Secretary of Defense Ashton Carter says strong encryption makes government work.
SAN FRANCISCO—While arguments continue about whether Apple should crack an iPhone at the behest of the FBI, and if the government should require backdoors into encryption systems to keep criminal communications from “going dark,” Secretary of Defense Ashton Carter argued that strong, unbroken encryption was critical.
Speaking at the RSA Conference here, Secretary Carter said “I’m not a believer in backdoors or a single technical approach to a complex problem.” He went on to say, “we’re foursquare behind data security including strong encryption.”
A so-called backdoor would allow law enforcement to decrypt encrypted communications in order to conduct investigations.
But privacy advocates argue this is intrusive, while security experts contend that backdoors are nothing more than vulnerabilities that can be exploited by hackers or nation states.
But at the same time, Carter was careful to not link his comments too closely with the ongoing case between Apple and the FBI regarding an iPhone used by one of the San Bernardino shooters.
In that case, the Department of Justice has ordered Apple to create a special version of iOS that would disable a security feature that erases iPhone contents after 10 failed attempts to unlock the device. With that disabled, the FBI could brute-force the passcode and eventually retrieve the data.
“The specific case I can’t really get into,” said Carter. “It’s a law enforcement matter not a defense matter.”
From his perspective, strong encryption is the lifeblood of the Department of Defense. “DoD data security including encryption is absolutely essential to us,” said Carter. He gave the example of needing to connect vehicles and systems securely in order to operate effectively. “None of our stuff works unless it’s connected.
There’s no reason to buy all these ships and tanks if I can’t connect them.”
Secretary Carter said that industry and government needed to work together in order to solve the issues of encryption and law enforcement. “I don’t think we ought to let one case drive a general conclusion or solution.
The only way we’re going to get to a good solution is by working together,” he said.
His statements on cooperation echo those espoused by NSA Director Admiral Rogers and U.S.
Attorney General Loretta Lynch at RSA.
Carter warned that, barring that cooperation, there are two possible outcomes, neither of which are desirable.
The first is that Congress writes a law regarding encryption without the input of the security industry.
Such a law, said Carter, could end up being written “in an atmosphere of anger or grief, which isn’t the right answer.” (The House Judiciary Committee confirmed as much this week when Rep. Jim Sensenbrenner, a Wisconsin Republican, told Apple that “I don’t think you’re going to like what comes out of Congress” regarding encryption legislation.)
The alternative, Carter said, is that Russia or China makes a decision about how to handle encryption and data security, although he did not elaborate on how such a decision would impact U.S. policy.
Cyber Defense At HomeThough the larger thrust of his talk was to discuss ways in which technology professionals could work with the government, Secretary Carter did touch on other cyber operations currently being handled by the DoD.
He mentioned that in addition to traditional military operations around the world, the U.S. military is leveraging its cyber capabilities against ISIL, also referred to as ISIL. “We’re going to defeat ISIL, no question about it,” said Carter. “I’m looking for ways to accelerate that defeat.”
Although Carter was tight-lipped on the details, he did provide a rough outline; DoD had been interrupting ability to command and control its forces and to make them doubt their communications. “It’s a very effective tool at shutting down their ability to organize their forces,” said the Secretary.
Carter also reiterated that the U.S. would consider cyber attacks as acts of war. “I don’t care if it’s with a keyboard and a bomb,” he said, though he acknowledged that the state of cyber diplomacy is still developing. “It’s fair to say that the world is feeling its way along as a foreign policy and national security issue.”