The encryption genie is already out of the bottle

January 20th, 2015 by · 1 Comment

This article was authored by Don Sambandaraksa, and was originally posted on telecomasia.net.

The world has declared open season on encryption and civil liberties. In one week Thailand announced its draft Cyber Security bill, Iran’s highest court banned encrypted messaging apps and now the United Kingdom has announced its own war on privacy in the wake of the French terror attacks.

UK Prime Minister David Cameron said that he will not allow terrorists to have a safe place to communicate. This is understood to mean that encrypted communications apps are to be banned or backdoored to allow access by the security services.

The idea of eavesdropping on communications to protect the monarchy is genuinely popular in Thailand, as is the idea of empowering the state to get rid of terrorists in the west.

The only problem is banning encryption simply cannot work. The genie is already out of the bottle.

I asked Caspar Bowden, former Chief Privacy Officer at Microsoft and now an independent privacy advocate, for his comments on Cameron’s pledge. Bowden pointed out that the exact same arguments and counter-arguments had been made in the wake of 9-11.

In October 2001, Bowden wrote a piece for the BBC website that still is valid today as it was over 13 years ago.

Bowden said that the politicians’ argument that there must be a balance between civil liberties and public safety is a false dichotomy.

“Those who want a nostalgic return to the era of phone-tapping are either naïve or impervious to reason. The only way to stop terrorist cells communicating via the internet is to disinvent it. Encryption is irrelevant,” he said.

There are four ways in which encryption can be compromised in a way that would allow the state to access messages with warrant, but all are fundamentally flawed, as Bowden argued back in 2001.

The 'back-door'

All encryption would be prohibited except an officially sanctioned version which contains a secret weakness allowing all traffic to be broken.

Flaw: If the secret of the backdoor is ever leaked, the security of the entire communications infrastructure would be blown wide open and could not be repaired or quickly replaced.

'Key escrow'

Everybody using encryption must deposit a copy of their key in a huge database. Any particular message could thus be unscrambled, under warrant.

Flaw : An encrypted message is like a letter in an impregnable envelope, which can itself be enclosed in another envelope.

Without opening the outer envelope, it is impossible to know whether a particular message has already been encrypted with an undeclared key.

Moreover, the vast majority of computer scientists believe that a global integrated system to escrow billions of keys is operationally infeasible.

Power to demand decryption

The RIP Act gives powers to demand decryption of any message or data, whether or not a person is suspected of any crime.

Flaw: If you are falsely accused and have forgotten your password, you could be jailed for two years [under the proposed UK law] without a shred of evidence, unless the judge believes you.

An encrypted message is totally opaque - nothing can be inferred about the contents which would help a court rationally separate the innocent from the guilty.

And a terrorist is obviously not going to surrender a key to evidence which would lead to conviction on a much more serious charge.

Attack the end-points

If the device either sending or receiving the message is accessible, then it can be bugged in hardware software, or possibly hacked remotely.

Intelligence agencies and the military are unlikely to trust the police with these black arts, which will need unprecedentedly stringent supervision, since their use would corrupt the legal validity of any chain of evidence.

Computer scientists and security specialists understand the seriousness of what is at stake, and have wrestled with these dilemmas for a decade with no breakthrough. The logic for rejecting the first three options is unshaken. The fourth may often be impractical.

If you want to stop terrorist cells communicating via the internet, dismantle it

Fast forwarding to 2015, we live in a post-Snowden era. We now know that even without these laws, the UK’s GCHQ and US NSA are already spending billions a year developing ways to break into secure systems and placing people, HUMINT, in standards bodies to weaken protection and insert back-doors into standards.

The weakening of security on devices, whether intentionally or not, has hurt consumers. Android had a not-quite-random random number generator that allowed thieves to steal bitcoins from an Android wallet. Heartbleed and Poodle are two other major security scares which leaves us wondering how long the security services knew and were taking advantage of these bugs.

Or is the future more a Thai-style approach? More than half the Thai population uses LINE even though in August 2013 the head of Thailand’s Technology Crime Suppression Division told reporters that he could access LINE messages, a claim that was repeated last month when the ICT Minister reassured reporters that he would monitor all messages to weed out anti-monarchists. Yet despite that, everyone in the Kingdom still continues to use the IM app and there is even a LINE cafe being opened in downtown Bangkok.

Legislation may not work, but the cuteness of LINE’s mascot Mr Brown can deliver.

If you haven't already, please take our Reader Survey! Just 3 questions to help us better understand who is reading Telecom Ramblings so we can serve you better!

Categories: Other Posts · Security

Join the Discussion!

1 Comment, Add Yours!


  • Marcus Malik says:

    A comment on the fourth option on the list:

    *Attack the end-points*

    Flaw (from the government’s viewpoint): This requires individual targeting of devices, making population-wide use impractical and limiting surveillance to a small use of selected targets.

    Benefit (from the people’s viewpoint): This requires individual targeting of devices, making population-wide use impractical and limiting surveillance to a small use of selected targets.

Leave a Comment

You may Log In to post a comment, or fill in the form to post anonymously.





  • Ramblings’ Jobs

    Post a Job - Just $99/30days
  • Event Calendar