It really is amazing to me that anyone thinks it's reasonable policy to ban end-to-end encryption. For the sake of national security, I would want to strengthen the security of digital data, not weaken it.
As far as I understood, the problem stems from the Crypto AG era. Governments are addicted to be able to listen to communications of everyone and don't want to lose their toys.
Also, EU is far more advanced in terms of invisible security so, they don't want to lose the tools which enable them to do it.
We need to re-think security and people are lazy about it because, it's hard.
Edit: My English gets a hit when I'm low on caffeine, hmm...
Disclaimer: This is my experience from many short travels to EU countries and having a lot of friends due to job network (my work promotes a lot of friendly work connections from many EU countries. As a whole, we work hard, we play hard).
Europe has a philosophy of "feeling peaceful". Police, intelligence, surveillance, etc. is not done openly, on your face. Instead it flows just beneath the surface.
There are a lot of civilian officers around and police officers are not very visible. Same for borders and higher security places like airports.
If there's something suspicious happening, the concentration is increased invisibly. If something really happens, the area is silently surrounded like a python death hugs its prey, and it's over.
This is possible with intelligence and surveillance, communications sniffing, etc. If you increase encryption, there's a risk of blinding security services. You may need more overt operations are much more manpower to keep tabs on everything.
I'm an encryption proponent. I support it with all my being. Also, I'm aware that being able to see everything can and is being abused.
However, I need to be a realist here: We're addressing the wrong problem here. Is encryption required? Undebatably yes. Do everyone has a right to privacy? Undebatably yes. Do we want to be secure and need security services? Possibly yes.
So, we need to solve the problem of security with the presence of encryption. I.E. Security in a past-encryption era. The no-encryption ship has sailed. Trying to bring it back with the force of law is a last ditch effort. We need another solution to allow security services to their job with the presence of encryption, and without weakening it.
I do not accept someone can just read my office messages or conversations with my family just because somebody may be trying to make a bomb or planning an uprising.
You claim that somebody thinks it is reasonable policy to ban e2ee. Who is that exactly?
Consider this section from the resolution:
Striking a right balance
The principle of security through encryption and security despite encryption must be upheld in its entirety. The European Union continues to support strong encryption. Encryption is an anchor of confidence in digitalisation and in protection of fundamental rights and should be promoted and developed.
Protecting the privacy and security of communications through encryption and at the same time upholding the possibility for competent authorities in the area of security and criminal justice to lawfully access relevant data for legitimate, clearly defined purposes in fighting serious and/or organized crimes and terrorism, including in the digital world, and upholding the rule of law, are extremely important. Any actions taken have to balance these interests carefully against the principles of necessity, proportionality and subsidiarity.
Whoever wrote: "at the same time upholding the possibility for competent authorities in the area of security and criminal justice to lawfully access relevant data for legitimate, clearly defined purposes in fighting serious and/or organized crimes and terrorism, including in the digital world, and upholding the rule of law, are extremely important".
Either said person doesn't understand end-to-end encryption, or they don't want end-to-end encryption but mere encryption, with keys shared here and there...
No the person you're responding to, but the OP article gives the impression.
Either way I don't understand how the text you pasted intends to "strike the balance" when e2ee is present. Either they're talking about backdoors or they're in fantasyland
They mention access to encrypted data severl times:
>Technical solutions for gaining access to encrypted data must comply with...
They do say:
>there should be no single prescribed technical solution to provide access to encrypted data.
But it's perfectly clear the assumption is that they intend law enforcement to have access to all encrypted data, given the various caveats about doing so legally.
They do mention privacy, but all that means is not making user data public. They make no mention of a right to maintain data private from the government or law enforcement.
Okay I understand the concern, but claiming that there is intent to hold keys to all e2ee is jumping to conclusions. Imagine if investigators could ask authorities for permission to retrieve screenshots from your mobile device if you are under investigation. There would be no need for access to keys.
I am not arguing that this is desirable, but I do acknowledge that investigators may need help to navigate modern technology.
