Pioneer In Internet Anonymity Hands FBI A Huge Gift In Building Dangerous Backdoored Encryption System

from the not-a-good-idea dept

I first came across cryptography pioneer David Chaum about a decade ago, during the debates about online voting. Many in the technology world were insisting that such things were impossible to do safely, but Chaum insisted he had come up with a way to do online voting safely (he'd also tried to do electronic money, DigiCash... unsuccessfully). Many people disagreed with Chaum and it led to some fairly epic discussions. It appears that Chaum is again making moves that are making many of his colleagues angry: specifically creating a backdoored encryption system.

Few doubt Chaum's cryptography skills or pedigree. He was instrumental in the early days of computer cryptography and what anonymity we have online today owes a lot to Chaum. But his latest plan is... troubling:
At the Real World Crypto conference at Stanford University today, Chaum plans to present for the first time a new encryption scheme he calls PrivaTegrity. Like other tools Chaum has spent his long career developing, PrivaTegrity is designed to allow fully secret, anonymous communications that no eavesdropper can crack, whether a hacker or an intelligence agency.
That part sounds good, right? But then there's this:
That ambitious privacy toolset aside, Chaum is also building into PrivaTegrity another feature that’s sure to be far more controversial: a carefully controlled backdoor that allows anyone doing something “generally recognized as evil” to have their anonymity and privacy stripped altogether.

Whoever controls that backdoor within PrivaTegrity would have the power to decide who counts as “evil”—too much power, Chaum recognizes, for any single company or government. So he’s given the task to a sort of council system. When PrivaTegrity’s setup is complete, nine server administrators in nine different countries would all need to cooperate to trace criminals within the network and decrypt their communications. The result, Chaum argues, is a new approach that “breaks the crypto wars,” satisfying both the law enforcement agencies who argue that encryption offers a haven for criminals, and also those who argue that it’s necessary to hobble mass spying.
Unfortunately, Chaum is both totally missing the point and playing right into the FBI's hands. The argument of basically every other cryptographer is that building any encryption system is incredibly difficult -- and introducing any sort of backdoor opens up massive and dangerous vulnerabilities -- whether the original creators recognize it or not. The second you introduce a backdoor -- even using Chaum's weird "nine people in nine countries" system -- you have introduced a vulnerability. A vulnerability that can and will be abused by others. You are introducing a security flaw. And that's a massive security problem.

Chaum's bragging about this system totally misses this point:
“If you want a way to solve this apparent logjam, here it is,” says Chaum. “We don’t have to give up on privacy. We don’t have to allow terrorists and drug dealers to use it. We can have a civil society electronically without the possibility of covert mass surveillance.”
That assumes that his system can't be hacked. That's a dangerous claim. Yes, the "key" is split into 9 pieces, but it's still introducing a vulnerability and undermining the integrity of the system.

And, worst of all, as ACLU security expert Chris Soghoian points out, this is little more than a huge political gift to the FBI, who can go back to their stupid claims that if technologists just work harder they can come up with a "solution" to the false problem of "going dark." Similarly, you have politicians like Hillary Clinton insisting that if only techies come together with government they can "solve" the encryption/"going dark" issue.

And now you can bet, without a doubt, that law enforcement and clueless politicians will start pointing to Chaum's offering as an example of a "solution."
But, as Soghoian points out, that misses the point. Chaum is creating a technology that is, by default, less secure and comes with vulnerabilities built in. It's no secret that it's possible to build backdoored encryption. Hell, just about anyone could do that. The "impossible" part that people are warning about is building such a system that is actually secure. Chaum's is not. By default, it has vulnerabilities built in, and they will get exploited. And, even before the technology is exploited, the existence of this will be exploited by politicians and law enforcement to undermine arguments for strong encryption.

And, of course, none of PrivaTegrity's security claims have been checked or audited publicly at this point. Chaum admits that while the eventual plan will involve routing messages (multiple times) though nine servers in nine different countries, the prototype runs entirely on Amazon's cloud computing infrastructure. Either way, at the very least, the system makes it clear that decrypting all such traffic requires attacking and compromising just nine servers. If you don't think the NSA can do that, you haven't been paying attention.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: backdoors, david chaum, encryption, going dark, hillary clinton, james comey, security
Companies: privategrity


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    That One Guy (profile), 6 Jan 2016 @ 10:07am

    'Secure' communications that aren't

    This claim...

