US Government Continues Encryption War

Wars can be fought in the real world but there is also a virtual battlefield - and it is just as harmful. The Lawful Access to Encrypted Data Act is the latest attempt to access people's encrypted data and it serves as another reinforcement.


This is a companion discussion topic for the original entry at https://blog.privacytools.io/us-government-continues-encryption-war/
1 Like

Your whole argument is based off of a strawman. The statement was about warrant proof encryption, not encryption in general. Ordinary users are not not going to have a warrant out for decrypting their communication which makes it equivalent to encryption which is not warrant proof.

Further in your post you mention having to add barkdoors. You do not need to have backdoors to allow for people with warrants to decrypt messages. You can design it right into the protocol without it being a backdoor. You additionally state that governments would be picky in what other governments could issue valid warrants. I don’t think this would be the case. It’s common for sites operated out of the US to follow the laws of other countries. All of the time foreign police agencies ask US sites to give over data. US sites are no stranger to following laws from outside of the US. Just look at how GDPR went down. There would be concern if the government were using these third party platforms for their own confidential messages. The government should just use a custom / personalized solution that only allows warrants from the US for example. You additionally state that eventually keys would leak and everyone could decrypt everyone’s messages. I think lit would be possible to design schemes to rotate keys upon comprimise and to require both the company and the person with the warrant to work together to decrypt the data. In regards to federated servers each home server would need to comply just as any other site / app.

Communication platforms benefit strongly from the network effect. Criminals are typically not tech savvy. There are plenty who use regular social media with nonencrypted communications. Sure criminals might favor warrant proof encryption, but more will still use encrypted communication that can be decrypted after getting a warrant. It’s about reducing the percentage, not about getting rid of it altogether.

Absolute nonsense. The US government is not a trustworthy entity and neither are its allies, as has been proven may times e.g. https://nypost.com/2014/02/27/uk-spies-people-get-naked-on-their-webcams/ . Following these revelations, which were even more widely publicized outside the FVEY countries than inside them, the world understands that the US government is untrustworthy. You might argue that no one cares about what the government does, indeed almost half of US voters (or according to some, more than half) voted for Trump again following his pussy-grabbing antics etc. But it’s well-known that in addition to being malicious and untrustworthy, governments asking for spying powers are also incompetent, as in coronavirus https://www.salon.com/2020/09/09/homicidal-negligence-trump-admits-on-tape-that-he-hid-deadly-threat-of-coronavirus-from-public/.

But on things that really do matter to people, like their privacy, everyone knows there are better alternatives to anything that might have the US’ backdoor spying tentacles around it, and it’s better to use those. If you try to put a backdoor in open source software, we can easily revert that, edit out the backdoor, and create international publicity.

Software is not like a physical object; it’s more akin to a shared recipe, a list of instructions for my computer - if this recipe now contains an ingredient I don’t want to eat, it’s easy to remove that unwanted ingredient (backdoor or blacklist) from my copy of the recipe and freely share the version without it, and everyone else can do the same and share their versions. Same if an ingredient we like is proposed to be removed.

What dishonesty and spying was once TOP SECRET SI, is now a matter of public discussion and policy making - for example, Privacy Shield is dead and gone, because of what we know, about the US government and the disreputable way they interpret their law.

All encryption ciphers, the building blocks, are designed to do one job. What encryption is about is encoding information with different symbols such that a third party cannot extract the meaning from those symbols. It’s basically like talking in a temporary different language, one that is created and used only for that one message or conversation. Call it “warrant proof” if you like, but what you mean is that you, an eavesdropper, cannot make sense of what (if anything) is being said. You absolutely don’t have a right to be able to make sense of what people say, or whisper in each others’ ears.

By the way, is the US still accusing Huawei and the CCP of backdoors? Or is that all cool now?

Despite your opinions on these governments, they are already using warrants to get people’s direct messages. This is nothing new. I believe you are making a generalization about these governments are being malicious, untrustworthy, and incompetent, but I do not wish to argue that because governments already have the power to use warrants.

Wanting warrants to allow access to messages is not spying, nor would it require a backdoor. Sure, you could modify software to make it warrant proof, but according to the OP that would make you lose section 230 protection. Just because you are working with computers that doesn’t mean you can just ignore the law.

