Tag: encryption
Play, Pay, Repeat: Why Australia Needs to Stop Chasing Encryption Backdoors and Start Getting Serious About Kids, Games,and Digital Safety
Over the weekend, I read an article by Jackson Ryan in The Guardian that stopped me in my tracks. It asked a pointed question — “Does video game monetisation harm children, and what is Australia doing about it?” — and its answers were far from …
CyAN Signs 3 Open Letters Against Surveillance Laws
The Cybersecurity Advisors’ Network has recently added our name to three important pieces of advocacy urging reform of legislation that we feel significantly jeopardizes the safety and privacy of citizens and their data, and the free nature of the Internet.
I. Sweden: Data Storage and Access to Electronic Information Legislation
The Internet Society and CyAN partner organization Global Encryption Coalition are leading a push to reform Sweden’s controversial proposal that, among other issues, would require encryption services to open access to their users’ data to law enforcement agencies. We previously expressed our opposition to this move. Backdoors, no matter how well intended, fatally undermine end-to-end encryption, thus endangering privacy, security, and trust online.
Link to the open letter: https://app.smartsheet.com/b/form/e3cf0c35c3a84837b0accdf21966a554
II. Japan: Cyber Espionage / Cyber Attack Bills
CyAN joins the Japanese Association for Progressive Communications (JCA-Net) in urging the scrapping of two Japanese bills (both links in Japanese, PDF format):
- Bill to Prevent Damage Caused by Unauthorized Acts against Important Computer Systems
- Bill to Amend Relevant Laws in Conjunction with the Enforcement of the Law to Prevent Damage Caused by Unauthorized Acts against Important Computer Systems‘
Similar to the Swedish proposal, these bills would allow law enforcement and intelligence agency access to information without the consent of data controllers. They go much further in authorizing cyber warfare and espionage outside of Japanese borders, which the Association and the letters signatories believe is not only unconstitutional, but actively dangerous by potentially stoking aggressive cyber conflict.
Link to the joint letter: https://www.jca.apc.org/jca-net/ja/node/449
III. USA: TAKE IT DOWN Act (PDF)
US Senate bill S.146 (“TAKE IT DOWN”) is a well-intended, although overly broad and intrusive, attempt to curtail online propagation of illegal content, specifically “intimate imagery”, what CyAN partner organization STISA refers to as “image-based sexual abuse” (IBSA). While the bill provides exceptions for broadband and email providers, it would result in encryption backdoors being required for other secure services, such as peer-to-peer chat.
As we have pointed out in the past, backdoors not only do not work, they have significant negative impact on personal privacy. Backdoors dramatically increase the danger from cybercrime and government surveillance overreach alike, and damage trust, safety, online commerce, and digital democracy while yielding few real results – criminals do not respect such laws.
CyAN joins the Internet Society, the Center for Democracy and Technology, the Electronic Frontier Foundation (EFF), and several other respected industry and advocacy groups in calling for a revision of S.146, to significantly increase the use cases and providers exempted from its scope, and thus removing the mandate for harmful encryption backdoors.
Link to the joint letter: https://docs.google.com/document/d/1p5i9HifjzZXGs-nanjOb5V1aBQPqAJ3LFfJqsYYddI0/edit?tab=t.0
Featured image credit: Gerd Altmann (Pixabay Link)
Unraveling Digital Sovereignty: The Delicate Balance of Digital Sovereignty: Insights and Imperatives
Defining Digital Sovereignty in Our Times In his thought-provoking article, “Digital Sovereignty: A Framework for the Internet Age,” Robin Berjon skilfully outlines the challenges and necessities of digital sovereignty. This article builds on his foundation, delving deeper into nuanced facets of digital sovereignty and highlighting …
Opinion: Encryption Back Doors are Dumb.
CyAN recently opposed the now-dead EU “Chat Control” regulatory proposal, and the UK’s push for Apple to remove ADP for UK iCloud users – the latter unfortunately having led to Apple’s removal of end-to-end iCloud encryption for its British customers.
