ACLU on the GCHQ Backdoor Proposal

Back in January, two senior GCHQ officials proposed a specific backdoor for communications systems. It was universally derided as unworkable -- by me, as well. Now Jon Callas of the ACLU explains why.

Posted on July 30, 2019 at 6:19 AM • 25 Comments

Comments

schmoo1July 30, 2019 9:37 AM

Screw steganography. We'll just use P2P networks and open-source, uncompromised cryptosystems. IPFS or similar.

Big Tech opposes these backdoors because they know they will result in a mass migration away from their platforms. Only schmoos would continue to use Facebook, Google etc. Frankly, I see that kind of result as a good thing.

JonKnowsNothingJuly 30, 2019 9:45 AM

re: steganography

Interesting!

I wonder IF the security services are envisioning a 2 pass encryption system. First pass is their "steganography" version and the Second pass "truer" encryption (such as we might hope for).

They would just have to extract their steganography version from any encrypted media to find the plain text they are demanding. I would guess that their hidden version would be easily ID within a data stream, especially if the 2 separate messages were intertwined by a security service known method.

I can see it now: red light for US, green light for UK, blue light for RU (or KMart) and it could be broken down thru the spectrum so that every one gets something.

Of course with a 2 pass encryption you don't need to embed the two passes together, you can just split them at the backend backbone with one going right to Bluffdale. The sender might not ever notice because how many could on-the-fly calculate the true size of any encrypted stream to determine what is in it? Sort of like making a PDF from a RTF file, the size varies in how you do it. It could easily be used to hide the split.

Petre Peter July 30, 2019 9:46 AM

We are powerless without why. Jon Callas does a great job explaining the why in terms of technology and trust. I am also wondering about why surveillance is so important for governments. Is to protect citizens or to protect themselves by finding out who is against them?

Clive RobinsonJuly 30, 2019 10:55 AM

@ ,

The main problem I see with steganography is that you need lots of hay(stacks) to hide your needles.

It does not need to be stenography, but you are on the right lines.

As per normal we get a hackned SigInt Agency argument that Jon Callas rightly pulls up,

    “We also need to be very careful not to take any component or proposal and claim that it proves that the problem [of exceptional access] is either totally solved or totally insoluble.

It is factually incorrect and the two GCHQ personnel are either liars or idiots, possibly both.

If you turn the argument around you get two states on a spectrum to be considered,

1) totally solved.
2) totally insoluble.

Which incorrectly makes people think that one is the opposit of the other. That is one must be true and the other must be false. It is actually not the case.

For "exceptional access" to work it is predicated on one of two things being true,

1, Breaking the security mechanism between the security end points.
2, Reaching around the security end points.

In most cases it's generally accepted that fundemental algorithms are sufficiently proof to "Breaking". Which is why all the nonsense about "backdooring" such protocols is talked about.

Secondly is a very big and incorrect assumption which is that SigInt "Eve" can reach around the security end points of Alice and Bob. Importantly this is only true when the communications end point Eve has can be extended to reach around Alice or Bob's security end point.

Thus you get the interesting chain of logic for exceptional access. For it to be true then the following has to be true,

1, Eve can break the security mechanism.
2, If not (1) Eve must be able to reach around the securiry endpoint.
3, For (2) to be true Eve must be able to stop Alice and Bob extending their security end points beyond Eve's communications end points.

And it's point (1) and (3) which are very asymetrically in favour of Alice and Bob.

There are certain security algorithms that have a security proof. Not that they can not be broken but that because all mesages are equiprobable all messages of the same length or shorter are just as likely so as an attacker you have no clue as to which is the real message.

That is you can fairly easily make (1) FALSE. Which leaves problem (3) that is what makes it hard or easy for either Eve or Alice and Bob.

Currently as long as the security end point stays on the communications device that can be trivially put under Eve's control, then Alice and Bob have an insurmountable problem. Because Eve will be able to "reach around to the plaintext".

But what is Alice and Bob can take their security end point off of the communications end point and beyond Eve's reach from the communications channel?

Well the insurmountable problem then becomes Eve's not Alice and Bob's...

Which is not what either the SigInt agencies or Law Enforcment in particular want you to think about, even though it has been wildly known during WWII and very much in the public domain in the 1970's to early 1980's...