    Like other tools Chaum has spent his long career developing, PrivaTegrity is designed to allow fully secret, anonymous communications that no eavesdropper can crack, whether a hacker or an intelligence agency.

    Is completely and utterly undercut by this part...

    That ambitious privacy toolset aside, Chaum is also building into PrivaTegrity another feature that’s sure to be far more controversial: a carefully controlled backdoor that allows anyone doing something “generally recognized as evil” to have their anonymity and privacy stripped altogether.

    As far as I can tell, there is one way the first statement can be true given the second one, and that is no 'hacker or an intelligence agency' needs to crack the system, because it starts out that way.

    If the system allows anyone to strip those using it of their privacy and anonymity, then that flaw will be found, with the easiest method simply finding the nine 'council members' and getting their individual pieces of the decryption key. Given they have to have a way to communication between each other and Chaum, that task should be trivially easy given the resources the various spy agencies have to throw at the problem, and once that's done, the entire system is compromised.

    I hope the FBI and/or NSA sends the guy a nice fruit basket or job offer, because with this colossal blunder he might as well be working for them already.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 6 Jan 2016 @ 12:56pm

      Re: 'Secure' communications that aren't

      > that task should be trivially easy given the resources the various spy agencies have to throw at the problem

      FBI: Give us the key.
      Chaum: no.
      FBI: Okay, boys. Take *everything*.

      You mean *those* resources?

      link to this | view in chronology ]

    • icon
      Ninja (profile), 7 Jan 2016 @ 2:25am

      Re: 'Secure' communications that aren't

      Don't you think the intelligence agencies tried to $$$ convince $$$ the least ethical of the guys working with cryptography till they found one that was up for sale? I also find it quite hard to believe they are as stupid as to believe a backdoor isn't going to be exploited. The idea, I'd guess, is to use a good encryption for the things that need such security and where the money is (ie: banks) while the rest of the population is forced into the non-encryption encryption, collateral damages be damned as long as they can inject control and indoctrinate the citizenry into an obeying mass. Sounds good enough?

      link to this | view in chronology ]

  • identicon
    Capt ICE Enforcer, 6 Jan 2016 @ 11:52am

    Seen before

    I seen this before in the Lord of the Rings movie. Didn't work out that great then either.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 6 Jan 2016 @ 12:25pm

      Re: Seen before

      Yep, as soon as I read 'nine server administrators' I started thinking of guys holding golden memory sticks staring into the monitors of computers running PalantirOS, mesmerized by the power of an unblinking, all-seeing NSA.

      link to this | view in chronology ]

    • icon
      Jay Fude (profile), 6 Jan 2016 @ 12:31pm

      Re: Seen before

      That was rings, this is virtual keys. Totally different.

      link to this | view in chronology ]

      • icon
        DannyB (profile), 6 Jan 2016 @ 12:37pm

        Re: Re: Seen before

        Not just any virtual keys. But GOLDEN virtual keys. They only work for the pure of heart.

        link to this | view in chronology ]

      • icon
        connermac725 (profile), 6 Jan 2016 @ 2:14pm

        Re: Re: Seen before

        I think he meant it was Fantasy in both instances

        link to this | view in chronology ]

      • identicon
        Anonymous Coward, 6 Jan 2016 @ 4:55pm

        Re: Re: Seen before

        > That was rings, this is virtual keys. Totally different.

        One key ring to bind them all.

        link to this | view in chronology ]

    • icon
      Ryunosuke (profile), 6 Jan 2016 @ 3:28pm

      Re: Seen before

      Three Keys for the Presidential Nominees under the sky,
      Seven for the Congressional Lords in their halls of stone,
      Nine for Terrorists doomed to die,
      One for the Dark Lord on the Firearms throne,
      In the land of the Free where the Shadows lie,
      One key to rule them all, one key to find them,
      One key to bring them all and in the darkness bind them
      In the Land of the Free where the Shadows lie.

