The broken record: Why Barr’s call against end-to-end encryption is nuts

The US, UK, and Australia want Facebook to hold off on end-to-end encrypting Messenger until they have a way to inject themselves into the conversation.
Enlarge / The US, UK, and Australia want Facebook to hold off on end-to-end encrypting Messenger until they have a way to inject themselves into the conversation.
picture alliance / Getty Images

Here we go again.

US Attorney General William Barr is leading a charge to press Facebook and other Internet services to terminate end-to-end encryption efforts—this time in the name of fighting child pornography. Barr, acting Secretary of Homeland Security Kevin McAleenan, Australian Home Affairs Minister Peter Dutton, and United Kingdom Secretary of State Priti Patel yesterday asked Facebook CEO Mark Zuckerberg to hold off on plans to implement end-to-end encryption across all Facebook Messenger services “without including a means for lawful access to the content of communications to protect our citizens.”

The open letter comes months after Barr said in a speech that “warrant-proof” cryptography is “extinguishing the ability of law enforcement to obtain evidence essential to detecting and investigating crimes” and allowing “criminals to operate with impunity, hiding their activities under an impenetrable cloak of secrecy.” The new message echoes a joint communiqué issued by the US, UK, Australia, Canada and New Zealand (the “Five Eyes”) from July, which stated:

…it is imperative that all sectors of the digital industry including Internet Service Providers, device manufacturers and others to continue to consider the impacts to the safety of children, including those who are at risk of exploitation, when developing their systems and services. In particular, encryption must not be allowed to conceal or facilitate the exploitation of children.

Facebook has played a significant policing role on social media, providing reports of child abuse imagery and attempts by offenders to groom children online to the National Center for Missing and Exploited Children (NCMEC) in 2018, for instance. And there is no doubt the child pornography problem has exploded in recent years. A recent New York Times report revealed that the number of images of sexual abuse of children has been growing exponentially over the past two decades, with investigators flagging over 45 million images and videos last year. Facebook’s reports were 90 percent of the 18.4 million cases reported to NCMEC in 2018—a number double that of 2017 and 18 times greater than the number reported in 2014.

Barr and his cohorts noted that NCMCE “estimates that 70% of Facebook’s reporting—12 million reports globally” for content related to child sexual exploitation and terrorism “would be lost” if all Messenger traffic is protected by end-to-end encryption and Facebook cannot screen the content through its safety systems. “This would significantly increase the risk of child sexual exploitation or other serious harms,” Barr and the others claimed.

The letter also broadened its message beyond Facebook to the entire tech industry, stating:

We therefore call on Facebook and other companies to take the following steps:

  • Embed the safety of the public in system designs, thereby enabling you to continue to act against illegal content effectively with no reduction to safety, and facilitating the prosecution of offenders and safeguarding of victims;
  • Enable law enforcement to obtain lawful access to content in a readable and usable format;
  • Engage in consultation with governments to facilitate this in a way that is substantive and genuinely influences your design decisions; and
  • Not implement the proposed changes until you can ensure that the systems you would apply to maintain the safety of your users are fully tested and operational.

There are some major problems with this plan. First, backdoored encryption is fragile at best and likely to be quickly broken. Second, encryption is available in enough forms already that blocking its use by major service providers won’t stop criminals from encrypting their messages. If secure encryption is a crime, only criminals will have secure encryption—and it will be really easy to be a criminal, since all it takes is a download or some simple mathematics.

The stupid criminal argument

Much of the reasoning behind the need to prevent end-to-end encryption by default—an argument used when Apple introduced it as part of iMessenger and repeated multiple times since—is that criminals are inherently stupid, and giving them protection by default protects them from being stupid and not using encryption.

Facebook has offered end-to-end encryption as an option for Messenger conversations for years now, and it offers the service as part of WhatsApp as well. But because encryption requires an extra (and non-intuitive) step to turn it on for Messenger, most people don’t use it—apparently even criminals sending messages they think aren’t under surveillance. It’s like the Dunning-Kreuger effect in that case—the belief is that criminals think they’re “using the juice” and it’s concealing them from being observed.

