Researchers at Brown University are claiming to have come up with a solution that they believe will satisfy both sides of the gun control debate on the issue of firearms registration. Researchers are suggesting a highly encrypted registry that required a physical access key yo look at and only one key being used per county would satisfy the issue of government overreach and keeping firearms out of the hands of felons. More from WIRED:
On top of all the other challenges, the system also needs to be easy to use for government officials who most likely wouldn’t have any specific knowledge of cryptography. And it requires other protections built in as well, like “rate limiting,” so officials could automatically prevent someone running a suspicious number of queries.
The basic structure of the system the researchers devised looks like this: Each local official who manages the gun registry data in their county would hold the encryption key for that data on a physical authentication token, like a Yubikey. To answer queries—release data, in other words—about the county’s current or former constituents, the official would authenticate themself and authorize data queries by producing the physical key. When a new person took over the job, the outgoing official would hand over the physical token as they would the key to a filing cabinet.
The system has a mechanism to reconstruct the key in the event that a local official is indisposed or loses their token. It works by having the official give “key shares” to colleagues, or trusted peers in neighboring counties. At least two of the three shares must come together to authenticate. The idea is to create a fallback mechanism that allows officials to choose like-minded or otherwise trusted custodians, reducing potential concerns about misuse. The key shares could also be revoked, so when a job turns over the new official can appoint their own key share holders.
To query the database at a national level, or run a gun trace, there needs to be some type of “global directory,” as the researchers call it, that indexes all the data in some form. This way someone making a query is automatically redirected to the right place rather than having to individually ask if someone has registered a firearm in each of the 3,006 counties in the US. But if the global directory simply compiled all of the data, it would defeat the purpose of the entire project. So the researchers devised two crucial components to solve the problem.
As technology advances it tends to escape what is understandable to the average person, however this technology is no as complex as one might think. The way it works is like a safe that only one person in every county in the country has a key to, it is excepted that these officials use the key in an appropriate manner and turn in the key after they leave their post. The proposed system would also have a failsafe, one where the keys are brittle and break if used more than they are supposed too, this would theoretically stop any bad actors in the government from using this data for then purposes of gun confiscation.
Does this really solve the issue for both sides?
Technically yes, however the FBI was able to crack the high level encryption of Apple and get backdoor access into iPhone. If there is something of value it can be stolen, although it may be come at great cost or be extremely difficult. The potential for a bad actor to break the encryption and use the data for nefarious purposes is still there, but it would be extremely difficult. What pro-2A forces want is for there to be no potential for this sort of thing and that requires no gun registry whatsoever.