Cryptography Weakening: A Tale of the Law-abiding Criminal
The EU Council says backdoor and security are compatible. The idea is fundamentally flawed.
It is not the first and probably not the last time that the right to privacy and the fight against crime and terrorism face each other in the world political arena. Various means of encryption play an essential role in both. A non-public draft of the Council of the European Union was published by a law enforcement organization called Statewatch. Based on the document’s content, the European Union is preparing to adopt regulations that would allow law enforcement agencies access to material encrypted by criminal groups. The United States, during the Trump era, also represented this direction, and the new presidential administration composition does not foresee any change in this regard. The goal is undeniably positive. Despite big technology and advocacy organizations are protesting. But why? The answer is simple: you can not have your cake and eat it.
The point of secrecy and confidentiality is the same in virtual and real life. What only one person knows is a secret. What more than one person knows is not a secret. Encryption algorithms grant confidentiality and privacy in the virtual world. If someone can access data despite being encrypted due to encryption weakening or backdoor installation, secrets are not secrets anymore. Access to secrets can have compelling public interest. For instance, the fight against terrorism, cybercrime, or the spread of child pornography. However, we must ask the following questions: to what extent can weakening encryption serve the purposes of the fight against terrorism and other criminals? Should we pay, and if so, what price to achieve that goal? Are these two goals proportional to each other? Is privacy or terrorism threatened more by weakening the encryption? Do we not already have the methods to deal effectively with the problem on either the technological or legal front? Before answering these questions, it must be stated that the European Union’s draft, which has now been revealed, emphasizes the importance of robust encryption methods. Although, it is difficult to put this draft into practice without weakening the encryption. The reason is the fact that end-to-end encryption software such as Signal, recommended by Elon Musk, or Telegram, provides messages unencrypted at only the two endpoints while data is transmitted encrypted over the internet.
The methodological part is unclear in the EU draft. It is not an accident, even if the Council is currently only drafting the directive that can explain it. However, there could be two directions that are certainly conceivable. Let’s see these methods of cryptography weakening and the practical consequences they would be.
One possible solution to weakening the cryptography is to make the algorithm fragile for only notable organizations, such as police or secret services. Any actors who know the weak point of the encryption algorithm can break it. Of course, the extent of weakening should be as small as that exploitation requires a significant amount of resources available only to a state body. However, several state bodies and huge companies may have enough resources to break the encryption, so the secrets of a citizen are vulnerable to many foreign countries and large firms.
Another possible solution is to use a kind of master key that carries a much higher risk than the previous one. In this case, anybody could decrypt the encrypted data even with modest resources. The situation is very similar to that in the story of Achilles, one of the best-known figures in ancient Greek mythology. He was invulnerable in all of his body, except for one heel. Anyone who knows the weak point of the warrior can overcome it. In this case, anyone who knows the key can break the encryption. If these keys were compromised, there is no need to possess nation-state-level technical or financial conditions for decryption. The consequences are unthinkable. Using a backdoor technique would cause the same problem. If an unauthorized party knows how to use the backdoor, it can easily decrypt the encrypted content. An essential difference from Achilles’ story is that we know that the weak point exists, meaning we can prepare for it.
Whichever method we choose, we will certainly put a severe target in the hands of criminal groups, terrorists, or even foreign secret services. It would be their primary interest to obtain information on breaking encryption. It is just a question of political conviction which countries’ services we envision fighting with each other to gain access to the data of European Union citizens.
The quest to find encryption algorithms’ weaknesses exists independently from the current EU legislative idea. The history of cryptography is also the history of searching for the Achilles heel of the algorithms. Whoever was ever interested in the secrets of others searched for the weak points of their encryption. After finding the weak point tried to keep them secret, for he could only abuse them. Both disclosure of the secrets and the intention to keep secrets can guide the search for weaknesses of the encryption methods. Drawing attention to potential problems makes the quality of encryption constant over time.
The Law-abiding Criminal Problem
The weakening of encryption algorithms, even if it ever materializes, does not mean that previous methods, which public bodies cannot decipher, will disappear from the world. Both the math toolkit and the software used to stay with us. Legislators can outlaw the encryption algorithms, which no one can decipher. They can punish the usage of these algorithms, but it is doubtful that this will affect a law-abiding citizen, who can be held accountable through state bodies. It would be absolute naivety to think that members of a group preparing to commit a terrorist act can be deterred by legislation that exposes them using encryption that cannot be deciphered by bodies seeking them.