What Alice and Bob do is use any messaging app as though it was an open broadcast channel, that is any data in the communications channel is treated as available to all. Thus Alice and Bob need to use a method to make the visable data meaningless at all points between their security end points. That is they pre-encrypt the information securely into meaningless data prior to the communications device. That is "off line encryption" in the old sense.

Back in WWII SOE agents encrypted their information via pencil and paper. They would then give only the encrypted message to the radio operator to transmit.

In the same way Alice and Bob can encrypt their information with a secure pencil and paper cipher at which point the information is protected irrespective of the real or imagined messaging app security (which is now irrelevant).

Eve can still go after Alice and Bob's traffic, but it's become an "Operational Security" (OpSec) issue for Alice and Bob not a "Communications security" (CommSec) issue.

From Eve's point of view this is an unmitigating disaster. Because whilst end run attacks around the security endpoints is very very easy with messaging apps running on the communications end point, it requires considerable "Human resources" when going against security end points that have to be found by Eve's hands.

Whilst OpSec is hard for most people, it is with practice well within the average persons ability. CommSec is however very different it's not just hard but impossible for most people as there are so many channels that can be invisibly exploted by SigInt agencies.

The whole point behind these "backdoor" "going dark" arguments is that they are in effect lies. The agenda that is being pushed is unlimited mass surveillance on every citizen at all times 24 by 365.25 for as long as they shall live, if not longer.

What it is not about is all the faux arguments about "super criminals" and "super terrorists" or any other "think of the children" emorive arguments.

In short because Law Enforcment already have no trouble investigating such people irrespective of if they use encryption or not.

For those that want to know more about this subject there are a number of written histories about cold way espionage in the 1950's through 80's and the one thing they all have in common with one exception, is they were caught not by ComnSec failings but OpSec failings and the human rrsources of the "Home Security Services".

The exception was "project VENONA" where OTP pages were "reused" by Soviet personnel,

https://en.m.wikipedia.org/wiki/Venona_project.

parabarbarianJuly 30, 2019 11:26 AM

@ schmoo1

"Big Tech opposes these backdoors because they know they will result in a mass migration away from their platforms."

I doubt a mandated backdoor would cause a mass migration away from commercial software/hardware. That would be nice but I don't see it happening. How many IT professionals have an Alexa or similar listening device in their homes or on their phones? They probably know it is a practically made-to-order surveillance tool but take an I-have-nothing-to-hide (but my head in the sand) approach because it is convenient.

wiredogJuly 30, 2019 11:53 AM

Clive,
VENONA was an OpSec failure, as not ever reusing a one-time pad is an operational security measure. When I was taught how to use one-time pads at Ft. Gordon Ga back in 85 that was beaten into our skulls.

re: Steganography. There are lots of libraries out there for it. Depending on the size and type of message you don't need much of a haystack to hide it. A fairly large ASCII text message can be hidden in a fairly small jpeg. Lots of unnecessary bits in a jpeg.

MeJuly 30, 2019 12:58 PM

@wiredog

But then you need to hide your jpeg in a haystack of jpegs, and where are you going to find that?

www.imgur.com

Oh, yeah I suppose there is that.

AlejandroJuly 30, 2019 1:04 PM

Over the weekend, Dosch brought up Facebook's new on-device content moderation system for WhatsApp, ETC. in which all encryption/de-cryption will be done on the device itself via the app; then an un-encrypted/de-crypted copy forwarded to FB. And thus FB and the government have total access to device content. It's the ultimate invisible, always on, backdoor.

The end result is un-encrypted content will not be accessible to anyone except FB and the user/s. Theoretically.

That sure sounds like how an additional built in user would work as described by the Brits. And, it's non-selectively on 24/7, too.

From Forbes:

https://www.forbes.com/sites/kalevleetaru/2019/07/26/the-encryption-debate-is-over-dead-at-the-hands-of-facebook/

I have to wonder why FB waited this long to thoroughly corrupt WhatsApp. There is nothing to stop them at all from using their new system that I am aware of. Indeed, the new system may have been designed with assistance of some govt. agency.

I think they are using it already. It wouldn't be the first time something like this happened.

