In this work, we provide a rigorous, composable definition of a critical piece of the law that determines whether cryptosystems are vulnerable to government compelled disclosure in the United States. We justify our definition by showing that it is consistent with prior court cases. We prove that decryption is often not compellable by the government under our definition. Conversely, we show that many techniques that bolster security overall can leave one more vulnerable to compelled disclosure.
As a result, we initiate the study of protecting cryptographic protocols against the threat of future compelled disclosure. We find that secure multi-party computation is particularly vulnerable to this threat, and we design and implement new schemes that are provably resilient in the face of government compelled disclosure. We believe this work should influence the design of future cryptographic primitives and contribute toward the legal debates over the constitutionality of compelled decryption.
Category / Keywords: cryptographic protocols / compelled decryption, law and policy, distributed cryptography Original Publication (with minor differences): USENIX Security Symposium 2021 Date: received 9 Jul 2020, last revised 29 Dec 2020 Contact author: sscheff at bu edu, varia@bu edu Available format(s): PDF | BibTeX Citation Version: 20201230:040405 (All versions of this report) Short URL: ia.cr/2020/862