Rabbit_1990 - Adobe Stock

Why we need a secure side door for encrypted apps, not a back door  

Splitting a decryption key into multiple fragments held by 'guardians', including privacy rights group, may be an answer to policing encrypted messages

There has been a significant uptick in interest in e2e encryption as the UK Government tries to establish "back doors" for messaging apps through the controversial Online Safety Bill. Now at the committee stage in the House of Lords, it remains to be seen what the outcome will be. What is certain is that the legislation has stoked the fire that is the privacy versus protection debate.

 If the bill is passed, messaging platforms, such as WhatsApp and others, must access messages and decide whether their users’ speech is legal — or not. According to the international human rights organisation, Article 19, the move is deeply problematic as “only independent judicial authorities should be given the power to make such a determination”.

Platforms aren't happy either — WhatsApp, Session, Signal, Element, Threema, Viber and Wire have all signed a letter asking ministers to "urgently rethink" the proposed law. Critics say the bill could undermine end-to-end encryption — the privacy technology these companies provide.

Meanwhile, Tory MP Sajid Javid has labelled end-to-end encrypted online chats a "digital playground for paedophiles" — incendiary language indeed, yet not without elements of truth. The Government has long argued that end-to-end encryption, leveraged by messaging platforms makes it extremely difficult for the police and tech firms to monitor communications, detect child grooming and intercept child abuse imagery. It also makes it easier for terrorist organisations to operate undetected.

In 2014, my firm developed the world’s first and only 'quantum-safe’ instant messaging system. So well encrypted were the users’ messages that not even a mature quantum computer with its vastly more powerful code-breaking capabilities would be able to decipher the text. It was a much-needed victory for privacy in an age where the exploitation of user data was widely agreed to be out of control. However, the reality proved vastly more complex when our application appeared on an Islamic State-recommended technical tools list.

I believe government-sanctioned backdoors in encryption will increase the possibility that anyone can walk through it, whether it’s the intended government agency, a malicious nation or hackers. Social media companies have long argued that they should not hold a golden key as they cannot guarantee if their own platforms are compromised one day. The answer is very simple, the key should not be held by such companies and the key guardians should not have access to the data unless a legal and out-of-band process is performed. Market-ready solutions can create a pre-agreed side door, which offers the data guardians, preferably consisting of privacy groups,  the ability to split control and responsibility.

As well as the industry standard threshold cryptography which was not designed for privacy, our Quorum technology combines properties from that with homomorphic cryptography, zero-knowledge proof, post-quantum cryptography and a number of other security layers to achieve total privacy. It works by splitting a decryption key into multiple fragments that are then transmitted to fragment guardians. The message can only be accessed if a pre-agreed quorum threshold is reached from the fragment guardians — for example, 3 out of 5 fragment guardians will need to approve the request before access to the data is granted. By using this technology, there is no leakage of any key fragments and the key is never reconstructed.

Unlike more rigid governance systems such as simple multi-signature schemes, Quorum is flexible, with the ability to recall or reissue key fragments should an individual go rogue or if the governance structure needs to evolve over time. Similarly, each actor within a quorum can be assigned a specific weighting or transciency based on the governance structure you wish to create.

This kind of key splitting technology already exists. Instead of blanket surveillance, this side door approach will serve as a major deterrent to any criminals who will need to move on to a less responsible platform. What we urgently need is for both sides of this polarised debate to come together so that each specific access request can be judged on its merits, by a sensibly organised governance system representing both privacy and law enforcement advocates.

If that is still not palatable, how about giving the quorum access control to just the privacy advocates? That would at least be a start.

 

Andersen Cheng, Executive Chairman, Post-Quantum

Andersen Cheng is the Founder and Executive Chairman of Post-Quantum, a UK firm developing encryption and ultra-secure products that are resistant to the code-breaking capabilities of quantum computers.

 

Read more about the debate on end-to-end encryption

 

Read more on Network security strategy

CIO
Security
Networking
Data Center
Data Management
Close