There has been a LOT of commentary recently from privacy advocates about the ‘War on Encryption’ being waged by certain governments and law enforcement agencies around the world. Honestly, most has been very monolithic, taking an almost adversarial viewpoint of government. Don’t get me wrong, I definitely understand the arguments being made for data privacy, and ensuring that strong encryption becomes ubiquitous. And the past transgressions made by the NSA and CIA can never be forgotten. Everyone should have the right to privacy on the internet; but privacy doesn’t necessitate complete ‘anonymity’ or impunity.
The Origins of the ‘War’
End-to-End Encryption (E2EE) allows for complete data confidentiality; only your device and the recipient’s device hold the ‘keys’ needed to view the data. It’s been used in various forms on the internet for decades now. Privacy-conscious individuals have used PGP or S/MIME email encryption to safeguard their emails from eavesdroppers, competitors, even their own employers. So why is there a sudden interest in banning or regulating it by government? The simple answer is Facebook.
The popular app ‘WhatsApp’ (owned by Facebook) allows for users to send confidential messages, videos, and even make calls over E2EE protected channels. Because the keys involved to read these messages are ONLY located on the individual’s phones, no one else can see the contents of the messages in-transit: not the FBI, the NSA, not even WhatsApp employees. Facebook has announced they will be extending this same technology to their popular Messenger service, despite the protest of multiple governments. And just last Monday, Facebook announced to US Attorney General William Barr that it would not be complying with requests to abandon their plans to standardize E2EE across all its platforms.
Here’s the drawback with their plan: Law enforcement will no longer be able to effectively investigate millions of reports of crime, or prosecute thousands of criminal cases. Service providers like Facebook would be completely blind to their users’ communications stored on their servers. They would become physically unable to assist with gathering information on past or ongoing crimes.
Facebook and privacy activists argue that any potential access from law enforcement via a ‘backdoor’ would be disastrous and undermine their right to privacy. In making this argument though, there have been a lot of oversimplifications and half-truths presented. Here I outline the top three false arguments:
False Argument #1: E2E encryption provides bullet-proof security. No one else can see my messages!
The first problem with this argument is the assumption that only specific people can access their data in a readable format. Devices have access to private keys; not you. Until the private key IS part of you, or stored within you, and the decryption is done within yourself and not your device, then you will never have complete confidentiality. The data will always need to exist in a decrypted, readable format on your devices so that it can be displayed, and this affords many opportunities for compromise. A compromise could come from malware, a buffer overflow exploit, a CPU vulnerability like Spectre/Meltdown, or simply a stolen, unencrypted phone. Ultimately, you don’t possess your private keys, your device does.
If you examine how WhatsApp stores your messages on your device, the sad truth is that its bulletproof E2EE isn’t even used to store the data at rest, but only for the data-in-transit. So, it may be true that WhatsApp or Facebook have zero chance of decrypting and reading your messages as they pass through their servers. However, they ultimately have control over the app(s) installed on your device, which has access to the messages stored in a simple database, without any fancy E2E encryption. There is technically nothing to stop the app from reading the contents of your messages, performing analysis for ad-serving purposes, or just sending all of it back to a remote server controlled by Facebook.
We’ve seen this before: Facebook Messenger can and does read your phone’s call and SMS history and send this information back to Facebook’s servers (with your permission). Further, WhatsApp cloud backups are NOT protected the same as the actual messages on the users’ phones. They can be decrypted by WhatsApp as needed using a private key they own.
False Argument #2: Encryption is already everywhere! Bad people will find a way to go ‘dark’
There is some truth to this argument. Yes, almost anyone with basic software knowledge can create a similar E2EE app to use for illicit purposes. Or they can just use PGP or S/MIME email instead. However, this is a very short sighted argument. For example, look at the case of investigating child abuse and exploitation online. What good will it do for sexual predators to leave WhatsApp, Instagram, and Messenger to go onto another app? All their targets are still on the popular services. Just look at the figures on cases of child exploitation reported through Facebook platforms:
According to the U.S. Justice Department, for example, Facebook’s decision to extend end-to-end encryption to Facebook Messenger would result in a 70% reduction in the number of cases that Facebook reports each year to the National Center for Missing and Exploited Children (NCMEC). In 2018, Facebook was responsible for 90% of the 18.4 million total cases reported to the NCMEC…
That’s right, if you do the math, an estimated 11+ million cases of child abduction or exploitation would go undetected each year if E2EE was turned on today across all Facebook products. These kind of crimes would not simply move onto another platform because the criminals targets will not move to another platform.
False Argument #3: If backdoors are built for the “good guys,” then they’ll be available for the “bad guys” too.