Sed Contra July 30, 2019 1:50 PM

It’s apparent from comments here and on other of the threads that backdoors, some commercial, already exist. The arguments pointing out the consequences and dangers of backdoors apply to existing systems. Resisting state intrusion as here is then not enough; commerce has to be resisted too, with the same firmness. Offline encryption is one side’s step up in the arms race. What will be the opponents’ responses ? They will have to be something like 1984’s mandatory BB-TV in every room. How long will it be legal to cancel FB, G, throw my smart TV, Alexa etc. in the trash ?

twka90July 30, 2019 1:51 PM

This guy https://www.forbes.com/sites/kalevleetaru/2019/07/26/the-encryption-debate-is-over-dead-at-the-hands-of-facebook/#64286a953626 is right -- FB will build a snooping filter that phones home right into its messaging clients, and then legislators will say "That's a grand idea!", and mandate the tech for all messaging at OS level (CALEA, anyone?). And that would be the practical end of privacy for the 99% who are not willing to deal with marginalized secure implementations.

Ricky JohnsonJuly 30, 2019 4:21 PM

Hi, I’m sorry to interrupt this topic but I am not sure where to start a blog or if I even can start a blog about a topic. I am in need of some help as soon as possible with someone electronically harassing me and my family. There is an awful lot of stuff that’s went on and I’d just like to get some assistance and knowledge. I’m told there’s something about graphql/GitHub algorithms that have been put on me and my home. There’s cryptography,sonar & v2k things occurring. I’d like to learn how all that is done. I heard they stream my home and lifestyle also. There’s supposedly websites that have me on it that i cannot get on and I need a certain manuscript (helmans I think)I have bought a trifield gauss meter and was told I need a fence alarm and a lawyer. Also people have called me a “gwart” and want to know what that is.when I try and talk to people they act like they know nothing of it or act like there’s some big secret they can’t tell me. I know that they know things because they verify it by talking under their breath and they drop hints to me. This happens at work also. I heard they have put a “finger cap and thinker cap on me also. I will do what I have to do to make sure my family can be safe and not have problems like we’ve had for years. There’s much more I’d really appreciate if someone would please message me for assistance. Again, I’m sorry that I interrupted this conversation but I’m out of options. Thanks for reading this. ~Ricky~

TõnisJuly 30, 2019 4:26 PM

We, the people, do not even need to reach the question whether or not backdoor technology can be made to work. The answer is just no. Government does not deserve access in any case. The request is DENIED. SO ORDERED.

Clive RobinsonJuly 30, 2019 4:50 PM

@ Wiredog,

VENONA was an OpSec failure, as not ever reusing a one-time pad is an operational security measure.

I guess it's down to the definations you use. But what I was taught when wearing the green and later is, "If you as an operator screw up" then it's an OpSec failure. However when it's an upstream failure of communications over which you as an operator have absolutely no control or even knowledge then it is a CommSec failure.

In the Russian case the operators had no knowledge it was happening as it was a KeyGen failure due to poor KeyMan proces control that "double" issued OTP sheet KeyMat. Worse it was a known issue by those doing the KeyMan, because as we now know the Russian's decided to "take the risk" by sending the doubled up OTP sheet KeyMat to wildly different locations.

As people have found out over the years OTP KeyMan is a nightmare at the best of times. Which is maybe why it's use is very limited these days. The last Time I had "training" on pad use, it was for emergency use over the EOW for re-key after bug-out or other CommCen failure such as power outage.

Back in the good old days of last century BID kit used blue punch paper tape for KeyFill as it was easy to use and very easy to destroy. The hard part was lugging the safe around, hence other KeyFill methods were looked at. But... the intro of FillGuns was begining to cause issues, because it was found that destruction of data held in silicon is actually a lot harder than "pulling the power" etc. Thus FillGuns unlike the crypto safe did not stay with the crypto kit, thus power fail or bug out could easily result in a ComCen ready to go except no KeyMat...

The Quantum Computer issue has caused some people to rethink how they do KeyMan yet again... If more recent history continues the way it has, then how we do KeyMan on the technical side is going to change every couple of decades.

TõnisJuly 30, 2019 5:32 PM

What is wrong with all these people hashing this stuff over and over?!? On and on about how it's not possible or it is possible. It's like they can't reach concepts on a higher level and continue to pay lip service: "We would if we could, but it's just not possible..." :rollseyes: Grow a pair and just tell governments NO! Governments just can't have everything they want or demand. They're having trouble "investigating" or "solving" crimes? I DON'T CARE!!!

