Secure (against against direct cyberattacke) Backdoors for Universal Intelligent Systems

13 Pages Posted: 25 Jul 2019 Last revised: 3 May 2021

See all articles by Carl Hewitt

Carl Hewitt

Massachusetts Institute of Technology (MIT)

Date Written: July 24, 2019

Abstract

A device is traitorous when it acts against interests of its users. Within 10 years, electronic glasses with holographic-like overlays are projected projected to become supplant smart phones [Gurman 2017; Mundy 2016]. A backdoor in electronic glasses would enable an I-see-and-hear-you-and-what-you-do capability that would provide extraordinary insight into what wearers are thinking as well as how they have been communicating with others.

According to FBI former Director James Comey: “There is no such thing as absolute privacy in America.” continuing with “Even our memories aren’t private.” [Borger 2017] According [Barr 2019] “We are talking about consumer products and services such as messaging, smart phones, email, and voice and data applications” [which are also widely used by government and enterprise employees in their professional work] that he advocates should be openable for self-incrimination. Furthermore, Barr warned: “I think it is prudent to anticipate that a major incident may well occur at any time that will galvanize public opinion on these issues.” In order to enable a Nothing is Beyond Our Reach [NIBOR] system. [Burr and Feinstein 2016; O’Neill 2017] proposed the following legislation: “covered entities must provide unencrypted information and technical assistance to the government pursuant to a court order.”

NIBOR[Hewitt “Erlang Lecture” 2017; Hewitt “They See What You See” 2017; Hewitt 2018] is a further development beyond a previous proposal[Rotenberg 2015] in order to implement [Burr and Feinstein 2016], which addresses the following issues identified in [Abelson, et. al. 2015; US National Academy of Sciences 2018; Encryption Group 2019]:

• Keys: A NIBOR public/private key pair piece is created in a Faraday cage by special hardware in multiple, independent government command posts in such a way that the private key never leaves the Faraday cage in which it was created (except for hardware secured backup). Encryption/decryption is performed in the Faraday cage invisibly to all software of its command post. A combined public key to be installed in every device used in a country is created so that all of the private key slices are necessary in order to encrypt a message for the corresponding combined pubic key. (In some countries to take over a device, a piece of the private key may have to be obtained from the connecting Internet Service Provider. See discussion in this article.)

• Internet: In order to connect with the public Internet, a device must pass a challenge-response test to ensure that if it receives a packet that decrypts using its public key, then it immediately uses the packet as a bootloader to take over the device without disrupting its ongoing activities using a hard-to-detect virtual machine. A visitor to a country could be issued a domestic rental covered by the price of their visa. The deposit on the rental would be refunded when it is returned when exiting the country. Many foreign diplomats and professionals could use satellite phones to diminish surveillance. [Flickinger 2019].

• Universal Intelligent Systems: Public keys are distributed to certified manufactures for installation in their Internet products. In order to be certified, a product must be certified that it has hardware that guarantees that if it connects to another device electrically or by radio then if it receives a packet that decrypts using the public key, then the decrypted packet is used as a bootloader for a (hard-to-detect) Virtual Machine that takes over the product while it is in operation.

• State Security: A government could instantly take over any device used domestically on the Internet. A virtual operating system backdoored into a device can limit its own vulnerability by only communicating with security command posts. Even if cyberattackers root the government virtual machine for a device that has been taken over by the government, the attackers gain no lasting advantage in hacking additional devices. If necessary, the government can repeatedly take over a device using NIBOR. In order to protect information exfiltrated from taken-over devices, NIBOR operating environments will ultimately need to use more secure software than is currently available that is based on strongly-typed every-word-tagged architectures. [Hewitt 2016]. Security dangers of NIBOR come after a government has exfiltrated information from backdoored devices in their own country because a government cannot both widely use the exfiltrated information within the government and keep the exfiltrated information secure.

• Economic Costs: It will not be inexpensive to create and operate NIBOR. However, the incremental hardware cost per device is negligible and the cost of distributing and installing a public key in each device is also negligible. The cost of multiple-command-post crypto security system for NIBOR private keys can be partially defrayed by also using them for other national security operations such as securing nuclear weapon keys. NIBOR could make government enforcement more efficient by enormously increasing the ability to surveil citizen activities at the cost of obtaining surveillance software and hiring people to supervise surveillance.

• Social Costs: Social costs of massive surveillance could include enormous damage to human relationships as well as corruption including corporate, political, and sexual surveillance and blackmail. Experiences in Communist East Germany [Funder 2011], UK [Asthana 2016], etc. illustrate costs in loss of civil liberties.

A possible compromise is for courts to hold a piece of the private key for each device. Mass surveillance by the government could be prevented if the government does not have access to court pieces of device private keys en masse. ISPs could be able to go to court to limit government takeovers of devices of journalists, lawyers, judges, government officials, and politicians. Also, device takeovers could be made public when a court determines that secrecy is no longer required.

Keywords: mandatory backdoors, Internet of Traitorous Things, Nothing is Beyond Our Reach, sensitive citizen information, hologlasses

Suggested Citation

Hewitt, Carl, Secure (against against direct cyberattacke) Backdoors for Universal Intelligent Systems (July 24, 2019). Available at SSRN: https://ssrn.com/abstract=3425957 or http://dx.doi.org/10.2139/ssrn.3425957

Carl Hewitt (Contact Author)

Massachusetts Institute of Technology (MIT) ( email )

77 Massachusetts Avenue
50 Memorial Drive
Cambridge, MA 02139-4307
United States

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
149
Abstract Views
2,254
Rank
500,001
PlumX Metrics