With governments threatening crackdowns on encrypted communications after the jihadist-inspired attacks in San Bernardino, Calif., and Paris, Apple on Monday pushed back hard, arguing that lawmakers who talk about gaining court-ordered access to iPhone communications do not understand the technology.
“The best minds in the world cannot rewrite the laws of mathematics,” the company told the British Parliament, submitting formal comments on a proposed law that would require the company to supply a way to break into the iMessage and FaceTime conversations of iPhone users.
David E. Sanger, “Apple Pushes Against British Talk of Softening Encryption”
Cryptography, it turns out, is really hard. It’s hard even for experts. Trying to add new functionality to allow for exceptional access is far, far harder. Remember: the goal of the original [Needham-Schroeder] protocol was to set up a secure session between two parties, with no one else able to read the traffic or to impersonate anyone. Our solution was only three messages long, but it was wrong and it took 17 years to find the flaw. Modern, real-world protocols are far more complex; there are very many real-world requirements that have to be met. Why should anyone have any confidence that adding yet more complexity in order to bring a third party into the conversation would be correct? I certainly wouldn’t trust it.
Steven M. Bellovin, “Cryptography Is Hard”