[slg]

You are correct in that the more keys that exist, the harder it will be to secure all of them. However, the more keys that are required the less valuable any one key becomes. Multiple keys means there is no longer a single point a failure. If you need 3 keys to get data, you can have an entire database of keys leak and the information is still safe.

I would also love a more detailed description of just "it is impossible because math" that everyone seems to be giving.

[mwfunk]

If you want a more detailed description, go to Wikipedia and read up on the difference between public and private key cryptography. What politicians are arguing for isn't just adding another private key to private key cryptosystems; a backdoor eliminates the biggest advantage of public key systems by adding a private key that could crack any of them. Once you add that, it's just a matter of time before someone cracks it.

Really, it's inevitable. Someone doesn't even need to crack it, you just need a single careless or corrupt government employee to compromise the whole system for everyone for all time. People are proposing adding a single point of failure to systems whose usefulness is currently defined by their lack of such a single point of failure. Put that in there and we may as well all go back to using DES for everything.

[slg]

But you are simply pointing out problems with our current techniques and not why we can't come up with new and better approaches. That is the problem we should be working on. Politicians don't understand it, but that is why we need people from our community to work with them. Our response shouldn't be "no, you are an idiot, that is impossible, you are a fascist for even suggesting it". It should be "I know what you are looking to do, here is why it is not currently possible, lets see if we can work together on a solution."

Nothing anyone posted here has said why there can't be a multikey solution that allows access to data in a reliable way that would not be susceptible to a single point of failure or abuse. That sounds like a very hard problem, but I'm not convinced it is an impossible problem.

[nemothekid]

Again, no one is arguing that it isn't impossible. Like I said, in my original post, look at Dual_EC_DRBG - it was a cryptographic solution used by the NSA, that purposely had a backdoor - it was discovered by an outdoor party and now its worthless. (Look at Juniper systems (used by the USG), a very recent example of how this backdoor has failed).

I'm not a cryptographer, but lets assume a multikey solution is 100% possible.

The very notion that you can trust the government with a global key to all encryption is the crux of the issue. How do you know that Donald Trump won't wake up tomorrow and sell that key China? What do you then do if Germany then demands that key? What if Congress decides that giving Israel he private key is important to stability in the middle east? Then what do you do is some nationstate sells this key to a blackhat organization? Welp, all of Google's encryption is now worthless because this "multikey" that was supposed to be for the USG ended up in the hands of a blackhat - and now we have another Fappening 3.0 on our hands.

Great now the whole world has this "multikey" making it virtually worthless because the entire world can decrypt it. If you as an end user cannot control who can and cannot decrypt your messages, then its worthless as an encryption scheme.

Its not a technical issue, and the solution isn't limited because we aren't smart enough. The fundamental problem is that you cannot trust any third party with such a multikey.

[zaphar]

We aren't talking about a system that requires 3 keys to get the data though. In order to be useful to the government they need a system whereby they can decrypt without my key. That means conceptually they need a second key that works all by itself.

You could split the second key so no single party has the whole key which would mitigate but you still have the same problem where you have effectively doubled your opsec problem.

Additionally if half the key is compromised that still greatly reduces the work required to decrypt the text.