Encryption tools that are free for anyone and the infrastructure they provide can cause extremely low entry thresholds for a wide variety of criminal groups into the world of unbreakable encryption. It would not be wise to underestimate the preparedness of either individual criminal groups or intelligence services in this area. Raising the entry threshold by prohibiting the robust encryption algorithms would undoubtedly exclude citizens who want to protect their privacy at an earlier stage from the usage of practical cryptographic tools. The source code of a significant part of the software that implements encryption is freely available, so they do not need to be re-developed in the case of a possible ban. Only the existing ones should be improved, which undoubtedly requires some expertise, but it is far from impossible for slightly more prepared organizations and criminal groups. Of course, it is also conceivable that the use of these applications will be restricted or prohibited by law and that ISPs are required to filter out this type of traffic. However, the feasibility of this is highly doubtful. If it were technically easy to prevent the spread of viruses, spam, and any illegal content on computer networks, we would have already stopped it. As a counterexample, many cite the Chinese Golden Shield Project (or Great Firewall), which can prevent citizens from accessing content that the state deems undesirable. And here comes the catch-22: the firewall can be bypassed, but there are only a few who dare to risk the severe consequences. Due to the few attempts, the bypass methods are relatively easy to recognize, so the only way to reserve the right to use strong encryption algorithms is to use strong encryption algorithms in mass, independent from the fact that an individual needs them or not. In Europe, encryption is unlikely to be banned in general. Certain algorithms will not be allowed at most, particularly those that the Union’s institutions cannot decrypt so that they will be filtered out of internet traffic. It should be noted that this is a much more difficult and resource-intensive task than what China is doing. Of course, the proper regulatory framework can marginalize encrypted communications, especially if the confidence in their effectiveness is shaken. And then, we return to the subject of China because if there is little encrypted traffic, all of its participants can be observed.
Certainty of Uncertainty
If you were aware that there is a process by which your encrypted documents, photos, videos, conversations, health, or other personal information would be decrypted, you would face grave uncertainties or, at least, serious risks. The most obvious question would be who will have the right, and under what conditions, to access data that you have believed and intend to be private. The fight against crime needs fast reaction times, meaning that a decision on the declassification and decommissioning of a secret must be made quickly. It naturally increases the probability of mistakes, so it can be guaranteed that there will be cases where people’s private data is disclosed, even to a limited extent, which should not have been. What about this information? How long will it be kept, where, and under what circumstances?
The possibility of intentionality must also be taken into account. How would more straightforward for an officer to be compromised who has much broader access to private data than before? Would a citizen be informed about access to the data, or would the access be hidden from that citizen? For what reason and for how long would it be possible to obtain such data? Many difficult-to-answer questions, even if we are thinking in the context of a well-functioning rule of law. Even though the questions are hard to answer, there is no reason not to look for answers, and these are just the doubts, but there are also serious risks. In the case of a poorly functioning rule of law or a state organization or society burdened with corruption, we must reckon with the damage caused by mistakes and possible intentional abuses. However, one case or another is not necessarily serious, but the losses in the entire society can be significant. It must be kept in mind that the method can fall into the wrong hands, outside the Union and within it, and politicians can utilize it. The interception of Angela Merkel may have been in the interest of the NSA and particular groups within the Union.
It is also an open question about how such legislation can and should be applied to people, companies, and other organizations prioritized. Suppose these measures do not cover private bodies and companies equally. In that case, that may mean that we leave a loophole for criminal groups, and citizens could justifiably argue the point of why companies, organizations, or groups of people have an advantage over others in this regard. Of course, there may be ideologies for this and even practical reasons. We can say that trade secrets have an advantage over private secrets because the former can have a much more significant impact. A company can be seen as a concentration of economic power. On the one hand, revealing its secrets has a more substantial impact on the community than a particular citizen. On the other hand, there can also be a significant concentration of power in the case of a politician, a business leader, or a media owner. Giving up equality before the law to favor or disadvantage individual groups can quickly become a political issue, generate social contradictions and mistrust of the measure, and discredit the goal.
Risk on Back of Risk
It is assumed that the cryptographic algorithms should be intentionally weakened from those mentioned above. However, the proposal in question states the importance of robust cryptographic algorithms. The Union, its bodies, and any other parties who have the appropriate information on the methodology could exploit the weakening. Access to these methodologies must be verified in the strictest possible way for very understandable reasons. It must also be mentioned that the intention to acquire them would undoubtedly be strong by criminals and agencies, as they could obtain the private information of EU citizens. Suppose that the European Union takes such an action without consulting its economic and political competitors, and they do not take similar actions at almost the same time. In that case, the EU is going to be at a disadvantage. The Union immediately becomes a target. It makes its citizens a target as the Union would be the only place where encryption algorithms can be broken in possession of the appropriate information. This possibility will undoubtedly encourage the enemies of the Union, including terrorist organizations, to obtain this information. So while conceived in the spirit of fighting terrorism, it would actually give potential latitude to terrorism.