TimoronJuly 30, 2019 5:55 PM

I was able to get some reasonable proof to back my case when I had issues with my wife, and they helped me with some evidence which I used in court.
So big thanks to whoever recommended this team on this platform because they have done a good help I filed for divorce and I accepted we were never meant to be.
The best decision I ever made was to hire cybergeek they are very reliable and affordable as well. Get in touch with them at cybergeek2050 [at]gmail _ com

TõnisJuly 30, 2019 5:58 PM

The Lawfare article guy says it pretty well --

"As we have seen from numerous accounts, law enforcement authorities already have access today to unencrypted data. Keyloggers and other malware can be surreptitiously placed on devices of targeted individuals, and tools exist to crack open locked mobile phones. These means of access can be resource intensive, but that is a desirable property. The plea to mandate exceptional access technology is an attempt to remove these resource constraints and enable simple, economical, push-button access. But whether they recognize such or not, what officials are seeking when they call for easier access is mass-surveillance capabilities. This may not be their intent, but if it is easy and inexpensive to surveil one individual, then surveilling many is affordable and manageable, and the temptation will be great.

"Americans should have an unfettered right to protect their own data, vendors should have the right to provide law-abiding citizens with tools and services to support their rights, and law enforcement authorities should have to expend resources when they are authorized to attempt to circumvent these protections. Make no mistake: Even if it could be built, 'responsible' law enforcement access technology is not responsible at all." [emphasis mine]

https://www.lawfareblog.com/what-if-responsible-encryption-back-doors-were-possible

-- but take it a step further: it is their intent. And even if by some miracle it isn't, they have proven over and over that they don't deserve the benefit of the doubt. Tell them no and be done with it!

John SmithJuly 30, 2019 8:20 PM

from Sed Contra:

"How long will it be legal to cancel FB, G, throw my smart TV, Alexa etc. in the trash ?"

How long will it stay legal to use VPNs? How long before you need a Government license to use VPN technology, and only then a State-approved backdoored version?

Jonathan WilsonJuly 31, 2019 7:33 AM

Someone needs to build (or adapt from existing pieces) a secure communications system that has multiple open source independent implementations (hosted widely enough that no one government entity or bad actor can either compromise them or force the repository owners to implement backdoors) and that is not reliant on any central piece of infrastructure or server. Build something specifically with the goal of being as hard as possible for even a nation state actor (using whatever means they might use) to gain any kind of backdoor access to.

Clive RobinsonJuly 31, 2019 8:20 AM

@ Jonathan Wilson,

Someone needs to build (or adapt from existing pieces) a secure communications system

It's already been done a number of times.

One of the best examples is "Tin foil Chat" designed and built by Markus Ottela when at the University of Helsinki, Finland.

It was talked about on this blog as it was developed,

https://github.com/maqp/tfc/blob/master/README.md

Importantly it does not suffer the major failing of all the major "Secure Messenger Apps" --which makes them insecure-- in that it correctly addresses "end point security".

The problem is that users are lazy, and convenience driven, so will not use secure endpoint security...

Which is why the likes of the current US Attorney General (W.Barr) who by his deeds and writings very obviously wants the US to be a Police State is going to get mass surveillance on not just the US Civilian Population but most other Civilian Populations in the world.

JOsephAugust 1, 2019 1:46 AM

@Me wrote, "But then you need to hide your jpeg in a haystack of jpegs, and where are you going to find that?"

I think what many may want to consider is that you also need to hide yourself in a haystack.

The surveillance purpose of endpoints versus transit is really a two-dimensional view port from the perspective of the watchers. Many consider their "end point" equivocally secure, as in living in the confines of a home's comfort.

However, a modern day computer "end point" is what really amounts to the OS you have installed on it. These OSes are much like the Alexa's of the world, as they have voice recognition components in of themselves plus additional bells and whistles. It's already been reported that Win10 watches your keystrokes as much as Alexa listens to your private conversations.

So not only must your "message" hide whin a haystack, you must also hide your "end point" in a haystack of similar fashion. This is better visualized not leaving behind any foot prints much less a foot to set them.

