In regular intervals, Politicians demand that companies add backdoors to their end-to-end encrypted cloud services to enable law enforcements to easier persecute criminals. This demand ignores that any backdoor to encryption poses a severe threat to online security in general. This post explains why a backdoor is – and will always be – a stupid idea.
Politicians keep demanding backdoors to encryption
The governments of the United States, United Kingdom, Canada, Australia and New Zealand (also know as Five Eyes) have made it clear that they plan to force technology providers based in their countries to enable lawful access to users’ encrypted communications.
This comes as yet another demand for backdoors in the ongoing ‘Crypto War‘ where Politicians say that they need backdoors for law enforcements to do their job, and security experts argue that building a backdoor would be easy, but securing it would be impossible.
Or, as Bruce Schneier puts it: “We’re not being asked to choose between security and privacy. We’re being asked to choose between less security and more security.”
Encryption keeps us safe from a wide range of threats
With their demand to backdoor encryption, Politicians want to defend us against one threat – criminals, including terrorists – while disregarding an entire range of threats that encryption protects us from: End-to-end encryption protects our data and communication against eavesdroppers such as hackers, foreign governments, and terrorists.
Without it, dissidents in China would not be able to communicate online without facing arrest. Journalists would not be able to securely communicate with whistleblowers, human rights activists (NGOs) would not be able to do their work in repressive countries, lawyers and doctors would not be able to confidentially communicate with their clients.
You would not be able to have private conversation online with anyone.
Zach Weinersmith has made an awesome comic, showing what it would mean to have government backdoors:
A backdoor is by definition a vulnerability
It is impossible to build a backdoor that only the ‘good guys’ can access. If the FBI can copy your emails or get access to your computer’s hard drive, so can criminals, terrorists, and other governments.
Back in 2009, for instance, China breached a Google database through a backdoor meant to only provide access for the U.S. government. This sensitive database contained years’ worth of information about U.S. surveillance targets.
Cryptography experts jointly disapprove of backdoors
Should governments be granted access to encrypted data via a backdoor, this, according to cryptography experts like Matthew Green and Bruce Schneier, would equate to mandating insecurity:
Exceptional access would force Internet system developers to reverse forward secrecy design practices that seek to minimize the impact on user privacy when systems are breached. The complexity of today’s Internet environment, with millions of apps and globally connected services, means that new law enforcement requirements are likely to introduce unanticipated, hard to detect security flaws. Beyond these and other technical vulnerabilities, the prospect of globally deployed exceptional access systems raises difficult problems about how such an environment would be governed and how to ensure that such systems would respect human rights and the rule of law.
Building a backdoor is easy – securing it is impossible
To shine some light on why a backdoor would have such an devastating effect on the Internet, imagine the following:
If a tech company implemented a backdoor, they would need access to their users’ private keys in order to being able to decrypt the data upon request. This would mean they had to store all private keys of all users in a highly secured vault, only accessible by highly trusted employees.
Whenever law enforcements issue a warrant for one of those keys, one highly trusted employee would have to open the vault, retrieve the required key, and transmit it – securely! – to the law enforcement agency.
Now, to make this picture a little more disturbing: For a big tech company, this would mean thousands of requests per day from thousands of different law enforcements agencies.
For any tech company, it would be impossible to protect this vault against incompetence and mistakes. In addition, if a tech company created such a vault where all private keys are stored, this would become a highly attractive platform for any malicious attacker on the Internet, even powerful state actors.
With data breaches around the world becoming more sophisticated, it is obvious that it will be impossible to defend this vault against deliberate attacks, and this is exactly why a private key must remain locally with the user and must never be stored on a central server.
A private conversation would only be possible offline
When Politicians ask for an easy backdoor access to online communication, they also ignore that total surveillance was never an option in the offline world: It is not illegal to lock ones door. It is not illegal to whisper. It is not illegal to walk out of sight of a CCTV camera.
Of course, it is a hassle to law enforcements that some encryption can’t be broken for them, just like it is a hassle to law enforcements that we don’t have the telescreens from the dystopian novel ‘1984’ installed in our bedrooms.
This is something law enforcements have to put up with in order for all of us to enjoy the freedom of a democracy, instead of living in a surveillance state.
If privacy is outlawed, only outlaws will have privacy
Once and for all, we have to understand that outlawing encryption in online services will not help to better persecute criminals. Instead, they will build their own encrypted tools, making it even harder for law enforcements to keep track.
Phil Zimmernmann’s prominent quote still stands: “If privacy is outlawed, only outlaws will have privacy.”