It is challenging to store the method descriptions and keys needed to break the encryption (master keys, backdoors, or other technologies). It is also a difficult task to control their access. Accessing the decryption mechanism from the internet is necessary. Without it, the system would be very cumbersome to use, and there would be long turnaround times that jeopardize the original purpose. It is almost irrelevant whether or not a central repository is available to EU members or the members would operate the repositories per state. The repository or dozens of repositories would be exposed to a series of cyber-attacks. EU members would certainly have the right and the possibility to share the information obtained with parties who may be considered a friend of the EU in the international political arena. It is uncertain that a good relationship between the EU and a foreign country means a friendly relationship between an EU citizen and the same foreign country.
Limitations of Feasibility
The naive legislative idea that it is enough to ban something by the force of law and result of that it will disappear immediately faces serious challenges at this point. Neither the weakening of encryption nor the installation of backdoors is feasible without the support of the largest technology companies, but the European Union has no power to force them.
The number of the software used for different encryption reaches the order of one hundred. There are both free and commercial, open and closed source products. It seems to be very difficult for organizations outside the jurisdiction of the European Union to put pressure on developers to open backdoors to EU offices or support weakened cryptographic algorithms. Open source software developers do not seem so influential as their original goal is the opposite of weakening cryptography. In addition to all this, most developers are individuals - even EU citizens - so the projects are international. Therefore, the EU has only a negligible influence on the operation of those projects. Anyway, the software projects that provide robust, reliable, and irreversible encryption will not disappear just because the EU may ban their use in certain circumstances.
It is not the first attempt to deliberately weaken encryption algorithms. Almost 30 years ago, the U.S. placed export restrictions on robust cryptographic algorithms. As a result, supporting weakened algorithms has become mandatory for U.S. agencies whose credibility was questioned in the middle of the last decade. In 2015, researchers identified two vulnerabilities (FREAK, Logjam, in which among others export restricted encryption algorithms were affected. The logjam attack has primarily impacted U.S. government offices. Twenty years after the U.S. government placed export restrictions on robust encryption algorithms, this act struck back. In the end, the vulnerabilities affected just those who introduced the restrictions, as everyone has long ceased using these algorithms because of their known weaknesses.
What the EU can achieve at best is banning non-cooperative solutions. But as we know, every law is worth as much as it can be obeyed and enforced. Even if the EU could agree with the major operating system vendors and distributors to permit EU citizens to download software containing weakened encryption implementations only from the app stores, it would not be a comprehensive solution. There are alternative app stores, such as F-Droid, completely vendor-independent Android distributions, such as Lineage OS, and several desktop Linux distributions that would still provide free and open source applications with robust encryption algorithms. The EU has no power to restrict these vendors legally, so there would be little choice to put the provisions into practice. Recognizing and blocking the traffic generated by software use robust encryption led us towards the Great European Firewall, which, with some irony, could be named after the Chinese one to Aegis, the shield of Zeus.
Those Who Have no Secrets …
It used to be said, for example, in totalitarian regimes, that those who have nothing to hide from the state do not have to worry. It must be stated that privacy is not about secrets but about the right to keep your private life confidential. If nothing is illegal or objectionable in what and how you go about your life, it does not necessarily mean that you want to share details with anybody. This is privacy.
It is a question of who and how actual constraints impact us as per planned action by the EU. Does terrorism, in connection with similar plans, come up from time to time? Hardly. Or perhaps the criminal groups who have disregarded the law so far – do they often enter public discourse? Doubtful. As discussed above, there are many solutions to circumvent such legislation. For instance, despite authorities making every effort to target Tor and the Dark Web, they are still part of the internet today. Although GDPR has forced the law-abiding part of the IT world to make a serious effort, it has not achieved the expected positive impact.
Weakening encryption or incorporating a backdoor is nothing more than a nonsense attempt to solve serious social problems. It’s like selling blunt knives only in household stores because people can harm themselves or others with sharp knives. Caution is essential, but in this case, it may dissimulate incredible naivety or, even worse, fanciful naivety. Reducing the effectiveness of encryption tools causes obvious disadvantages to law-abiding citizens, while it has no significant effect on criminal groups and their intentions. It is essential to emphasize that the widespread use of robust encryption is the only way to save ourselves as it raises the cost of mass monitoring unaffordable high.