The minute your system depends on good behavior from any of the parties involved, you've failed as a designer.
It's like nobody learned anything from Snowden's revelations. The second those backdoors are available, they're going to be surrendered in secret to various three letter agencies in the name of national security. That's going to happen on day one. On day two they'll be breached by foreign intelligence services.
>The minute your system depends on good behavior from any of the parties involved, you've failed as a designer.
Everyone is bad designers then. All of them rely on operating system providers not stealing your messages. Some with the people providing the chat application. Since they have to be able to display messages they are able to log them somewhere.
> All of them rely on operating system providers not stealing your messages.
You can compile your own operating system and control your hardware supply chain - you don't have to rely entirely on trust for those components.
> Since they have to be able to display messages they are able to log them somewhere.
If they're end-to-end encrypted, no, the people providing the chat application can't log anything except noise. That's what we're talking about outlawing here.
Regardless of the above, when I say 'system' I'm referring to a cryptosystem, not the other parts of the software stack.
Ken Thompson has something to say about trusting the compiler you use for that OS, or even the microcode the CPU running said compiler is using. It’s functionally impossible to not trust an outside vendor for something on a modern computer
You’re getting distracted by unrelated concerns. Hint: pay attention to the part where I say
> Regardless of the above, when I say 'system' I'm referring to a cryptosystem, not the other parts of the software stack.
If your cryptosystem is compromised nothing else matters. Your argument seems to be “we shouldn’t worry about secure cryptosystems because these other unrelated things could go wrong,” which I’m not interested in debating with you.
So you want encryption so criminals who would have otherwise been hung to be able to evade the law? It is pretty clear to me how a government may not approve of encryption for this usage.
Yes. The state has no right to hang anyone. The state has no right to take a life. When you take away encryption, The Innocent and the Guilty are punished, the innocent disproportionately.
That’s the beautiful thing: we don’t have to care what the government thinks. We are 30y into the encryption wars, and they cannot put the genie back in the bottle. It just is.
A cryptographically secure messaging system is either secure for terrorists and child molesters, or it isn't secure for anyone.
Like most reasonable people, I want governments to try to prevent such crimes and to punish people who commit them. I do not, however wish to grant governments unlimited powers with which to pursue those goals. In particular, there are some bright lines which should never be crossed. Those include torture, punishment without a reasonable attempt at a fair trial, and outlawing tools for secure communication.
By that logic so is the two parties' decryption keys. Can we make a third party whose decryption key is more secure than the others? I suspect it is possible.
Basically every professional cryptographer has been saying that it's impossible to build a secure system this way since the idea was floated by the US government in the 1990s.
In a perfect world a agree with this. But the power this gives governments is so great that I don't see how it wouldn't end up abused.
In the analogue days "wire tapping" regulated it's self because of the manual nature, and a warrant attempted to ensure enough evidence was required to actually target an individual.
With digital communications the same thing can be done leaving almost no trace against an entire population.
Governments have a LONG way to go to prove that "three letter agencies" won't abuse a system that is setup to provide legal wire taps for digital communications.
You could imagine it as every chat having additional participant which is a person who has a valid warrant. There is nothing secretive about this, nor is it bypassing the cryptographic system somehow. If I send you an encrypted message, is it a backdoor if you are able to decrypt it? No, because that's how it's indented to work.
Here's a thought. Private[0] keys could be held in escrow, with sss[1] being used to decrypt, publically. The sss shares could be held by different branches of government. (state,federal,exeecutive,legislative,judicial)
Personally I think the company should also hold a key. They would use this key after verifying that a warrant is valid. I also think giving out hardware keys with rate limiting / logging features along with key rotation / revocation is essential to reducing abuse.
This is called a backdoor, whether you like it or not. Pinky-promising not to abuse the backdoor key doesn't make it not a backdoor. Backdoors will be abused by governments. Have we learned nothing from the Snowden leaks?
>A backdoor is a typically covert method of bypassing normal authentication or encryption in a computer, product, embedded device, or its embodiment.
>Wikipedia
My suggestion isn't covert, nor does it bypass encryption.
>2. A means of access to a computer system that allows unauthorized users to circumvent normal authentication procedures.
>thefreedictionary
People with warrants are authorized to access the messages.
There is utility to being are to prevent random people and companies from eavesdropping your conversations. Crypto has important security benefits that we can't just give up.