From the same document. I do not see how this is technically possible.
> Technical solutions for gaining access to encrypted data must comply withthe principles of legality, transparency, necessity and proportionalityincluding protection of personal data by design and by default.
If focusing on e2ee I agree, but how about hardware and software supply chains? How much is your e2ee worth if you are up against Apple or Google? Perhaps nation states are simply looking for similar powers?
Exactly, and that only means that people behind anti-encryption regulations does not care about national security.
Or they are so painfully incompetent that they don't understand that it is much better if one cannot figure out that some military officer or energy sector/government employee has a lover since such person could be blackmailed by foreign intelligence.
Apparently they don't get that those pesky terrorists can encrypt message by themselves in thousands of ways. Internet is full of information how to do this.
Weakening the security of commercial communications and financial transactions would be a serious economic risk. National cyber security agencies should treat it as a primary responsibility to help businesses secure their communications in order to harden our economies from attack. They should be part of the solution, instead of intently beavering away at being part of the problem.
Yes, by giving the government access to one or both of the end devices. (Which is probably already a thing somewhere legally, and very likely is the factory state for some Android phones.)
Note that banning E2EE implies banning encrypted p2p communications entirely. E2EE is a concept that applies only to centralized comms providers where all messages go through a server.
Practically speaking, it's impossible to ban every encrypted protocol (TLS, SSH, ...). It's also (probably) impossible to ban IP communications that don't have an "approved server" participating.
However, comms providers / social networks to date at least manage, authenticate, and introduce users at the serverside. Fully distributed projects have problems with spam. So governments would have to ban comms providers from "allowing" their clients to talk to each other directly and not via the backend. That's a hefty technological restriction, which would block a wide range of protocols (webrtc/SIP, torrents, probably a bunch of other Very Important things I'm not thinking of right now).
I think you are underestimating the ability of organizations to keep important private keys private.
Some examples are the code signing keys of most major desktop and mobile operating system vendors, the package signing keys of major Linux distributions, the SSL private keys of most banks and major e-commerce sites, and the certificate signing keys of most SSL certificate issuers.
Yes, it is possible. You have to encrypt session key with government public key and include that encrypted data with your session. Government can decrypt that data with their private key. I think that's a pretty reasonable scheme as long as government private key managed by a competent organization (e.g. NSA). HSM makes it impossible to easily extract private key and military guard and other physical security measures makes it impossible to steal HSM.
You implement it by putting the key inside a box, and letting that box perform the decryption. No other services/ports allowed. (Except you have to have a way to get the public key out, and allow the box to generate a private key which means it needs entropy). You can pot the box in epoxy for additional security.
So now you have an ultra secure box. It’s like the unsinkable Titanic. Someone (somehow) copies the key, and proceeds to decrypt all your citizens’ communications, but you are 100% that hasn’t happened, because it is, after all, impossible.
Just like it was impossible for the Titanic to sink.
You could put a check on the government misusing their private key by having the government key distributed among several parties using a secret sharing system such as Shamir's that requires several parties to agree in order to use the government key.
Include privacy or civil rights civilian organizations among the shareholders, such as the ACLU, so that there is an outside check.
If you choose a sufficient and diverse enough set of shareholders, you can reduce the chances that someone could compromise or coerce enough of them to gain access to the government key to less than 1 in N, where N is arbitrarily large. Chose N so that this is less likely than simply brute forcing the key.
Even assuming purely good intentions, the government would want to use the key very often (hundreds or thousands of concurrent investigations) and in many large unrelated organizations (eg police + FBI + NSA + CIA + DOD + ...). It would be impractical to authorize each individual use, let alone authorize it by several parties each time.
Instead we'd see 'ongoing' authorizations on the level of an investigation, a person or team, or a whole sub-organization (modulo clearance / position in that organization). And so you'd have copies of the complete key going around.
