Split Key Cryptography is Back… Again – Why Government Back Doors Don’t Work

Posted on Dec 5, 2018 by Derek Zimmer

Governments in the 5 eyes surveillance alliance have been relentlessly lobbying for the power to force companies to back door their encrypted data. Every year, a new proposal comes through which is a slight revision to the same-old argument. “We need to unrestricted access to X in order to protect Y.” Sometimes it is “because terrorism!” Sometimes it is “because sex-trafficking!” Sometimes it is “child pornography!” These arguments are an attempt to try to make the idea of the total loss of privacy easier to stomach. You will hear arguments that “a total loss of privacy” is hyperbole, but it isn’t on a fundamental, technical level.

This time, it is the UK and Australia that are pushing for encrypted data access.

Let’s cover some history of attempts to regulate cryptography and why they’ve failed, and then apply that knowledge to the current situation. This will help us understand why cryptographers around the world are universally against this kind of scheme.

Cryptography Regulation (United States) EXPORT Ciphers

During the Cold War, the U.S. decided to regulate the strength of cryptography that could be used by countries that the U.S. considers a threat. They only allowed encryption that was “export approved” to be shipped to those countries. These ciphers had shorter key lengths or general weaknesses that gave surreptitious access to anyone with the know-how and computing power to break it. In practice this created multiple serious problems, and solved none of the problems that it aimed to actually solve.

1. Enforcement Problems – Bad guys still use real encryption. When getting access to real encryption is as easy as downloading a version of the software that is for US citizens, it is easy to see how restricting access to the software is difficult. Even further, encryption is a marriage of some rather simple math and computing principles. Even if we were able to restrict access to real cryptography and only gave adversaries access to weakened encryption, they can build their own cryptosystems. Some modern implementations can be done with less than 1000 lines of code.

2. Economic Impact – The US had a technological advantage when this idea was implemented, making this idea more tenable. The Internet was largely controlled by US companies and manufacturing of both hardware and software were largely US endeavors. This is no longer the case. By regulating back doors into equipment and software, you are simply telling companies to shop elsewhere.

3. Security Impact – The creation of EXPORT grade ciphers led to software that would support both regular cryptography and weakened cryptography in order to support legacy systems, which persisted long after governments decided that regulating crypto was a bad idea and dialed back their rules. Not only did this lead to users making mistakes that led to them using cryptography that was breakable, but it led to more widespread problems. The OpenSSL Logjam vulnerability in 2015 found a bug that could force users to connect to servers using old EXPORT grade ciphers, which had not aged well. This led to over 46,000 websites being vulnerable to eavesdropping or full takeover (whichever the attacker chose). This shows that these bad ideas can have consequences long after governments learn their lesson and repeal their legislated back doors.

Cryptography Hardware Regulation (United States) The Clipper Chip

In the United States in the 1990’s, seeing that the export control of cryptography was failing, attempted to turn to hardware solutions to the problem. The telecom industry was going wireless, and needed encryption to prevent anyone, anywhere from tapping into their phone calls and text messages. The proposed solution introduced a novel concept, that we keep seeing resurface, called  Key Escrow). The idea was that you would have encrypted communications that would be safe from general eavesdropping, but the communications would be encrypted with two keys (or in this case, a very strong hint that allows you to find the key easily). One would be decrypted by your telecom provider or the person on the other end of your communications, the other would be held by the government, so they could wiretap you. They developed hardware, called the Clipper Chip, that would be integrated into every communications device.

There’s some obvious problems here. Who decides who gets access to that special key? What happens if that special skeleton key leaks? How do you determine that this power will be used ethically? How is abuse prevented?

Fortunately for the world, the entire scheme broke down rather quickly when Dr Matt Blaze showed that the LEAF component of the clipper chip (the Law Enforcement Access part of the key) was too weak to protect the data in any meaningful way. This meant that users could use the Clipper Chip to encrypt their communications without the back door.

2018 – “Hey, this has only failed ten times. Let’s try again!”

You see the same techniques being used to push this legislation as in the past. The Australian government is proclaiming a critical need to get access to everyone’s messages in order to prevent terrorism “over the Christmas season,” and declaring anyone who opposes the law as irresponsible or “creating havens for terrorists.” (Do you see how the lobbyists for surveillance insert as much emotion as possible? This is because they have a garbage policy, they know it’s bad, and they are trying to rush it through without anyone thinking rationally about the law or the serious consequences for Australia. Never mind that Australia has had a total of 13 fatalities from terrorism in the last 30 years.)

The new proposal touted by the NSA, GCHQ, The Australian government and others is a simple evolution of Key Escrow. The proposal is key escrow with split-key cryptography, which is just key escrow with extra steps. There is still a “Golden Key” that can decrypt all messages from a particular service, but this time, two or more entities have pieces of that key. The concept, popularized by a Microsoft researcher, is said to solve the problem of abuse, because all parties have to agree to decrypt the messages.

There’s a huge number of problems with this, including all of the old ones. How do you determine that spies don’t have access to the full keys? How do you prevent those keys from leaking? How do you account for the security weaknesses introduced by making the code far more complex? Are the mathematics of the key pieces themselves sound? Or can a motivated person find the pieces far more easily than trying to brute force the entire key?

So we KNOW that Australia WILL

  1. Damage it’s own economy.
  2. Decrease the digital security of its citizens.
  3. Not prevent strong encryption from being used.
  4. Open up their populace to rampant abuse.
  5. Encourage other countries (more authoritarian ones) to follow on with their policies for more nefarious reasons.
  6. Waste huge sums of money implementing this.

all to fail to solve a non-problem if they adopt this horrible legislation.