Now, two additional countries in Europe are on the verge of adopting ill-considered mandates for encryption back doors – France, as part of an amendment to its “Narcotrafic” law that would enable access to messages between suspected drug traffickers, and Sweden, in an attempt to mandate the possibility of law enforcement access to encrypted messenger tools – the Signal Foundation has already indicated that it would rather leave Sweden than comply with the latter. CyAN has just published a position statement opposing both.
Encryption is a tool. Like cash, cars, or firearms, encryption can serve good and nefarious purposes alike. The benefits of encryption are well documented – trust, privacy, anonymity, safety, resilience, and security, for citizens and societies alike. Encryption’s benefits include making voting and business safe, protecting dissidents and members of groups that are often threatened, such as human beings who identify as LGBTQ, and more.
At the same time, encryption could be used by fraudsters to encrypt victims’ computers with ransomware. Terrorists may use encryption to avoid intelligence agencies and law enforcement intercepting their messages. The same goes for child sexual abuse messages, drug transactions, and more. And like the three examples named above, it is up to society to democratically decide on an appropriate balance between “good” and “bad” uses of a tool, and if, when, and how to limit, or even ban that tool.
Strong end-to-end encryption’s benefits vastly outweigh the downsides to society from possible abuses. Unfortunately, both law enforcement and intelligence agencies have attempted many times, with varying degrees of success, to legislatively mandate “back doors” into encryption systems when they were unable to otherwise access protected data. Usually presented under the guise of fighting abuses such as child pornography, drugs, terrorism, or financial crime, the past decades have seen multiple misguided moves to mandate third-party access to encryption systems, from 1993’s Clipper Chip in the US, to the current slate of initiatives listed earlier. Methods of gaining such access include key escrow, mandatory additional decryption keys, or legal requirements to implement methods that allow service providers to give authorized third parties access to their customers’ data, to name a few.
The problem with encryption back doors is that they introduce a technical weakness into a security system – one which it is impossible to guarantee will not itself be used by malicious attackers. This can expose private data to malfeasants. Furthermore, the risk of such abuse undermines trust in the things that encryption exists to secure – digital democracy and e-commerce, to name two. Think of it like adding a door to a submarine – sure, it can be done, sure it might make access more convenient, but modern submarine hulls are highly engineered “bubbles” designed to withstand insane pressures. Every time you poke a hole in one, it requires a ridiculous amount of complexity to keep water out, and adds more potential points of failure.
A good example of a back door that has caused real economic damage is the US National Security Agency’s involvement in the development of what would become the DES (Data Encryption Standard) encryption standard in the 1970s. While there was suspicion at the time that the NSA’s recommendation for use of a given type of S-box was an attempt to compromise the new standard for their own benefit – this turned out to actually harden the system. However, at the same time, the NSA insisted on shorter key lengths as part of DES’ adoption by the National Institute of Standards and Technology (NIST) in order to ease brute forcing of DES.
This has come back to bite not only the NSA, but the global economy in the ass in a big way, as the original DES keys became easy to break well before even the introduction of quantum computers, leading to significant cost in replacing DES-based cryptosystems and a loss of trust in a lot of e-commerce and similarly sensitive communications. Furthermore, while the NSA plays a key role in securing US government communications, and has often been a constructive contributor to the security of global data communications, its past involvement in weakening encryption “for the rest of us” means nobody trusts anything that comes out of Fort Meade. Trust takes a long time to build.
I understand that not having back doors will occasionally make the job of law enforcement and intelligence agencies more difficult as they work to protect us from criminals, abusers, and terrorists. However, I also believe that effective investigation of bad actors cannot depend primarily on single technological capabilities. Furthermore, while I oppose legal mandates for use of specific technologies or technological limitations, there exist types of encryption application that allow for investigation while respecting citizens’ privacy. Homomorphic encryption is one such model, allowing for limited searching of known patterns, such as specific child abuse sexual imagery, without decrypting secure datastreams. Obviously these solutions are no panacea, but their very existence significantly weakens the case that back doors are needed for effective investigations.
