In my new Guardian column, I look at UK Prime Minister David Cameron's election pledge to eliminate strong crypto and point out that we already have a forerunner of this in the "TSA-safe" luggage locks -- and it's a disaster.
If you want a preview of what a back door looks like, just look at the US Transportation Security Administration’s “master keys” for the locks on our luggage. Since 2003, the TSA has required all locked baggage travelling within, or transiting through, the USA to be equipped with Travelsentry locks, which have been designed to allow anyone with a widely held master key to open them.
What happened after Travelsentry went into effect? Stuff started going missing from bags. Lots and lots of stuff. A CNN investigation into thefts from bags checked in US airports found thousands of incidents of theft committed by TSA workers and baggage handlers. And though “aggressive investigation work” has cut back on theft at some airports, insider thieves are still operating with impunity throughout the country, even managing to smuggle stolen goods off the airfield in airports where all employees are searched on their way in and out of their work areas.
The US system is rigged to create a halo of buck-passing unaccountability. When my family picked up our bags from our Easter holiday in the US, we discovered that the TSA had smashed the locks off my nearly new, unlocked, Travelsentry-approved bag, taping it shut after confirming it had nothing dangerous in it, and leaving it “completely destroyed” in the words of the official BA damage report. British Airways has sensibly declared the damage to be not their problem, as they had nothing to do with destroying the bag. The TSA directed me to a form that generated an illiterate reply from a government subcontractor, sent from a do-not-reply email address, advising that “TSA is not liable for any damage to locks or bags that are required to be opened by force for security purposes” (the same note had an appendix warning me that I should treat this communication as confidential). I’ve yet to have any other communications from the TSA.
Making it possible for the state to open your locks in secret means that anyone who works for the state, or anyone who can bribe or coerce anyone who works for the state, can have the run of your life. Cryptographic locks don’t just protect our mundane communications: cryptography is the reason why thieves can’t impersonate your fob to your car’s keyless ignition system; it’s the reason you can bank online; and it’s the basis for all trust and security in the 21st century.