This is probably the most popular argument made, and definitely the most outrageous. It’s analogous to saying “If I give a copy of my house key to my sister, then I might as well just leave the door open!” Most people assume that a ‘backdoor’ to encryption would imply that both law enforcement and well-funded, technically capable criminals would have the same chance of exploiting it. With the techniques that some are suggesting, like mandating smaller key sizes or weaker encryption algorithms, this would absolutely be true. But public key encryption offers a much more secure way to keep data accessible to the proper entities, while still completely out of reach to others. In an article published by two experts from within the UK’s intelligence agency GCHQ, they state “the public has been convinced that a solution in this case is impossible, so we need to explain why we’re not proposing magic.”
With public key cryptography, you can very easily allow for more than just the sender and recipient to access messages. An excellent example is S/MIME email encryption. If you send an email to 2 recipients. The ‘secret key’ used to encrypt the message is encrypted with the public key of you and both your recipients. So there is a total of 3 copies of the same secret key, encrypted with the public key of 3 different people. This technique can similarly be used by applications to encrypt data with a 3rd public key, of which the corresponding private key can be tightly controlled and audited by a combination of the service provider, law enforcement agencies, or governmental organizations. So you can provide access to another party without compromising the method or strength of encryption used in the E2EE.
Paradoxically, the exact opposite of argument 3 may be true. With the increased use of encryption in-transit and on devices, law enforcement has become reliant on traditional ‘hacking’ techniques to gain access to data. Outside contractors are commonly hired to find ways to infect a target’s device with malware. This malware can screen-scrape a device, export files, listen in on the microphone, or crack a locked iPhone. They have to use the same techniques that cyber criminals are using to steal your personal financial data and your identity. If legitimate access techniques are not established through cooperation between the private sector and law enforcement, agencies will need to become even more reliant on these shady, backdoor techniques.
And then you might wonder, if these contractors or government agencies are leveraging certain vulnerabilities to access data for a legitimate purpose, what motivation would they have to disclose these vulnerabilities to the vendors so they could be fixed? Further, what kind of transparency does the public have regarding when these techniques are used, and how widespread their use is?
Pieces to a Solution
So if we add another public key to the encryption, we are not necessarily weakening the security of the encryption being used between the users. And let’s assume that we can control access to these private keys so only the ‘good guys’ have access. But how do we define the ‘good guys’? Can the ‘good guys’ be trusted not to abuse this potential access to your data? Well, every time you perform online banking or shop online, you trust in public key cryptography. We all implicitly trust that the root private keys of Certificate Authorities (CAs) like Verisign, Thawte, GoDaddy, etc. are tightly controlled and safeguarded and not abused. Why can’t we place similar trust in our law enforcement agencies? One could make the argument that they violated our trust with programs like the NSA’s ‘PRISM’. And the government overstepping again is definitely a real concern.
Acceptable solutions will therefore require a tightly controlled, publicly auditable legal process for any access to private keys for data decryption. And there should not just be one solution; some sort of single, master public key hard-coded into billions of devices; that would be simply asking for trouble and abuse. A better solution would be to have different keys, each controlled by various device manufacturers and/or service providers, with tightly controlled access to the private keys; access requiring individuals from both the service provider and law enforcement/intelligence.
Access to these private keys can be strictly controlled in devices called Hardware Security Modules (HSM). They could require authentication from multiple parties for access. BOTH the service provider (Facebook) and a law enforcement agency (FBI) would need to request access to a given key. A lawful court-order would be a precondition, allowing access only to necessary data. That way, the service provider and the government agency could be kept honest by each other, in a form of checks and balances.
Conclusion
Data privacy and encryption has been vital component to the monumental shift that has occurred in moving more and more of our lives online. But, as the open letter to Facebook from the law enforcement agencies of multiple nations stated: “We must find a way to balance the need to secure data with public safety and the need for law enforcement to access the information they need to safeguard the public, investigate crimes, and prevent future criminal activity.” We have the technology to provide both user privacy AND the ability to protect those same users from criminal exploitation. The solution to balance these needs won’t come from an adversarial relationship between privacy advocates and law enforcement. It will ultimately come from cooperation, where an open, transparent solution can be implemented. An open mind will be required from both sides.
Sources
Photo from Mike Baird
https://www.lawfareblog.com/principles-more-informed-exceptional-access-debate
https://www.wsj.com/articles/facebook-rebuffs-barr-moves-ahead-on-messaging-encryption-11575998393
https://www.justice.gov/opa/press-release/file/1207081/download
https://faq.whatsapp.com/general/28030015/
https://scontent.whatsapp.net/v/t61/68135620_760356657751682_6212997528851833559_n.pdf/WhatsApp-Security-White-paper.pdf?_nc_ohc=onFhCc1sW5EAQnsFATmPv3_FK3hqiw9nvYo_DrMg0VlWY863zWu4f0lFg&_nc_ht=scontent.whatsapp.net&oh=17a1e49dd12bb2c4ab175890c8aff5ad&oe=5DED683B