And let us not forget that criminals do not respect laws – that is what makes them criminal. How would a ban on end-to-end encryption even be enforced, when bad guys will simply turn to messaging tools run out of countries not covered by back door mandates? I’ve yet to see a good argument that addresses this.
Even worse, we haven’t even considered the topic of potential non-technical, administrative abuse by even well-meaning government agencies; there are many examples of law enforcement officers illicitly accessing license plate databases or CCTV footage, for example to identify women they would like to meet. We all have something to hide, or which simply isn’t anyone else’s business – do you completely trust your government agencies, which are after all comprised of fallible human beings, to completely respect your privacy and dignity at all times, if they are somehow able to access what you don’t want to have seen? I don’t.
Encryption is necessary. Demanding to weaken encryption in pursuit of criminals a) doesn’t work, b) endangers citizens, c) undermines safe online business, and d) is lazy policing. Don’t do it.
The Growing Threat of Quantum Supremacy in The Era Of Digital Civilization
Introduction to Quantum Computing:
Quantum computing is a rapidly developing field with the potential to revolutionize the way we know computing and one aspect of it, which is cryptography. Quantum computers are able to perform certain types of calculations much faster than classical computers, including the mathematical problems used in some encryption methods. As a result, quantum computers could theoretically break many of the encryption standards that organizations use today.
This could pose a serious threat to growing classical encryption systems and thus digital sovereignty. Digital sovereignty is the ability of a country or organization, even an individual to control their own digital data and infrastructure. Without strong encryption, digital data is vulnerable to theft and exploitation by foreign organizations and other adversaries especially within industries such as banking, railways, energy, telecommunications, and other critical infrastructures.
We know the impact that a serious cyber-attack can have on organizations. But as quantum computers become more powerful and accessible, it is important for governments and organizations to take steps to protect their digital data from the surveillance strategy of “Harvest Now, Decrypt Later” where the current encrypted data could be stored in the hopes of being decrypted by a quantum computer at one point.
Proposed Mitigation Strategies:
One way to mitigate the threat of quantum computing is to transition to post-quantum cryptography. Post-quantum cryptography (PQC) is a type of cryptography that is designed to be resistant to attacks from quantum computers. In other words, these cryptographic algorithms are based on concepts that are yet thought to be uncrackable by quantum computers. An example of some of them is Lattice-based, code-based, hash-based, multivariate polynomial.
Many researchers are currently developing post-quantum cryptography algorithms, and some of these algorithms are already being defined by organizations such as the National Institute of Standards and Technology (NIST). As the result of an extensive program, NIST announced the first four quantum-resistant cryptographic algorithms that it will standardize:
- CRYSTALS-KYBER
- CRYSTALS-Dilithium
- FALCON
- SPHINCS+
Another way to mitigate the threat of quantum computing is to use quantum key distribution (QKD). QKD is a secure communication protocol that uses quantum mechanics to distribute encryption keys. Some governments and organizations are already using QKD to protect their most sensitive data.
QKD relies on the properties of quantum physics. Secure key distribution is achieved by sending a sequence of quantum states, such as single photons, and measuring them at the receiving end. Because of the laws of quantum physics, it is impossible for an eavesdropper to intercept the key without being detected: bits of information are encoded on a physical phenomenon with such a small quantity of energy that seeing this phenomenon is already altering it.
There have been many projects carried out within the different parts of the world. EUROQCI within the EU is one such example. An extensive network of QKD systems is being built, also called Quantum Communications Infrastructure, for the secure transmission of critical data within its member states with the help of three segments:
- Satellite Segment for large distances
- Terrestrial Segment for shorter distances
- Quantum Hub as an orchestrator for the network
Evaluating these strategies:
Within the scope of my master’s studies at EM Lyon Business School, I had a chance to gain insights and dive deeper into upcoming technologies concerning cyberspace, such as Quantum Key Distribution along with SES Satellites, as a part of my end-of-studies internship. With an opportunity to study the QKD and PQC technologies at their conceptual level, here are a few advantages that QKD has over PQC:
- Security is based on the laws of physics, not mathematical algorithms. This makes QKD immune to attacks from quantum computers, regardless of how powerful they become. PQC algorithms, on the other hand, are still under development and it is possible that they could be broken by future quantum computers.