JosephAugust 1, 2019 2:04 AM

@schmoo1 wrote, "Big Tech opposes these backdoors because they know they will result in a mass migration away from their platforms. Only schmoos would continue to use Facebook, Google etc. Frankly, I see that kind of result as a good thing."

While it isn't impossible to come up with a system with aforementioned features, it is close to impossible to merge those changes into an existing mass infrastructure. Thus, as they authors (whose names strike resemblences to our blog co-hosts) may have successfully prototyped it in a lab environment, getting any big tech to adapt their existing systems may be the bigger challenge. This was the reason given by the article author as I understand it. However, he does not get into furthur specifics of why he predicted failure which made his arguments less convincing for the layman.

The Big Techs knows that the most effective mass surveillance is one in which the participants were placed into a false sense of security.

JonKnowsNothingAugust 1, 2019 6:52 AM

re: hide your jpeg in a haystack of jpegs

Nearly everyone uploads stuff, some more than others. Haystacks of Jpegs abound in Google, FB, Snapchat and more.

There are so many Haystacks of Jpegs that these companies own (because when you upload the image you give them ownership of that image)that they are assisting in a new project of detailed digital graphics ID.

iirc/maybe

The entire trove of images will be correlated based on their GPS Geo Location embedded in the picture sorting all the pictures into specific locations.

Then these batches will be analyzed and catalogued for every tiny detail. Such as location of buildings, trees, potted plants etc. This will give a detailed view of what is there or nearby.

Next those details will be used to GeoTag pictures that have no Geo Location attached to them. Like Face Recognition but for pictures.

No picture can or will be anonymous or location hidden. Endangered species pictures will be easily ID as well as Endangered humans. Pictures will be able to be located anywhere they are taken, with or without the GeoTag.

Adding to this:

Another GeoTagging operation which was originally aimed at assisting refugees and displaced persons living in camps (concentration or other) where frequent relocations inside the camps are common.

The difficulty was to find APERSON inside the camps to render assistance with whatever they needed assistance for. So, the project used a grid of small triangles to cross hatch and overlay a geographic map of the camp. Rendering every spot inside with a 3-part ID. (eg a person lives at Sunflower line x Rose line x Lion line).

This micro GeoTagging has its use in other ways too. STINGRAY and IMSI-Catchers work on your cell signals but Micro GeoTagging can be applied to an individual.

In some parts of the US, Fire Depts require detailed floor plans and blue prints. Of course this is to help them find the Fire Exits which might be blocked during an emergency. But those maps and details are on file in cities and counties. Public Access.

Add that in and you can envision that there are not only enough haystacks to go around, but every part of every haystack has a GeoTag Recognition ID.

Matched with Face Recognition applied to the JPEG Stacks and Bob's Your Uncle.

ResquiredAugust 1, 2019 3:33 PM

SOTx

I am not formally educated specifically to speculate about how adding (or removing or modifying) ports or communications channels within an operating system or device affects security.

However, the following text pretty much sums up my kinds of concerns very concisely and precisely:

(The following text is quoted from elsewhere:)


25. Posted by at0micandy on
5 Apr 2019 11:25
i was once responsible for designing and installing the computer networks for civil UK Nuclear Power Stations. I ensured they were air gapped from the internet, they were impossible to hack. Back then they were in UK hands. Now they are not and they are not air gapped and that concerns me greatly.

(End of quoted text.)

This is no time (of the past 1000 years) to be messing around with finance or influence gains or games. Our entire existence is literally at stake. Meanwhile, there are several other current existential threats to this entire planet; important resources of all types misdirected away from their needed recipients towards ridiculous sideshow distractions amplifies both the risks and the possible damages.

No person nor group is unaffected. All claims to the contrary are simply not up to date or simply not realistic. Attitudes and behaviors that undermine diplomacy and safety (and those items which they both depend upon) are worse than criminally reckless.

In my opinion, much of the world's recent damages are so specific and suspicous that actual suicide murder genocide cults are implied to be at work. It's not even a choice any more to attempt to block such insanity; it's an obligation of survival.

Even though the quoted text above is old, I'm skeptical that the situation mentioned is at all unique or obsolete.

EOTx

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Sidebar photo of Bruce Schneier by Joe MacInnis.