A cryptographic airbag for metadata: protecting business records against unlimited search and seizure
Files
Published version
Date
2018
DOI
Authors
Wright, Charles V.
Varia, Mayank
Version
Published version
OA Version
Citation
Charles V Wright, Mayank Varia. 2018. "A Cryptographic Airbag for Metadata: Protecting Business Records Against Unlimited Search and Seizure.." FOCI @ USENIX Security Symposium.
Abstract
Governments around the world require that electronic
service providers, including telecoms, ISP’s, and even
online services like Twitter and Facebook, must provide
law enforcement agencies (LEA’s) with broad access to
so-called “business records” including communications
metadata. Metadata is data about data; it does not include
the contents of the users’ communications, but it
does typically show who each user communicated with,
and at what times, and for how long. Metadata is actually
surprisingly powerful, especially in a time when
more and more messages are being encrypted from “endto-
end.”
In this paper, we present a new approach for protecting
communications metadata and other business records
against unwarranted, bulk seizure. Our approach is designed
from the start to be robust against this new class of
political and legal attack. To achieve this, we borrow the
recent notion of cryptographic crumple zones [31], i.e.
encryption that can be broken, but only at a substantial
monetary cost. We propose that a service provider who
wishes to protect their users’ privacy should encrypt each
business record with its own unique, crumpled, symmetric
key. Then, a law enforcement agency who compels
disclosure of the records learns only ciphertext until they
expend the necessary resources to recover keys for the
records of interest. We show how this approach can be
easily applied to protect metadata in the form of network
flow records. We describe how a service provider might
select the work factor of the crumpling algorithm to allow
legitimate investigations while preventing the use of
metadata for mass surveillance.
Description
License
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.