- The ability to detect eavesdropping attempts: Any attempt to eavesdrop on a QKD transmission will inevitably disturb the qubits, which can be detected by the sender and receiver. PQC algorithms do not have this ability so eavesdropping attempts could go undetected.
- The ability to transmit keys over larger distances with the use of satellites, so that terrestrial nodes can link strategic sites within and between neighboring countries, whereas satellite segments will be used to cover larger distances across the EU.
- Can be a permanent and reliable solution for the implementation, compared to the other mitigation strategies when it comes to tackling quantum supremacy, as QKD works on the physical properties of quantum which cannot be eavesdropped.
Although with the strong pros that these strategies present, there have been certain downsides that could hinder their adoption:
- Cost: The deployment of QKD and PQC infrastructure can be expensive. This is because the technology is still in its early stages of development, and the components required to build and operate QKD and PQC systems can be costly but could be resolved later in time as these products get commercialized.
- Complexity: QKD and PQC systems can be complex to implement and manage. This is because they rely on sophisticated quantum physics principles. As a result, it can be difficult to ensure that QKD and PQC systems are deployed and operated correctly.
- Security: There are still some security vulnerabilities that need to be addressed in QKD and PQC systems. For example, there have been some successful attacks on commercial QKD systems. Additionally, some researchers have raised concerns about the security of certain PQC algorithms.
- Interoperability: There is a need to develop standards for interoperability between QKD and PQC systems. This is because different vendors are developing different QKD and PQC products and solutions. Without standards for interoperability, it will be difficult to build and operate large-scale QKD and PQC networks.
- Scalability: It is not yet clear how well QKD and PQC can be scaled to meet the needs of large organizations and governments.
- Performance: QKD and PQC systems can have lower performance than traditional cryptographic systems. This is because QKD and PQC systems need to perform additional operations to ensure security. Also, QKD transmissions can be affected due to environmental factors when it comes to satellite communications.
- Usability: QKD and PQC systems can be more difficult to use than traditional cryptographic systems. This is because QKD and PQC systems require users to have a good understanding of quantum physics and cryptography.
Conclusion:
Evaluating the overall posterity, the development of these mitigation strategies to counter the impending threat posed by quantum computing is a field that remains in its formative stages, far from achieving flawless efficacy. However, the imperative of the moment is for cybersecurity professionals to proactively consider and begin contemplating the integration of these evolving strategies within their respective industries. This urgency stems from the demonstrated potential of quantum-resistant technologies in ongoing research endeavors, which hold the promise of safeguarding sensitive data against the looming threat of decryption by quantum computers. Even in the present, with quantum computing not yet mainstreamed, the need to prepare transition towards it is necessary for the secure transactions carried out today.
But along with the technological prowess of these strategies proposed, it doesn’t only boil down to the advancements provided by QKD but also to the correct pressure and incentives on the industries to use this technology and implement it correctly. On a larger scale, there is a need for these technologies to be integrated with public-private partnerships, allowing governments, academia, and industry to join forces together, allowing them to pool their resources and expertise together more than ever before.
Some Additional References:
- Inside big tech’s high-stakes race for quantum supremacy
- The state of U.S.-China quantum data security competition
- MIT Explainer – What is post-quantum cryptography?
- Microsoft – Cryptography in the era of quantum computers
- Post-Quantum Cryptography: Anticipating Threats and Preparing the Future
- Experts Discover Flaw in U.S. Govt’s Chosen Quantum-Resistant Encryption Algorithm
- A new vulnerability threatens three finalists of the NIST Post-Quantum Cryptography contest
- Experimental vulnerability analysis of QKD based on attack ratings
- Practical Side-Channel Attack on Free-Space QKD Systems With Misaligned Sources and Countermeasures