Which is why it would require a warrant before you could be able to decrypt it. You would be using the same primitives that are cryptologically strong, but designing a system on top of that which would include an alternative decryption method that would require a government to issue a warrants. This is not about building backdoors, but about building systems where warrants can function like they have traditionally done in the past.

1 Like

You have some very severe misconceptions about encryption. Encryption is always “warrant proof” as you call it, in the sense that there is no concept of a “warrant” or whatever. Its purpose is to prevent others, whoever they may be, from being able to make sense of data they have stolen/intercepted, not to prevent them from being able to steal it. Nobody is stupid enough to give copies of their private keys or ephemeral session keys to people they specifically do not wish to have it. Playing the fool and talking in soundbites does not convince anyone who actually knows about this subject. Users have the ability to avoid known backdoored encryption. The Internet has decreased the amount of privacy people have and given malicious governments such as the US excessive power, but encryption goes some way towards bringing it back to a normal level.

If someone, call him Derek Chauvin, wants to read the communications of someone else, say George Floyd, they might threaten his ISP with violence in the form of a “warrant”, and demand that they hand over sniffed traffic. If George uses encryption, the traffic they hand over will be less informative to them that if he does not. That’s what encryption is for and that’s what it does. There is no relevance of any “warrant” to that. There does not need to be any “service provider” involved in encryption or decryption. Every Internet user worldwide, from Iran to North Korea to Russia to the US to all Darknet Markets, has instant easy access to strong non-backdoored encryption, you know.

There is no “internet” user in north korea because there is no internet in north korea

The US government ought to stop blaming them for hacking via the internet.

Well they would be hackers hired by there goverment itself north koreas internet is acually intranet so nomal people can’t use the real internet no matter what they do

So… Internet users?

Sure, that doesn’t mean that you couldn’t design a system such that a warrant could be used in part to derive the decryption key. As I said in a previous post, an encrypted messaging system supporting warrants would still use strong encryption algorithms as primitives.

The communication platform would handle implementing this system to their platform. Now they wouldn’t just steal your private keys directly since that would let the company decrypt your messages without a warrant. It would have to be more complex than that.

I am not talking about a backdoor. I am talking about adding a front door that requires a valid warrant to enter.

This is not about ISPs and encrypted traffic. This about communication platforms and encrypted messages.

You are limiting yourself to the most basic of cryptographic systems. Sure you can easily design a system where warrants don’t work, but you can also design a system where warrants do work.

No one on Earth wants to use such a defective backdoored system. We will throw it in the trash exactly like we did the Clipper chip. What we, I, Kim Jong Un with his fully tested working nuclear weapons, Vladimir Putin with his even better tested ones, everyone, already has, with full sourcecode, with no backdoor, is what we will use and improve, come what may. I wonder if you expect the https://privacytools.io/ website where you are now, or heroic NSA leaker Edward Snowden, to start recommending anything with a known backdoor? What crazy delusional planet are you on?

What is your argument based on exactly? Could you explain in more detail how such as a protocol would work?

Using “warrants” that can be issued at any time to decrypt a message does not sound like a secure encryption system to me. Especially if there is one centralized authority in charge of issueing them. This defeats the entire purpose of encryption, and such a system governed in secrecy and/or holding monopoly of the decision making is what’s best known as a backdoor.

This argument is easily defeated if you understand the risks inherently present in current-day encryption: if an adversary were to figure out a way to issue such “warrants” they would then be able to decrypt any message on demand.

Allowing the government to decrypt your messages provided they have a valid a warrant does not make something defective or a backdoor. What downside does a noncriminal get by having the government be able to read their messages with a valid warrant? Plenty of people already communicate over platforms which already will turn over messages when provided a warrant.

My argument is based on that it is possible to design a cryptographic system where both the recipient and someone with a valid search warrant can decrypt messages. The original post seems to believe that in order for that to work you would have to get rid of actually encrypting things and work with plaintext.