The problem is not all criminals are idiots. And while Facebook may have contributed massively to the reporting of child pornography in recent years, there are other services that even the idiots could move to if it becomes apparent that they’re not out of sight. Take Telegram, for instance—where much of 8chan moved to after the site lost its hosting—or WhatsApp or Signal, which provide end-to-end voice and messaging encryption. On top of those, there are a host of “dark Web” and “deep Web” places where criminals, including those exploiting children, operate.

Based on conversations I’ve had with researchers and people in law enforcement, there is a significant amount of tradecraft related to these types of crimes floating around in forums. Not all of it is very good, and people get caught—not because they didn’t have end-to-end encryption but because they used it with the wrong person.

Laws don’t change mathematics

Four years ago, when the focus was on catching terrorists instead of child pornographers, then-FBI Director James Comey decried the “cynicism” toward government spying and insisted that mathematicians and computer scientists just hadn’t tried hard enough to create encryption with a “golden key” for law enforcement and intelligence organizations. But as I pointed out then, all you have to do is look at what happened when the US government tried to push backdoored encryption onto phone communications in the 1990s to understand why a government-mandated backdoor would be risky at best. As Whitfield Diffie (half of the pair who brought us the Diffie-Hellman Protocol for encryption key exchange) put it in 1993 when warning against implementing key escrow and the “Clipper Chip”:

  • The backdoor would put providers in an awkward position with other governments and international customers, weakening its value
  • Those who want to hide their conversations from the government for nefarious reasons can get around the backdoor easily
  • The only people who would be easy to surveil would be people who didn’t care about government surveillance in the first place
  • There was no guarantee someone else might not exploit the backdoor for their own purposes

To reinforce these points, a group of leading computer science and cryptography researchers—including some who actually broke the Clipper Chip’s key escrow scheme in 1997—published a paper in 2015 warning yet again against government backdoors in encryption. These researchers noted they could create vulnerabilities in systems exploitable by people other than warrant-bearing, lawful searchers:

The complexity of today’s Internet environment, with millions of apps and globally connected services, means that new law enforcement requirements are likely to introduce unanticipated, hard-to-detect security flaws. Beyond these and other technical vulnerabilities, the prospect of globally deployed exceptional access systems raises difficult questions about how such an environment would be governed and how to ensure that such systems would respect human rights and the rule of law.

The math and science of encryption has not stopped government from trying to change the rules, however. While Barr lacks the legal backing to force Facebook or other companies to comply with his demand, other members of the Five Eyes are pressing their fight against encryption with legal teeth.

Last December, Australia passed a law that mandates government backdoors into encrypted communications, dictating that service and application providers must be able to provide access on demand to individuals’ messages. While a similar effort four years ago in the United Kingdom failed, the UK has mandated Web blocking technologies to fight child pornography and other content-oriented crimes—and the country could conceivably extend that blocking to companies that provide encrypted communications seen as a means for trafficking child exploitation.

Other tools in the bag

In many ways, the arguments about end-to-end encryption seem moot—considering that law enforcement and intelligence organizations already have so many other ways to watch for illicit activities and target suspects. DNS traffic, targeted warrants, and other legal vehicles to gain access to accounts (as with the still-active PRISM program), the targeting of hidden services on Tor (as with the CyberBunker 2.0 bust last month), and end-point hacking all give officials a lot to work with without having to break the rest of the Internet in the process.

While fighting child exploitation, terrorism, or any other fundamental evil is vitally important, the risks posed by banning encrypted communications between citizens, customers and businesses, journalists and sources, whistleblowers and lawyers, and every other legal pairing of entities who may have some need to communicate in confidence are too high to justify mandating an untenable, universal, extraordinary level of access for government to communications.

Every US presidential administration for the past 50 years has demonstrated in some way why we should be concerned about abuse of surveillance powers. And we know from Edward Snowden just how expansive those powers have grown. That’s part of the reason that Internet services have moved so decisively toward providing end-to-end encryption and removing themselves from the surveillance apparatus.

https://arstechnica.com/?p=1580075