      /edited for artistic freedom

      link to this | view in chronology ]

    • icon
      sorrykb (profile), 6 Jan 2016 @ 4:41pm

      Re: Seen before

      And nine, nine keys were gifted to the race of Men, who above all else desire power. But they were all of them deceived, for another key was made. In the land of Mordor, in the fires of Mount Doom, the Dark Lord Chaum forged in secret, a master key, to control all others.

      link to this | view in chronology ]

  • identicon
    DigDug, 6 Jan 2016 @ 12:05pm

    Better Idea

    Have it randomly select 1,000,000 people globally.
    If all 1,000,000 can be bothered to click a link, and approve the decryption then it flies.
    If even 1 person doesn't click or doesn't approve then it remains encrypted.

    link to this | view in chronology ]

    • icon
      crade (profile), 6 Jan 2016 @ 12:06pm

      Re: Better Idea

      It would still be hacked in a month by some guy with a bunch of PS3's chained together anyway.

      link to this | view in chronology ]

      • identicon
        DigDug, 6 Jan 2016 @ 12:27pm

        Re: Re: Better Idea

        If that were true the NSA wouldn't be crying today.

        link to this | view in chronology ]

        • identicon
          Anonymous Coward, 6 Jan 2016 @ 12:48pm

          Re: Re: Re: Better Idea

          There is a difference between a good crypts system, and a broken one known to have a fixed inbuilt key. If it took one month per message, then it takes 1,00 months, or 1,00 times the processors to break 1,000 messages for a good, (but by modern standards weak), crypto. However with the backdoot, it only takes one month to break every message past and future that uses the backdoored system. The backdoor makes it worth throwing every available spare, or botnet, CPU cycle at finding the backdoor because the pay-off of doing so is so big.
          Further, every part of the nine part key that can be obtained by any means just makes the problem simpler. When the key holders accede to some reasonable request, it is likely that some or all of their systems will have been compromised to gain parts of the key. The idea of any single key, no matter how divided, give a single point of attack to compromise any message, and is a monumentally stupid idea because once it has been obtained all communications using the system are compromised.
          Given such a weak point the NSA will be one of the first to compromise the system, but they will not be the only ones.

          link to this | view in chronology ]

    • icon
      Brian (profile), 6 Jan 2016 @ 12:37pm

      Re: Better Idea

      Breaking the key apart is "security through obfuscation". Breaking it into more parts increases the level of obfuscation, but anything that relies on "security through obfuscation", no matter the level of obscurity, it can be reversed engineered.

      link to this | view in chronology ]

  • icon
    crade (profile), 6 Jan 2016 @ 12:05pm

    I don't get it, is his plan to have everyone agree on which communication is evil *before* it's decrypted? How are they supposed to know the communication is evil if it's all encrypted?

    link to this | view in chronology ]

    • identicon
      Kiata, 6 Jan 2016 @ 12:12pm

      Re:

      You miss the point - [their view is that] encrypted communication is evil by default ;)

      link to this | view in chronology ]

    • identicon
      Anonymous Coward, 6 Jan 2016 @ 12:23pm

      Re:

      At the very least, the person targeted would probably drink tea and/or garden.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Jan 2016 @ 12:13pm

    So it turns out David Chaum ain't the sharpest tool in the shed after all, and may actually be quite a few fries short of a happy meal.

    link to this | view in chronology ]

    • identicon
      pegr, 7 Jan 2016 @ 6:43am

      Re:

      On the contrary. He knows if he can get enough traction with law enforcement, he'll make a bundle.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Jan 2016 @ 12:28pm

    You can split the decryption key into as many parts as there are members of the UN and it wouldn't matter. A key to a back door, is a key to a back door. Either the keys will be stolen (it would be a high priority for the NSA and their international counterparts and adversaries), or hackers will simply crack the encryption themselves. Within months, any traffic "secured" by such an encryption scheme would no longer be secure.

    Then there's the the chicken and egg problem they've got going. The only real way to tell if encrypted traffic is "doing something evil" is to decrypt it. So if an agreement that the traffic needs to be decrypted calls for that, either no traffic will be decrypted, or all traffic will be decrytped upon request.

    That doesn't even begin to getting to the problem of getting people to actual use this.

    link to this | view in chronology ]

    • icon
      DannyB (profile), 6 Jan 2016 @ 1:09pm

      Re:

      Two problems you point out:
      1. chicken and egg problem, The only real way to tell if encrypted traffic is "doing something evil" is to decrypt it.
      2. the problem of getting people to actual use this.

      The two problems interact and solve each other.

      Evil traffic is indicated by the fact that it is encrypted and NOT using this insecure scheme.

      The way you get people to use the insecure scheme is to have a horiffical terrorful punishment for not using it. Other regimes have done similar things and the past.

      After all, it's for your own security.

      For your own security, use insecure security. Used by all oxymorons.

      link to this | view in chronology ]

  • identicon
    michael, 6 Jan 2016 @ 12:32pm

    They should just use it.

