Slashdot Mirror
UK Voice Crypto Standard Built For Key Escrow, Mass Surveillance (benthamsgaze.org)
Trailrunner7 writes: The U.K. government's standard for encrypted voice communications, which already is in use in intelligence and other sectors and could be mandated for use in critical infrastructure applications, is set up to enable easy key escrow, according to new research. The standard is known as Secure Chorus, which implements an encryption protocol called MIKEY-SAKKE. The protocol was designed by GCHQ, the U.K.'s signals intelligence agency, the equivalent in many ways to the National Security Agency in the United States. MIKEY-SAKKE is designed for voice and video encryption specifically, and is an extension of the MIKEY (Multimedia Internet Keying) protocol, which supports the use of EDH (Ephemeral Diffie Hellman) for key exchange.
"MIKEY supports EDH but MIKEY-SAKKE works in a way much closer to email encryption. The initiator of a call generates key material, uses SAKKE to encrypt it to the other communication partner (responder), and sends this message to the responder during the set-up of the call. However, SAKKE does not require that the initiator discover the responder's public key because it uses identity-based encryption (IBE)," Dr. Steven Murdoch of University College London's Department of Computer Science, wrote in a new analysis of the security of the Secure Chorus standard. "By design there is always a third party who generates and distributes the private keys for all users. This third party therefore always has the ability to decrypt conversations which are encrypted using these private keys," Murdoch said by email. He added that the design of Secure Chorus "is not an accident."
"MIKEY supports EDH but MIKEY-SAKKE works in a way much closer to email encryption. The initiator of a call generates key material, uses SAKKE to encrypt it to the other communication partner (responder), and sends this message to the responder during the set-up of the call. However, SAKKE does not require that the initiator discover the responder's public key because it uses identity-based encryption (IBE)," Dr. Steven Murdoch of University College London's Department of Computer Science, wrote in a new analysis of the security of the Secure Chorus standard. "By design there is always a third party who generates and distributes the private keys for all users. This third party therefore always has the ability to decrypt conversations which are encrypted using these private keys," Murdoch said by email. He added that the design of Secure Chorus "is not an accident."
The workers must rule! Down with the monarchy! Down with the capitalists!
UNITE with the Campaign for a Free Internet because today, our future begins with tomorrow!
... and this third party is commonly known as Internet Hackers.
From TFA: "The claim that GCHQ make is that existing protocols do not support the necessary “scale and usability requirements”" ...just like Dual_EC_DRBG does not support the necessary "security" for a cryptographically secure pseudorandom number generator.
Is this what U.S. politicians want? Not 'backdoors' in encryption, but being the keyholders? You'd have to go through a government-run server to get encyption keys when setting up and secure connection, so that later (or in realtime) they can decrypt and listen in on the entire data stream? This would be as bad or worse than having a 'backdoor' because all you'd have to do is compromise the keyserver and you'd have all of the keys for everything -- or if you can destroy the keyserver, completely cripple communications for everyone all at once. All of these ideas are just disaster waiting to happen, and there's no damned good reason for it other than anal-retentive power-seeking-more-power politicians and their bullshit.
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
And you are but the serfs. Who can ... vote? Your own damn fault!
TRUMP in 2016!
So what you're saying is someone had a bit too much sake when designing this?
Minimum threshold fixed. Thanks!
Rather than 'MIKEY-SAKKE' this encryption standard should be called BUKKAKE, because it sprays everyone's private data at GCHQ. The only question left is, do they spit or swallow?
The probability of this resulting in total compromise of UK military, consular, and in general confidential communications, is so high, that this cannot be any better.
So the UK will destroy its own security, possibly realize a few years from now, and the world will probably (maybe) learn a lesson in cryptography the hard way. The way it gets remembered.
What could be better?
Just don't live in the UK for now.
A step to making this secure is to generate private keys on the end-clients, verify the code to generate them does not also create an escrow key, and be vigilant from then on to only allow access to that private key with audited code.
But there's a usability problem with this: people suck at not losing things.
Lost your private key and need to check your email? You're out of luck. This is the sign of a good, secure system, but the average office person will at some point lose their key and be very pissed off that their account is impossibly unrecoverable.
So to appease the "careless," they backup/generate keys on a server. This has the unfortunate (or fortunate for them?) side effect of allowing undetectable key escrow. So they might be doing this to solve a legitimate usability problem, it just enables these other, probably bigger, problems.
Sorry but this "compromised by design" shit has to go.
People need to use a strong, unbreakable encryption. Then, when the government comes sniffing around, they should be told to go sodomize a hippopotamus.
Chas - The one, the only.
THANK GOD!!!
"Security" goons are pretty much the same all over; they don't care if you are ripped off, kidnapped, raped, or murdered, as long as they get to watch, so they have no problem creating ways for (other) criminals to get into whatever security you might want to use to protect yourself.
