We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs.CY

Change to browse by:

References & Citations

DBLP - CS Bibliography

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo ScienceWISE logo

Computer Science > Computers and Society

Title: Can the Government Compel Decryption? Don't Trust -- Verify

Abstract: If a court knows that a respondent knows the password to a device, can the court compel the respondent to enter that password into the device? In this work, we propose a new approach to the foregone conclusion doctrine from Fisher v US that governs the answer to this question. The Holy Grail of this line of work would be a framework for reasoning about whether the testimony implicit in any action is already known to the government. In this paper we attempt something narrower. We introduce a framework for specifying actions for which all implicit testimony is, constructively, a foregone conclusion. Our approach is centered around placing the burden of proof on the government to demonstrate that it is not "rely[ing] on the truthtelling" of the respondent.
Building on original legal analysis and using precise computer science formalisms, we propose demonstrability as a new central concept for describing compelled acts. We additionally provide a language for whether a compelled action meaningfully entails the respondent to perform in a manner that is 'as good as' the government's desired goal. Then, we apply our definitions to analyze the compellability of several cryptographic primitives including decryption, multifactor authentication, commitment schemes, and hash functions. In particular, our framework reaches a novel conclusion about compelled decryption in the setting that the encryption scheme is deniable: the government can compel but the respondent is free to use any password of her choice.
Comments: 16 pages. This is the full version of a forthcoming publication in Proceedings of the 2022 Symposium on Computer Science and Law (DOI: 10.1145/3511265.3550441)
Subjects: Computers and Society (cs.CY); Cryptography and Security (cs.CR)
Cite as: arXiv:2208.02905 [cs.CY]
  (or arXiv:2208.02905v2 [cs.CY] for this version)

Submission history

From: Aloni Cohen [view email]
[v1] Thu, 4 Aug 2022 22:10:33 GMT (65kb)
[v2] Fri, 9 Sep 2022 17:30:12 GMT (108kb,D)

Link back to: arXiv, form interface, contact.