An estimated 63 percent of the encryption products available today are developed outside US borders, according to a new report that takes a firm stance against the kinds of mandated backdoors some federal officials have contended are crucial to ensuring national security.
The report, prepared by security researchers Bruce Schneier, Kathleen Seidel, and Saranya Vijayakumar, identified 865 hardware or software products from 55 countries that incorporate encryption. Of them, 546 originated from outside the US. The most common non-US country was Germany, a country that has publicly disavowed the kinds of backdoors advocated by FBI Director James Comey and other US officials. Although the Obama administration is no longer asking Congress for legislation requiring them, it continues to lobby private industry to include ways law-enforcement agencies can decrypt encrypted data sent or stored by criminal or terrorism suspects.
The authors said that they found no reason to believe the quality of encryption products developed abroad are any better or worse than their counterparts in the US or in the UK or France, whose officials have also hinted they favor encryption backdoors. The conclusion of their survey—which the researchers said represents the lower bound of the number of encryption products available worldwide—was that criminals or terrorists who are savvy enough to use encryption would also be smart enough to choose a product that isn't subject to mandatory backdoor laws. The result, the authors argued, is that US competitiveness would be harmed with little benefit to national security.