It seems sort of silly to have a post with this title, but Bruce Schneier appears to miss the point in his post about a Cryptographically-secured Murder Confession. Schneier writes:
But how is this different than Duncan speaking the confession when no one was able to hear? Or writing it down and hiding it where no one could ever find it? Or not saying anything at all?
The answer is simple: this encrypted set of bits may be evidence in a criminal investigation. It differs from his other scenarios in that nobody has any reason to know that the other pieces of evidence exist (if they did, they would be looking for them). In this case, there appears to be a reason to believe the encrypted data is a confession. And the police want to "collect" the information in the same way they would act on tips or other evidence to look for a murder weapon in somebody’s house, drugs in a car, receipts to confirm an alibi, witnesses of a robbery, etc. etc. I think they call it "a lead".
I think Schneier is so blinded by his concern that cryptography is (perhaps) seen as evil that he misses the basic point. It isn’t about encryption, it is about the ease or difficulty of getting enough evidence to convict somebody. [Btw, I don't see anything in the AP report he cites that denotes or connotes anything about encryption being good or bad - just sometimes hard to decrypt.]
Indeed, Schneier seems to expose his blind side with another comment:
If the police can’t convict him without this confession — which we only have his word for as existing — then maybe he’s innocent?
This is so strange, and states the case of the police so clearly (they want any possible evidence to either convict the right guy) that I still am trying to decide whether it is sarcasm or not. The doubt Schneier shows is the same doubt that a jury may have and that the police want to minimize with the confession, if it exists in the myriad of potential evidence collected.
What if a witness can’t be found? What if a partial fingerprint can’t be matched? What if a suspect has an alibi? What if a confession is encrypted? Well, any citizen would presumably want the police to try harder if they have a reason. Authorities should look for any and all evidence they can find to support or refute any investigations, and this is no different simply because the potential evidence is encrypted.
I’m afraid you have missed Schneier’s point.
If the encrypted data is indeed a confession, it only exists because of the perp’s desire to gall the authorities. If strong crypto didn’t exist, he would have destroyed, or simply never have created, the file[s].
All of your “what if”s are completely unaffected, and the “what if” you haven’t asked is “what if there hadn’t been strong encryption for him to hide his confession?”, the obvious answer to which is: it wouldn’t exist, because he would have DESTROYED it, or simply wouldn’t have CREATED it, which is exactly what Bruce was saying.
You seem to suffer from the same misunderstanding which is rampant in the general public: that encrypting a file changes it from plaintext to ciphertext. It doesn’t. It makes a copy, allowing the data to be hidden in plain sight. If he hadn’t believed that it wouldn’t be recoverable, he wouldn’t have done that.
Further, as Bruce also points out, it’s not necessarily unrecoverable; just because the algorithm is provably strong doesn’t mean that its implementation or use is flawless, and indeed that’s seldom the case.
So it may well be that his belief has led him to create evidence which, if it can be cracked, will stand far stronger than any other evidence that could have been collected from his computer.
Beyond misunderstanding his statement about whether there was a difference, you seem to be trying to counter an argument that he hasn’t made: that the police shouldn’t try to use every piece of evidence that they have to get to the truth. He hasn’t said that, and attempting to put those words in his mouth seems to have no other plausible motive than to continue to foster an irrational fear of strong crypto, which is what he countered effectively in his article which you ironically characterized as being blinded by his own irrational fears.
@Brian:
1. People confess all the time in strange ways, so I don’t know how you can suggest that a guess like you are making about the existence/nonexistence of evidence in an alternate reality is a fact by necessity.
2. The reason behind why evidence exists doesn’t matter, whether it is because a criminal didn’t wear gloves, didn’t pick a good enough hiding place, or was just plain dumb.
3. To suggest that strong crypto actually increases the likelihood that evidence will exist seems pretty disingenuous and even a bit desperate to me. If it really is strong, the evidence effectively isn’t useful (although I suppose there may be some residual use through its existence) and I don’t believe that cryptographers are out there trying to make strong crypto easier to break. It is an interesting argument, however.
4. It happens that I am neither afraid of strong crypto nor opposed to its use, even with situations like these. I accept this as the same problem many other useful tools have as well.
5. I interpret Schneier’s paragraph the same way I did in the post: I still believe that the known existence of encrypted data that may be a confession would be useful evidence. This seems obvious to me while Schneier seems to make strange allusions to “trees falling in woods with nobody there to hear it” questions and attempts to correlate an assumed lack of other evidence with innocence. (Juries presume innocence, policy gather evidence).
Where does this supposed ‘irrational fear of strong crypto’ exist?
My first encounter with this phenomenom is on Schneier’s post above. Then followed by Brian’s comments above.
I can’t say that I have noticed any hint by the general public that they know or care about crypto.
The only fear I have noticed is within IT and security circles that fear ‘strong crypto’ will be found out to be not so strong after all.
Am I missing the great conspiracy?