Pioneer In Internet Anonymity Hands FBI A Huge Gift In Building Dangerous Backdoored Encryption System

from the not-a-good-idea dept

At the Real World Crypto conference at Stanford University today, Chaum plans to present for the first time a new encryption scheme he calls PrivaTegrity. Like other tools Chaum has spent his long career developing, PrivaTegrity is designed to allow fully secret, anonymous communications that no eavesdropper can crack, whether a hacker or an intelligence agency.

That ambitious privacy toolset aside, Chaum is also building into PrivaTegrity another feature that’s sure to be far more controversial: a carefully controlled backdoor that allows anyone doing something “generally recognized as evil” to have their anonymity and privacy stripped altogether.



Whoever controls that backdoor within PrivaTegrity would have the power to decide who counts as “evil”—too much power, Chaum recognizes, for any single company or government. So he’s given the task to a sort of council system. When PrivaTegrity’s setup is complete, nine server administrators in nine different countries would all need to cooperate to trace criminals within the network and decrypt their communications. The result, Chaum argues, is a new approach that “breaks the crypto wars,” satisfying both the law enforcement agencies who argue that encryption offers a haven for criminals, and also those who argue that it’s necessary to hobble mass spying.

“If you want a way to solve this apparent logjam, here it is,” says Chaum. “We don’t have to give up on privacy. We don’t have to allow terrorists and drug dealers to use it. We can have a civil society electronically without the possibility of covert mass surveillance.”

Security experts: Backdoors weaken security. They're a bad idea. Chaum: I've built a new system with a backdoor. FBI: See? It is possible. — Christopher Soghoian (@csoghoian) January 6, 2016

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

I first came across cryptography pioneer David Chaum about a decade ago, during the debates about online voting. Many in the technology world were insisting that such things were impossible to do safely, but Chaum insisted he had come up with a way to do online voting safely (he'd also tried to do electronic money, DigiCash... unsuccessfully). Many people disagreed with Chaum and it led to some fairly epic discussions. It appears that Chaum is again making moves that are making many of his colleagues angry: specifically creating a backdoored encryption system Few doubt Chaum's cryptography skills or pedigree. He was instrumental in the early days of computer cryptography and what anonymity we have online today owes a lot to Chaum. But his latest plan is... troubling:That part sounds good, right? But then there's this:Unfortunately, Chaum is both totally missing the pointplaying right into the FBI's hands. The argument of basically every other cryptographer is that building any encryption system is incredibly difficult -- and introducingsort of backdoor opens up massive and dangerous vulnerabilities -- whether the original creators recognize it or not. The second you introduce a backdoor -- even using Chaum's weird "nine people in nine countries" system -- you have introduced a vulnerability. A vulnerability that canbe abused by others. You are introducing a security flaw. And that's a massive security problem.Chaum's bragging about this system totally misses this point:That assumes that his system can't be hacked. That's a dangerous claim. Yes, the "key" is split into 9 pieces, but it's still introducing a vulnerability and undermining the integrity of the system.And, worst of all, as ACLU security expert Chris Soghoian points out , this is little more than a huge political gift to the FBI, who can go back to their stupid claims that if technologists just work harder they can come up with a "solution" to the false problem of "going dark." Similarly, you have politicians like Hillary Clinton insisting that if only techies come together with government they can "solve" the encryption/"going dark" issue.And now you can bet, without a doubt, that law enforcement and clueless politicians will start pointing to Chaum's offering as an example of a "solution."But, as Soghoian points out, that misses the point. Chaum is creating a technology that is, by default, less secure and comes with vulnerabilities built in.that it's possible to build backdoored encryption. Hell, just about anyone could do that. The "impossible" part that people are warning about is building such a system that is. Chaum's is not. By default, it has vulnerabilities built in, and they will get exploited. And, even before the technology is exploited, the existence of this will be exploited by politicians and law enforcement to undermine arguments for strong encryption.And, of course, none of PrivaTegrity's security claims have been checked or audited publicly at this point. Chaum admits that while the eventual plan will involve routing messages (multiple times) though nine servers in nine different countries, the prototype runs entirely on Amazon's cloud computing infrastructure. Either way, at the very least, the system makes it clear that decrypting all such traffic requires attacking and compromising just nine servers. If you don't think the NSA can do that, you haven't been paying attention.

Filed Under: backdoors, david chaum, encryption, going dark, hillary clinton, james comey, security

Companies: privategrity