UK data watchdog calls for end-to-end encryption across video chat apps by default Britain's new Information Commissioner has called for video conferencing companies to enable end-to-end encryption on their products – even as police managers and politicians condemn the technology and demand its removal. This week the ICO urged tech companies to make end-to-end encryption (E2EE) "available to all users" …
"Police workers, on the other hand, claim that E2EE would force them to obtain court warrants each and every time they want to spy on criminal suspects, risking judges turning down overbroad demands"
Trust in the police is at an all time low at the moment and them moaning about having to obtain a warranty to spy on people is only going to make more people believe that the police cannot be trusted.
The police seem to have forgotten that they work by consent; without the trust and consent of the policed they are so outnumbered that they are effectively powerless.
If they want to monitor my communications - either the content or the metadata - they'd better have a good enough reason to persuade a judge that I am a potential miscreant. "Walking in a funny way" or "looks a suspicious character" are insufficient grounds.
And I for one welcome our new digital overlords. Omnipresent and all-seeing, I hope they can round up all the doubters and miscreants who refuse continuous surveillance for their protection of democracy.
Privacy, security, control over your own personal data, PAH! That's so 2004. Continuous, unremitting intrusion into your private lives and information is the only thing keeping this country safe. The government needs to know where you are and what you are doing 24 / 7 /365; unless you are a politician or senior police official, of course. We trust them without question because of their Stirling reputations so far.
Accusations of abuse of power is trivial against protecting the public. This is why the government should control everything you see, hear and read. Everything should be approved before publication. D-Notice in effect on everything until the info has been reviewed and authorized for publication. No more journalistic protections. No whistleblower statutes. Just unremitting government oversight, because they just know better.
Trust no one, monitor everything and democracy will remain safe and unassailable. It's worked for the Chinese Communist Party and North Koreans so far!
Joke icon just in case any fool actually takes the above seriously.
don't blame the police, they're only following orders. And money. If, by some bizarre, outwardly coincidence, the government decided to prioritise 'privacy' in body and spirit, and paid enough (is enough ever enough?) for nationwide policing, you'd have police falling over themselves extolling the virtues of vpn and such. You don't bite the hand that feeds you :(
They’d have to get a warrant for the miscreants devices. Otherwise they can only spy on the source and destination. Not the message itself.
I’ve constructed a fully E2EE app and, if the roz asked me to hand over messages that were still in transit that’d be fine. They would get a pile of random looking garbage.
That is whet the system is for.
"They’d have to get a warrant for the miscreants devices."
IIRC all they need to do is execute an arrest on some "suspicion" - and they automatically get the right to take away all IT equipment etc. If they don't find anything to support their "suspicion" then they will claim "guilty - but too clever".
Many years ago there was a DTI* 'paper' stating how they wanted digital signatures and encryption keys to be managed, including mandatory escrow of private keys with approved organisations. I read it twice all the way through as I had not noticed anything at Allin the paper which explained how this benefitted industry. It was all about how 'security agencies' and 'law enforcement agencies' could gain access to encrypted information if they needed to. The process would have allowed the police, for example to obtain the decryption keys for a company's messages and read them all. There was a strong suspicion that it had been written (or at least devised) by people in Cheltenham. I wonder whether it will be resurrected.
*The then Department of Trade and Industry
Given my observation and experience of/in online virtual meetings, one wonders whether E2EE will be deemed "too complicated" for some participants to bother. Also, I read somewhere that having a phone-in option makes E2EE for that particular meeting not possible -- true? Or only true for the phone users (and the computer users are encrypted)?
Gilbert and Sullivan said "A policeman's lot is not a happy one.". That is as maybe, but what a hardship to have a requirement to get a warrant foisted upon them, it is so difficult to get a warrant. All they need to do is convince a Magistrate that there are reasonable grounds for suspicion and Magistrates tend not to take too much convincing.
Chris Cosgrove
....where two end points can engage in a handshake over an insecure channel, but nevertheless each end point can calculate the same secret key without the secret ever passing over the network.
*
So it's possible for two endpoints to agree a different key for every interaction, without any user involvement, and without any published keys (as with PGP and siblings, HTTPS etc. etc.).
*
This simple mathematical procedure makes it possible for two endpoints to encrypt everything before anything enters a public channel.......making "end-to-end encryption" completely moot.
*
In recent experiments here at Linux Mansions, Diffie/Helman is perfectly practical on pathetic cheap laptops using six hundred long decimals for the handshake and calculated secret keys of the same length. This is all done in software, no user input, all data associated with encryption and keys used once and securely deleted after each transaction. The only data in the public domain is the privately encrypted transaction in transit.
*
Since there is nothing published about keys, and new keys are calculated for each transaction, when the plod turns up, the users can truthfully say "Sorry...we know nothing about keys, you can take all our equipment away and you will find nothing".
*
The mathematical procedure to implement this has been known for over forty years. Why do we hear nothing about it in the public debate about "end-to-end encryption"......rendered moot if anyone wants to implement it?
> why do we hear nothing about it in the public debate ...?
Some useful technical discussion and onward links in this source:
Technically, the Diffie-Hellman key exchange can be used to establish public and private keys. However, in practice, RSA tends to be used instead. This is because the RSA algorithm is also capable of signing public-key certificates, while the Diffie-Hellman key exchange is not.The ElGamal algorithm, which was used heavily in PGP, is based on the Diffie-Hellman key exchange, so any protocol that uses it is effectively implementing a kind of Diffie-Hellman.
As one of the most common methods for safely distributing keys, the Diffie-Hellman key exchange is frequently implemented in security protocols such as TLS, IPsec, SSH, PGP, and many others. This makes it an integral part of our secure communications.
Source: https://www.comparitech.com/blog/information-security/diffie-hellman-key-exchange/
@Jonathan_Richards_1
Interesting, but I think the AC was wondering why Diffie/Hellman was not adopted by more PRIVATE CITIZENS as a way of avoiding all the c**p about "end-to-end encryption".
You know...."Those who would give up essential privacy, to purchase a little temporary safety, deserve neither privacy nor safety".......with apologies to Ben Franklin.
Two reasons.
The first is that there would have to be a readily available application for it. Such an application would be limited to real-time chat and probably just for two participants as the number of D/H key pairs would rise rapidly as more people are brought in.
The second is the network effect. There's no point in installing it if you don't know anybody who uses it and nobody uses it because they don't have it installed because...
More importantly, DH by itself is not secure against an active man-in-the-middle attack.
Anyone who sits between A and B can perform independent DH exchanges with A and B, and neither side is any the wiser - unless they sign their exchange, which means using something like RSA again.
@Crypto_Monad
Quote: "...DH by itself is not secure against an active man-in-the-middle attack..."
Interesting. But suppose the Diffie/Hellman software is:
1. Designed to be peer-to-peer
2. Designed to validate the IP addresses of the two peers in the transaction
Does this not make the task of the putative "man-in-the-middle" a bit more difficult?
Then there's the possibility that the two peers have already agreed characteristics within the plain text of the encrypted message, characteristics which may not be obvious to "Eve".
And of course, you are correct to observe that there could be more sophisticated types of authentication embedded in the encrypted message.
All of the above leads me to believe that leaving out servers....doing peer-to-peer...not only makes "end-to-end encryption" completely moot.....but offers opportunities for privacy which third parties simply cannot offer.
No doubt others, more competent than this AC, can tell me that I'm dreaming.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