Worse than politicians: the un-elected spooks that desire total control (instead of their near-total control of today).
Towards the end of his reign of terror, even sitting Presidents were scared of crossing J Edgar Hoover due to his decades of collecting dirt on damn near everyone.
In comparison, this current round of jackals make J look like cross-dressing comic relief.
That is then offered to "allow companies to listen to their employees calls when investigating misconduct, such as in the financial industry"?
If the GCHQ wanted undetectable, just ensure the designs allowed in the UK are to the generations of usual tame and junk maths standards.
Then dont tell or allow anyone to publish on the existing, new or to be released standards.
Get any wider academic study out of the telco sector and replace it with tame UK professional academics with security backgrounds. Have them pump out vast numbers of complex papers to a waiting press to pass on the wholesomeness of UK crypto academics and advanced secure communications.
That would have covered the "Undetectable" part in a more realistic fashion. If junk crypto is been talked about as offering "companies to listen to their employees calls" people kind of understand the level of UK mass surveillance over all devices sold in the UK.
Why would anyone interesting ever talk about anything interesting on a UK connected network ever again?
The more people understand the UK gov is a party to all their private digital communications, the more they can revert to traditional methods of communications.
Does the UK have the overtime for 6-10 contractor or mil teams in shifts to watch every single interesting person 24/7 when they fail to turn on their gov ready phones everyday?
Drones, teams of cars and helicopters to track every meeting of 3 interesting people in a remote locations with no phones again?
What worked so well in Ireland needed a small army of very skilled teams watching a very small population. Do todays gov officials and contractors have the ability to fit in with the communities or will they be noticed?
As for "“scale and usability requirements" that would be more Tempora? https://en.wikipedia.org/wiki/...
Telling an entire nation they are under constant surveillance will change how they use a cell phone. Why would any gov tell them to change their habits?
Is the UK gov hoping to induce a trackable rush to VPN's and then track for people altering their cell phone habits as the information filters down the wider press?
That gives the UK give a short list of people who altered their habits but for the loss of their digital communications.
Time for a lot of ground teams in vans to make up for what the GCHQ got for "free" every generation?
Domestic spying is now "Benign Information Gathering"
No matter what stupid or idiotic piece of legislation I've seen proposed by politicians in the US, I can always count on British politicians to propose something stupider or more idiotic.
Why one key? Why not several keys held in escrow by parties that don't regularly cooperate? Google and MS and Apple. USA and China and India. Coke and Pepsi and Bloomberg. You'd have to convince or compromise all to gain access to all keys to access communications.
The standard is known as Secure Chorus, which implements an encryption protocol called MIKEY-SAKKE.
Would it not be more honest to call the new standard Security Circus? Implementing the new Robert Hooligan protocol.
Well, except for Signal, Cyph, and maybe a few others from the EFF's list.
Nothing to see here, move along. This isn't some protocol designed for widespread use by the general public (in which case the central private key repository would obviously be unacceptable). This is a protocol designed to secure communications between people working for the government (either directly or as a supplier) on critical infrastructure applications. The government already has an effective system for managing cryptographic material which, if it fell into the wrong hands, would allow access to all manner of sensitive information. I see no reason why these keys should be any different.
The protocol was designed by GCHQ, the U.K.'s signals intelligence agency,
as a Brit, living comfortably and peacefully in the London suburbs, I'm tired of this shit. It's not saving lives or preventing terror either, do you think any reasonably intelligent terrorist will think, I need to talk to my mates, ok MIKEY-SAKKE is my 'go-to' tool?
On y va, qui mal y pense!
to any TLA, thank you, please make it easier for us. instead of the good ole cat an mouse game, you are now giving us nice easy targets.
from every other TLA.
like seriously, why do we waste our teax money on what is the virtual equivalent of a dick measuring contest. this is just like the cold war when it was all about who had the biggest nukes.
the worst part is that all of this spending on intelligence and we cant solve the quite real problems of our own countries. we worry about a terrorist attack, yet there are real problems with alcohol and tobacco, poverty, education, and infrastructure (hospitals, schools, roads, rails etc)
Democracy can not be shared at the end of a barrel.
How would "workers" know what's best for a company? Stoned or half drunk most the day, barely able to manage a job. Expected to continuously come up with tough answers for the right solutions to problems within their respective companies. The owners of the companies will always be boss because they understand what needs to happen at every corner. The worker doesn't care, they usually don't even care enough to think of new ways to make their already simple task, simpler. The workers feed upon the stores, unless they see incentive to better the situation.
"The most terrifying words in the English language are: I'm from the government and I'm here to help." - Ronald Reagan Trust us, we know what is best.