The problem with E2E+G is not technical, it is political. It can be done in a way that it would only be practical for the government to use it rarely (E.g., [1]) and only for cases where there is a broad consensus that it is being used Constitutionally (or whatever is equivalent outside the US).
But getting Congress (or whatever is equivalent outside the US) to pass an E2E+G law that allows it to be done in such a way seems unlikely. They will go for a way that allows broad use.
[1] You could make it a per-device key, generated on the device itself. The device makes the Shamir secret sharing shares, encrypts them with the public keys of the shareholders, and periodically includes those includes those in the chat metadata.
To decrypt a chat, the government needs to record it, get the encrypted shares out of the chat metadata, get each shareholder to use that shareholder's private key to decrypt their share and then contribute that share for recovery of the actual chat key for that chat.
If they want to decrypt a chat from another device, they'd have to do that all over again for that device.
But I get it that law enforcement wants to be able to look into communications. Let's say they find a terrorist (I'm close to Brussels, so not a hypothetical scenario here). Best case you want to see which phones they have, and look into all their communication to get an idea about their contacts etc.
It's a very hard problem, and I'm not sure which one I would pick.
Look at the existing cases of terrorism. All of them used unencrypted forms of communication: shared Gmail account, phone calls, even good old SMS. The issue is not that police can't see what those people are doing, none of the perpretators are unknown; it's that they (and the judiciary branch) don't have enough resources to really tackle them.
I'm not exactly an expert on the issue, but I could imagine that they use sms because that's the only available form of communication on an anonymous $10 dumbphone, and any computer connected to the internet can connect to a webmail.
Listening to more communications is exactly a resource problem: it isn't exactly cheap to build and maintain the infrastructure to gather and analyze more. Moreover in the context of the link, while I'm not a fan of conversations being listened on by default, I certainly don't want resources be spent so that encryption can be reduced
Or perhaps you figure out why terrorism exists and work towards preventing it, instead of spying on your population and violating their rights “just in case”?
I think that todays terrorism is mainly state sponsored, terrorist organisation use different types of resentment when recruiting new members, however many of the terrorist organisations are funded by governments around the world, this is the modern form of covert warfare in the post cold war era.
What we have is that one government, lets call it the States of Merica, funds & trains freedom fighters in a country called Lyria. Sometime after this Lyria is thrown into huge & devastating civil war against the regime where the opposing terrorist forms a new entity, the Salami State.
The civil war results in massive refugee crisis. Refugees flees north into the big trade union called Äuropean Club, ÄC. ÄC happens to be allied with States of Merica. Terrorists from the Salami State infiltrates the refugees and travels to ÄC where they commit a horrific terrorist attack in the capital city of Sirap. President of the States of Merica is chocked by these horrible news and pledges to help it's friends in the ÄC.
This leads the ÄC to adopt surveillance measures to track any potential terrorist. To its help it uses the knowhow and infrastructure from their close friends States of Merica (obviously).
When the civil war in Lyria nears it end and the Salami State is almost defeated, suddenly the winning Lyrian regime commits a gas attack on innocent civilians in a Salami State stronghold. ÄC and States of Merica condemns the gas attack and bombs the Lyrian regime as punishment. The freedom fighters rejoice because they now can fight for freedom a few more years.
The Salami State still exists and continue to get help from somewhere, unknown by whom, and commits more terrorist attacks in ÄC, in cities like Ockholm and Womanchester, because ÄC still haven't fixed it's border problem, but coincidentally ÄC has instead developed an excellent surveillance program, which is if course needed when the border is wide opened to the Salami state, duh!
All this is of course highly speculative and shares no resemblance with the real world.
So yes, if we fix terrorism because of like uh poverty, it can probably be solved.
People are probably considering what you said an appeal to emotion, "Think of the terrorists!" being up there with "Think of the children!" in terms of excuses for misguided policies. Governments already have plenty of tools to track down and deal with terrorists if so they wished: a distressingly amount of planning and radicalization is done over clear text in social media, and even in E2EE there's a wealth of necessarily unencrypted metadata you can make use of.
