Here we go again... UK Prime Minister urges nerds to come up with magic crypto backdoors

National key storage

How about this for a compromise: when two endpoints A & B negotiate a shared encryption key, make them use 3-way negotiation, between A, B and K where K is a national key storage facility which stores keys for a limited time and releases keys to security services following a suitable legal process.

By "3-way negotiation" I'm presuming it's possible to securely generate a key known by 3 parties but not by eavesdroppers.

I'm not advocating a facility to record the data (encrypted or unencrypted), just to record decryption keys (for a limited time) for cases when the security services already have wiretapped data for which decryption is likely to be in the national interest.

This is a compromise to privacy, and safeguards would need to be in place such as publishing the number of key requests, but it's better than forcing all encryption to have back doors, which any attacker could use.

NO IT IS BLOODY WELL NOT!

"Simply put, electronic surveillance is extremely useful for figuring out what those who would seek to cause harm to a country are up to."

Time after time with all recent events it's been shown "those who would seek to cause harm" are well aware of the possibility of being tracked. They communicate face to face, they communicate through 3rd parties. They communicate in their own code. They communicate through written word delivered through a (to them) trusted 3rd party.

Bombing cell phones with Predator drones in recent times has made "terrorists" (though recent data suggests "we" might be bombing more innocents than proper targets) very wary of using a cell phone to begin with. How is putting in a backdoor in a messenger app going to help if you've already made your target afraid to even touch ANY phone to begin with!

Human nature has a basic trait of passive "wishful thinking" for something to solve problems that frustrate them. There is possibly a correlation in an individual with their degree of faith in an organised religion.

From the "party" that shares passwords.

Seems to be put up so the walking dead can blame those "in a job in the computers" ("not a proper job, though, is it?").

If the dumb ass wanted some leverage she would have been banging on (and on) about the need for "us" "all" to have an online identity that cannot be repudiated or falsified.

Shall we try putting into terms they may understand

you have your secure emails / accounts that only you can see - secured

you have your secure crtypto key

However, you need to give the police and whoever else a crypto bypass so they can go in and look when they feel like it

Now stop anyone else from either accidently getting the crypto bypass or working out how to create their own version and stealing all the emails / money

Of course, that is without there being initial errors in the crypto code making it easy to break (WPA)

translated for politicians

As a government you need to put all your money into a safe location... say a safe

You have your key

However, you need to give the police and whoever else a skeleton key so they can go in and look when they feel like it

Now stop anyone else from either accidently getting the key or working out how to create their own version and stealing all the money

Of course, that is without there being initial errors in the lock making it easy to break / bypass (bumping anyone)

I would suggest that the crypto key is issued by the government that is the "country of origin" where the data is sent from or stored ie. website/email from example.com would use a SSL key/cert issue by uk.gov allowing data for the .co.uk website to be decrypted by those officials that need to access the data legally. Of course, this would be have be compulsory stopping cert providers issuing certs to data providers in another country.

Something must be done about the extremists

They are an existential threat to our nation and have no respect for our traditions or our rights. They hide in plain sight and attack us when we least expect it. They use the media for propaganda and try to stoke up fear in the public to try to achieve their goals. They attack the public because they are soft targets, especially at places where they are vulnerable like airports. They use seemingly moderate people to push their agenda and pretend they're not as bad as they are painted or that they're not all like that and anyone who paints with a broad brush is a cynic or a bigot. The moderates try to use the police to silence voices of dissent claiming hate crimes or sexism. They want the impossible and are willing to use any means necessary to try to get it. When you get rid of one group of extremists another pops up in its place who are at least as bad as the last lot. It's enough to make you abandon the tory/labour duopoly and vote green.

Impossible? No

So, let's look at how this could be done.

First, a principle of security is not to rely on 'security by obscurity'. Every detail of the scheme must be open to peer review. The only secrets are keys. Obviously the scheme will have to be opt-in for manufacturers.

OK, so here's a suggestion:

Messages are encrypted by a secret key K. That can be a per message key, session key, whatever. Apps use existing key exchange mechanisms, whatever they want, to establish K. Our goal is to ensure K is also available to the government.

To make K available, we could require that it be encrypted under a government public key PK, and the encrypted form shared with each message. The trouble is, who do you trust to control the corresponding government private key?

The traditional answer to this is secret sharing. Split K into K1, K2, ... Kn shares using an 'm of n' secret sharing scheme. Any m shares suffices to recover K, any m-1 tells you nothing at all (there are established mechanisms for this, e.g. https://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing).

Now encrypt each share using different government public keys, PK1, PK2, ..., PKn. The corresponding private keys are held by different government agencies (police, courts, whatever). The bundle of encrypted shares is sent with each message.

Approved government decryptions require cooperation across agencies. Similarly, compromising the system requires collusion across different branches of the state. It's not perfect, but as I'm sure most Reg readers already know, the security of a real-world security system isn't about the crypto, it's about the human processes that manage the system. Sprinkle on some good key management and audit practices, and it's as good as you're ever likely to get.

And yes, I acknowledge there's significant message bloat to carry all the encrypted shares. These days, data is cheap and networks are fast.

I'm in favour

But first, I think Ms May should quadruple the NHS budget, triple the spend on our military, make all UK electricity generation free from greenhouse gas emissions, become completely independent of fossil fuels, and get the unemployment rate down to under 5%. While decreasing taxes across the board.

