Encryption and politics
On Tuesday the 23rd of August 2016, Interior Minister Bernard Cazeneuve received his German counterpart, Thomas de Maizière, to exchange views on the control of data encryption means to strengthen the means of the fight against terrorism.
Some politicians, including Mr. Cazeneuve, demand against the unanimous opinion of experts that every message transmitted on the Internet should be readable by States. I find it desperate to read such proposals from governments with regard to data encryption.
Many services are now putting in place cryptographic means (i.e. encryption) to ensure that only the sender and recipients of a message are able to read it. This is roughly equivalent to putting every message in a safe, and ensuring that only the recipients have the key. The major difference with a real safe (which can be cut out of a disk and protects a physical asset) is that an encrypted message can be duplicated without anyone knowing, so if it could be decrypted with a disk, anyone with a little skill (or a good tutorial) could steal the confidential data without anyone noticing. The trick of cryptography is to make this virtual safe almost unbreakable by the mathematical complexity of the problem, that is, to make it so difficult to calculate the key that the computing power required exceeds what all the computers on Earth combined are capable of doing.
Now that we have popularized what cryptography represents, let's decipher the demand of these policies, which naively may seem clever: to give the state a recorder. Let's analyze how this could be done :
- outright banning encryption,
- force email providers to be able to read messages (i.e. prohibit end-to-end encryption),
- give copies of the keys to the State (like a master key),
- weaken the algorithms so that they have a flaw known only to the state.
The first solution is not acceptable, it's like giving the content of his messages to anyone. This is equivalent to having all your private exchanges posted on Twitter and accessible to everyone.
The next two are equivalent to doing what is called a single point of failure: the provider or the state. If one of them were compromised or hacked, it would put all users at risk: it's like painting a target on your head, and we know that every computer system has flaws, so it's not easy to work with them. Solutions 2 and 3 therefore revert to solution 1, which is not acceptable.
The fourth is absurd since the algorithms are publicly known. If they had intrinsic flaws, they would end up being discovered and therefore exploitable by anyone, and this would also come back to proposal 1, which remains unacceptable.
Finally, even if it were possible to fabricate an inviolable means for the state to read everything without flaws and on a judge's warrant, it would be enough for criminals to turn away from legal messaging to illegal but flawless messaging that already exists. I don't think they're too embarrassed by committing an additional offense....
I will conclude with a quote from Philip Zimmermann (a major player in cryptography):
“Si la vie privée était hors-la-loi, seuls les hors-la-loi auraient une vie privée.” P. Zimmermann
Better Seald than sorry.
Discover Seald with your team!