No doubt briefed by an increasingly anxious security service, UK Prime Minister David yesterday used a speech to take an ambiguous but heavy swipe at the growing band of hugely popular mobile applications adopting end-to-end encryption to secure messages and phone calls.
The headline writers decided in a single voice that he was suggesting apps using this kind of security – especially market leader Facebook’s WhatsApp - should be “banned.” Ban is a big concept and a big word that computer people don’t like the sound of one bit.
Here’s the offending section of his speech:
“In our country do we want to allow a means of communication between people which even in extremis with a signed warrant from the Home Secretary that we cannot read? My answer to that question is no we must not.”
Notice, no mention of a ban or even blocking, more an aspiration that something should be done to curb the apparently incredible power these apps have to stop the security services listening in. So what’s going on here?
First, unless he’s misunderstood what the security services have told him, he’s not talking about banning WhatsApp or any of its rivals quite simply because he can’t. Even supposing a future Prime Minister could get such draconian legislation through Parliament as part of a re-heated Draft Data Communications Bill of the sort that failed in 2013, banning apps is not technically possible in a country like the UK.
The infrastructure these services use is overwhelmingly abroad and if the distribution of them was banned people would have countless other ways to get hold of them. Alternatively people could just use different apps with a rapidly growing number having the security feature Cameron fears built into them.
Specifically, what he's worried about is end-to-end encryption and as the Clinton administration v Phil Zimmermann from the early 1990’s showed in a different but overlapping context with the latter’s famous Pretty Good Privacy (PGP) program, encryption can’t be chained up by law-makers or governments. To try the same trick 20 years on would invite public ridicule and failure.
So what might the spooks have put David Cameron up to?
The problem with public key end-to-end encryption is that unlike BlackBerry messages (say), the private key used to encrypt the messages is not held centrally and resides on the device itself. You can’t turn up at the app firm’s address with a warrant and just ask for it – they don’t have them, the user does. That’s how public key encryption works. Depending on the type of encryption design used there might be multiple keys, specific even to a moment in time or a session.
That doesn’t mean there are no ways in. Applications and their APIs have vulnerabilities and these can offer chinks in the armour and the client device itself can be attacked, for example by an eavesdropping Trojan. These are widely used by the security services where they are able to identify the suspect’s devices and contacts
My guess is that the security services actually want Cameron to come up with the sort of renewable warrants that would allow security services to carry out long-term and systematic man-in-the middle attacks on the applications, something that requires a level of intrusion that goes far beyond reading mere phone records. This is non-trivial and would certainly require companies to agree to identify the two endpoints involved.
Today’s end-to-end encryption is said to be full of holes – the EFF published a scorecard of app security for more background – but they are getting better and will one day no doubt be able to lock out the police. But the threat these apps pose is exaggerated today and is caused mainly by their inscrutability and the sheer number of people using them. This consumes time, something the police believe they don’t have.
But eventually something or someone is going to give on one side of this debate and when that happens it won’t be pretty.