After all, there are enough bright economists and brilliant politicians in the government that they could surely achieve all that if they put their minds to it?

Only then should we turn our attention to the less important stuff such as making backdoors in encryption algorithms that will only work for the pure of heart.

Bag. Cat. Out.

Smell the coffee, Theresa.

Data Value

It is sensible for any person to safeguard data directly in relation to its value.

When the TLA's were going after* actual criminals/terrorists etc. most everyone else thought that 'their' data was worthless and took little to no steps to safeguard it.

Now that everyone knows all the governments and shitty companies want their data soooo badly that it *must* be worth something, so are now taking steps to secure it accordingly.

Why is this so hard for politicians to understand? No matter what they do, there will be a reaction to it, and the technical world can respond to their inane bullshit a lot faster than they can come up with it (and get it into law).

When they come up with a way to 100% copy protect films/games etc. we might have reached a point in human evolution where we could re-visit some of these assumptions about cryptogrophy, but if you want my advice: don't hold your breath.

*Well, before everyone discovered what they were actually collecting.

They do not need it, they only want it

Metadata is plenty enough for them to get suspicion and move from there to actual work (surveillance).

Who on earth would be stupid enough to actually use 'sensitive' keywords in their messages if they were actually planning something anyway? It will all be aliased and so keyword scanning would provide nothing. Government just wants to look like they have an answer and look like they are 'doing something' but at the same time not actually spend a huge amount of money.

I’ll do the it!!!

Writing insecure crypto is easy. I have a great derivation or ROT-13... I call it ROT-29. I wrote it with my friend John Veiler... we were considering calling it Rot-Veiler... but it sounded silly.

Now, if we will ever have secure crypto... with a back door. We first need military intelligence, open secrets, jumbo shrimp, and a few dozen more oxymorons.

Encryption by its very definition cannot contain back doors. It is mathematically impossible. Not like “I have a theory about Brangelina’s breakup”. But as in the mathematical theorems have not been discovered to allow something known to be breakable to be called secure.

I suppose, I’m the U.K., the people have never had to be concerned with government corruption, corrupt policemen, etc... but in the rest of the world, we use encryption to protect the innocent... quite possibly from their governments.

Unfortunately, that places a greater burden on the government when protecting the innocent from the dangerous, but what’s the point of protecting people from the bad guys if your only goal is to remove their liberty?

In addition, there is no possible way to block people from using encryption. So, if you keep the good people from using it, it won’t help with the bad people.

Why?

Why do we need to "protect ourselves" more than we currently do? The world hasn't fallen down, terrorism is no worse than it ever was, and more information is being made publicly available. Does anyone believe that we are worse off now than say 15 years ago when you were lucky if you had a bebo page?

Leadership

I think this is an excellent opportunity to lead the way in responsible encryption.

Governments that want to make people use crypto with a secret back door should implement this on their own systems first, just to demonstrate their confidence in the technology.

Strong and Stable.

Magical Thinking

"The insistence by political leaders and prosecutors that there is a way to both have a backdoor and not have a backdoor has been put forward so frequently that experts have even come up with a term to summarize it: magical thinking."

Isn't there already a term for it? "Cognitive dissonance".

Just wait for those grapes to turn sour...

Two possibilities.

1) She's ignorant as fuck. Cannot exclude this, given what she's done and said so far.

2) She's evil, understands cryptography, and pushes on knowing full well what it will do (not solving crime or catch the really bad guys, but giving away any privacy of normal folk. Could come in very handy).

Mrs May is TAPS (thick as pig . . . )

Traditionally, anybody truly desperate to go to Oxford applied to read Geography. There was a mechanism whereby those new students enrolled in an overly large Geography intake had a few weeks to apply to another department for a transfer. Mrs May neglected to do this.

On graduation, the same mediocre Geography graduate ( a second) decided on a career in the city. At this time, the least desirable jobs for high flyers in the city were in financial PR and the Bank of England, somebody had to be really unimpressive not to find a starter job in a merchant bank of a big brokerage (separate at the time).

She is Prime Minister and she still believes in fairies and "back doors". Isn't there a single person in No 10 who can explain that this kind of secret cannot be kept secret?

Am I missing something?

OK, here's my simplistic view of a solution, I'm sure someone will be along in a minute to tell me why I'm wrong.

Let's say you run a secure end-to-end encrypted messaging service like WhatsApp.

The 'good guys' come to you with a proper court order or warrant saying you have to let them listen in on messages sent to or received by user1234.

You send a software update to that user's phone that silently adds a backdoor to their encryption, and from then on send the decrypted messages to the 'good guys'.

Obviously, it doesn't work for messages prior to the court order being served, but that shouldn't be a problem.

What else am I missing?

Codes not ciphers [..or OFFS not again!]

The kitten has a hairball stuck and needs to see the vet.

Free postage

Here's how I control my worldwide team of l33t agents.

I setup an Ebay shop called hollow_volcano selling widgets and other crap. I use stegnogaphy to implant my messages into some of the shop photos. When agent-X decodes the message he uses a dead drop to get disposable_agent-Y to order some widgets.

Five blue and five red widgets means agent-X is available but five blue and five green widgets means that he is not. (other colour codes are available)

mwahahaha!