Crypto ’Backdoor’ Pitted 91. Written Testimony for the United the Tech World Against the NSA. States Senate Committee on the Wired Magazine. Retrieved from Judiciary on Smartphone Encryption https://www.wired.com/2013/09/nsa- and Public Safety. (2019, December backdoor/ 10). Manhattan District Attor- ney’s Office. Retrieved from https:/ 96. Zimmermann, P. (n.d.). Philip Zim- /www.manhattanda.org/written- mermann. Retrieved from https:// testimony-for-the-united-states- philzimmermann.com/EN/background/ senate-committee-on-the-judiciary- index.html on-smartphone-encryption-and-public- 97. Zimmermann, P. (1999). Why I safety/ Wrote PGP. Retrieved from https:// 92. Yardley, H.O. (1931). The American www.philzimmermann.com/EN/essays/ Black Chamber. Indianapolis: The WhyIWrotePGP.html Bobbs-Merrill Company. 98. Zimmermann, P. (2001, June 5). PGP Marks its 10th An- 93. Young, A., & Yung, M. (1996). The niversary. Retrieved from http:// Dark Side of Black-Box Cryptogra- www.philzimmermann.com/EN/news/ phy, or: Should We Trust Capstone? PGP_10thAnniversary.html In N. Koblitz (Ed.), Advances in Cryptology – CRYPTO ’96: 16th Annual International Cryptology Con- ference, Santa Barbara, California, August 18–22 (pp.89-103). New York: Springer. Retrieved from https:/ /www.researchgate.net/publication/ 225139661_The_Dark_Side_of_Black- Box_Cryptography_or_Should_We _Trust_Capstone

94. Young, A., & Yung, M. (1997). Klep- tography: Using Cryptography Against

Page 22 c 2020 JDFSL Cryptography JDFSL V15N3

Privacy issues and the law Timeline Issues and events 2600 BCE Writing appears 1900 BCE Secret writing appears U.S. Constitution ratified 1789 Bill of Rights ratified 1791 "The Right to Privacy" 1890 1914-1918 Cryptography in WW I Olmstead v. U.S. 1928 1939-1945 Cryptography in WW II 1948 Cryptography classified as a munition Katz v. U.S. 1967 1969 Advanced Research Projects Agency Network (ARPANET) Fisher v. U.S. 1976 PKC concept described 1977 DES released 1978 RSA described Smith v. Maryland 1979 1985 National Science Foundation Network (NSFNET) Electronic Communications Privacy Act 1986 Doe v. U.S. 1988 1991 PGP released on the Internet Commercialization of the Internet 1993 FBI starts Zimmermann investigation Capstone program proposed 1995 Zimmermann receives EFF Pioneer Award SSL introduced 1996 FBI closes Zimmermann investigation Capstone project dead EO 13026 released Blaze et al.: "56-bit keys are dead" 1997 NIST starts AES process "Kleptography" defined 1998 EFF Deep Crack chip: "DES is dead" U.S. v. Hubbell 2000 Commerce Dept. reclassifies cryptography 2001 AES adopted 2003 FileVault (home directory) released 2004 TrueCrypt and plausible deniability released U.S. v. Boucher 2009 2011 FileVault 2 (full volume) released In Re Grand Jury Subpoena U.S. v. Fricosu 2012 2013 Snowden revelations about NSA Commonwealth v. Gelfgatt 2014 Android 5.0 introduces default encryption Apple iOS 8 introduces default encryption 2015 San Bernardino terrorist shooting State of Florida v. Stahl 2016 FBI versus Apple U.S. v. Apple MacPro Computer 2017 Crypto backdoors back in public discussion G.A.Q.L. v. State of Florida 2018 U.S. v. Spencer Seo v. State Commonwealth v. Jones 2019 NAS Pensacola terrorist shooting SCOTUS denies certiorari in Jones EARN IT Act introduced in U.S. Senate 2020 LAED Act introduced in U.S. Senate Seo v. State upheld Table 1. Timeline

c 2020 JDFSL Page 23