Researcher warns of backdoor in GCHQ-developed encryption
It's not as secure as end-to-end encryption, he claims.
The UK government's spy agency stands accused of developing and promoting an encryption standard for voice calls which includes a backdoor, allowing it to conduct "undetectable mass surveillance." The protection is designed for internal software used by the British government, but because it's open-source one security researcher is worried it'll also be adopted by commercial companies. If that happens, the flaw could be exploited by GCHQ and, potentially, hackers to monitor the conversations not just of government employees, but the wider public.
Dr Steven Murdoch, a Principal Research Fellow at University College London's Information Security Research Group, is concerned specifically about the way GCHQ's standard handles encryption keys. MIKEY-SAKKE, the security protocol behind the Secure Chorus encryption standard, relies on a set of master keys generated at the service provider level. These are used to protect each call session, but Murdoch says the master private key can also be used to decrypt users' conversations, past and present.
"The existence of a master private key that can decrypt all calls past and present without detection, on a computer permanently available, creates a huge security risk, and an irresistible target for attackers. Also calls which cross different network providers (e.g. between different companies) would be decrypted at a gateway computer, creating another location where calls could be eavesdropped."
Such a flaw, Murdoch believes, can be classified as "key escrow." That means a service provider would be able to comply with a British government request for "content," or what was said, during a particular individual or group's conversations. This ability to decrypt is in stark contrast to end-to-end encryption, which puts both public and private keys in the hands of the user. That way, even if a warrant is served, the company is unable to deliver the data in a readable format. A number of apps now offer this protection, including Apple's iMessage.
Murdoch says he isn't surprised by the backdoor given GCHQ's responsibility to both monitor and protect the government's communications:
"GCHQ designs the encryption technology used by government to prevent unauthorised parties having access to classified information. But GCHQ also wants the ability to examine how this encryption technology is used to investigate suspected leaks whether to companies, the press, or foreign intelligence agencies."
The worry now is that the MIKEY-SAKKE protocol will be adopted by companies offering secure voice calls to the public. After all, "government-grade security" sounds like a pretty safe bet. GCHQ, however, is refuting Murdoch's claims. A spokesperson for CESG, GCHQ's Information Security arm (which developed the standard) told Engadget: "We do not recognise the claims made in this paper. The MIKEY-SAKKE protocol enables development of secure, scalable, enterprise grade products."
