Attack the client instead
Let’s attack the client instead. This is an idea put forward as “capturing the information law enforcement wants”, without “breaking encryption”.
There are two common scenarios put forward under this heading. They include capturing screenshots or keystrokes, either by planting malware on the target or one step back in the toolchain to force a vendor to craft a “one-off” firmware image for a smartphone or similar.
I strongly believe that both approaches should fail a reasonable “systemic weakness” test.
If an attack is made via malware, it is certain to be revealed at some point, putting people at risk far beyond a law enforcement agency’s investigation.
The same, I would argue, applies to creating a firmware update specific to an investigation. At the very least, the difference between two firmware versions is detectable, and if the “evil” firmware ends up in the hands of someone with advanced skills and evil intent, it will certainly be analysed.
“Virtual crocodile clip”
A favourite of Britain’s General Communications Headquarters (GCHQ) is to be “silently” added to an encrypted chat. In other words, rather than breaking the cipher, the law enforcement official is added to an encrypted chat, without alerting the users.
National Cyber Security Centre technical director Ian Levy, and Technical Director for Cryptanalysis at GCHQ, Crispin Robinson, explained their thinking in this essay at the Lawfare blog.
“The proposal offer looks safe, doesn’t it? For example, it doesn’t involve altering code on an end user’s device, where it’s bound to be noticed. Instead, the spies get silently added to the conversation. That is, they’re added to the group chat, complete with proper authentication, and their participation in the chat is also encrypted.”
Because the “exploit” is held by the provider – a telecommunications carrier for example – it’s not likely to escape.
We have evidence that carriers have been subverted in the past, however, most notably in the ways Signalling System 7 (SS7) has been attacked over the years. Carriers always assumed the SS7 network was immune to an attack because all its connections were “in the club”, so to speak.
Some carriers, it turned out, were less trustworthy than others, and SS7 attacks went from theoretical to exploit last year, when hackers started emptying the bank accounts of customers of German telco O2.
The idea also compromises one of the foundations of online safety – that we can reliably authenticate who we’re talking to.
And as far as the minimal protections offered in the legislation reach, destroying users’ ability to trust that they know who they’re speaking with, is surely a “systemic” weakness.
Encryption is more than a cipher
I can’t emphasise enough that there’s a reason politicians and law enforcement seek the narrowest possible definition of “breaking encryption” in the public debate, while leaving their legislative definitions as loose as possible. They wish to wave away concerns about the legislation by saying things like “we’re not inserting backdoors into encryption”.
Encryption is, however, a system of which the cipher is only one part. Authentication and key management are of equal importance, and undermining those is most emphatically a backdoor.
As I hope I’ve demonstrated, Australia will potentially suffer dire social and economic consequences, for laws that cannot achieve their stated outcomes. I’m not alone in my concern, the Commuications Alliance, Australia’s peak telco industry body, along with a range of other industry associations, is holding a forum on the “Assistance and Access Act 2018 (Encryption Bill)” in early February 2019.