I don’t design cryptographic systems, but for a simple case when you send a message it encrypts a message with symmetric key encryption with a random key. You then create 2 copies of that key. You then encrypt one copy with the recipient’s public key and the other copy with the warrant public key. These 2 encrypted keys and the encrypted message are stored on the communication platform’s server. The recipient could come along download the encrypted key and encrypted message for him. He then decrypts the key with his private key and then uses that key to decrypt the message. When a valid warrant is issued the police give the warrant to the communication platform. Once verifying that the warrant is valid the company hands over the encrypted key and message for them. Following a similar practice to the recipient the police can now decrypt the message. In practice it would need to be more complicated. Perhaps we could involve hardware tokens to secure the keys to prevent dumping them.

I’d imagine they would still have to go and ask the company for the chat messages like they have to do for other platforms that currently exist but don’t use encryption.

No, I think it’s reasonable for the purpose to be to stop a communication platform and its employees from being able to read your direct messages or harvest private information such as passwords from the messages.

That would pretty hard to do and would involve breaking many crimes. You would have to forge the warrant itself. Forge signatures on the warrant. Steal the private key which may involve stealing a physical device. Then there’s the work of buying a domain and creating a fake police department or agency to try and sell the idea that you are real.

In such a system is only a matter of time until, without fail, those keys are leaked either intentionally or accidentally. Even if they never do, just for the sake of argument, that system is still subject to be abused in so many ways ranging from legal loopholes to bribery and extortion.

Take for example an investigation requires access to the communications between two suspects, who have been communicating from different public places (airports, hotels, etc…). You would then have to issue a warrant that decrypts all communications in and out those places, immediately affecting hundreds or even thousands of other people’s private communications for no reason.

You may argue that you know their Whatsapp or Signal accounts and thus you can be very specific about what you need, but what if that is not the case? For instance they used a platform that doesn’t require accounts, or used burner phones, perhaps with some free-tier VPN service? In that case you again need to ask for a broadened range of information that harms the privacy of hundreds or thousands of other people’s privacy.

In the example you presented you are encrypting your message with a key that you did not generate yourself and have no control over. That means your message can be tampered with from the very beginning before it even reaches it’s destination. I know you said this would be a very simple case but it’s well documented that these practices have been going on, in secrecy and illegally, for years.

In short, it creates a system were a very few control the communications of everyone, at all times, without supervision and without consequences.

Which is why the actually thing would support key rotation. You would use hardware tokens so that stealing a key would require stealing a physical device.

There would need to be a good enough reason for them to get such a broad search warrant.

This effects unencrypted platforms too. It’s already the case when law enforcement gets a user IP it turns out to be a Tor exit node or something.

This is unreasonable. Even unencrypted platforms do not do this.

You have control over all of the keys except the one’s for the recipient and the one for the warrant.

The vast majority of these search warrants are public record. People can review for abuse. Additionally a serch warrant requires a judge’s approval.

  1. It’s none of the US government’s fucking business what people communicate.
  2. The US government grants themselves the authority to spy on everyone en masse and target them if convenient https://theintercept.com/document/2014/03/20/hunt-sys-admins/
  3. The existence of the US government, which believes it has the right to interpose itself in what people whisper, is the problem we need to address.
  4. I have never been to the US. I am not a citizen of there or any of its allies. I have never wished to travel to the US or be under US (to me, foreign) law. The US government gives itself unlimited permission to spy on me and all “foreigners” for what it considers in its opinion “foreign intelligence purposes”. PRISM is all US-legal, remember, there are “warrants” covering it. This is why Privacy Shield was killed yet again and will not be revived without reform in the US that will not come without revolutionary regime change there.

Defective: containing a defect, a property which does not benefit the user and would not ever be requested by them, not present in correctly implemented secure software.
Backdoor: Something deliberately designed to be capable of giving plaintext to people who aren’t authorized by the encrypted message sender(s) nor decrypting receiver(s), without their consent.

It is the government’s business to catch criminals. Platforms should work together to meet the needs of both the users and the government.

Warrants spying on all foreign people are not issued like that.

Supporting warrants does not hurt legitimate users. It is neither a good or bad thing for the average user. For criminals it is a bad thing. It is a reasonable feature.

You are authorizing the government to read it if they have a search warrant.