    I believe that the FBI should immediately begin using Chaum's awesome new security tool. I'm sure it's totally unhackable and does exactly what he claims, and what better way to test it than in a real world scenario?

    I, on the other hand, will stick with real encryption.

    link to this | view in chronology ]

  • icon
    Blaine (profile), 6 Jan 2016 @ 12:33pm

    I nominate Edward Snowden to hold the key in Russia.

    link to this | view in chronology ]

    • icon
      DannyB (profile), 6 Jan 2016 @ 1:01pm

      Re:

      Other Nominees:

      Glenn Greenwald

      Julian Assange

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 6 Jan 2016 @ 1:15pm

        Re: Re:

        They are all likely to leak their key-part to the public?

        link to this | view in chronology ]

        • icon
          DannyB (profile), 6 Jan 2016 @ 1:24pm

          Re: Re: Re:

          I was thinking they would never leak it.

          But then, you got me thinking.

          If they all did leak their key part to the public, would that necessarily be a bad outcome?

          This whole scheme would come crashing down in flames faster than the MPAA can send a DMCA notice to Google.

          link to this | view in chronology ]

        • icon
          nasch (profile), 7 Jan 2016 @ 2:55pm

          Re: Re: Re:

          They are all likely to leak their key-part to the public?

          I think it's more likely one or more of them would permanently delete his key and then no messages could ever be decrypted.

          Does this guy have a plan to replace keys for when one or more key parts are compromised? Or would he have to burn it down and start all over?

          link to this | view in chronology ]

      • icon
        tqk (profile), 6 Jan 2016 @ 3:16pm

        Re: Re:

        Other Nominees: Glenn Greenwald, Julian Assange

        North Korea's Kim Jong Un, the Zeta drug cartel.

        link to this | view in chronology ]

        • identicon
          Anonymous Coward, 6 Jan 2016 @ 5:14pm

          Re: Re: Re:

          > the Zeta drug cartel

          Why would we want to give keys to the CIA?

          link to this | view in chronology ]

  • identicon
    A Non-Mouse, 6 Jan 2016 @ 12:33pm

    Who holds the keys?

    "...nine server administrators..."

    Let me put that another way:

    Nine
    Server
    Administrators

    link to this | view in chronology ]

  • icon
    lars626 (profile), 6 Jan 2016 @ 12:39pm

    Two possibilities

    I see two possibilities here.
    1. Chaum is an incredibly naive nerd that really does not understand the actual issue.
    2. He is not getting the attention he things he should for his work and figures that his system will be a wonderful pr tool.
    Possibly both.

    Besides, how do you select the nine persons with keys? How do you guarantee they are not compromised. Any reliance on the human elements is doomed to fail.

    link to this | view in chronology ]

    • icon
      DannyB (profile), 6 Jan 2016 @ 12:52pm

      Re: Two possibilities

      Another possibility:
      3. He is not an incredibly naive nerd, understands the actual issue perfectly well, and based on his understanding comes up with this proposal.

      If true, what would that tell you?


      As for your other questions:

      Q. How do you select the nine persons with keys?
      A1. By lottery.
      A2. By a national to the death steel cage match to find the nine toughest people.
      A3. Based on the size of their, um . . ., bank account.
      A4. Save a lot of time and trouble by letting the US Congress appoint them via secret proceedings. And keep the identities of the nine golden key holders a secret.

      [que song: 'cause I've got a golden key! to tune from Charlie and the Chocolate factory.]

      Q. How do you guarantee that the golden keys are not compromised?
      A. In the event of a key compromise the government would be obligated by law to publish a notice in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying ‘Beware of the Leopard.”

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 6 Jan 2016 @ 2:22pm

        Re: Re: Two possibilities

        Incredibly, I actually read "disguised lavatory". I still don't think you've hidden the notice adequately. Why not just encrypt it?

        link to this | view in chronology ]

        • icon
          DannyB (profile), 6 Jan 2016 @ 2:31pm

          Re: Re: Re: Two possibilities

          Using insecure encryption from the government? (since it's a government notice)

          Or using actual secure encryption that everyone else will use despite what the government says is good for you?

          link to this | view in chronology ]

      • identicon
        Socrates, 6 Jan 2016 @ 10:23pm

        The canary birt in the cold mine

        3. He is not an incredibly naive nerd, understands the actual issue perfectly well, and based on his understanding comes up with this proposal.


        The regime may have hurt him, or convinced him of their ability and willingness to hurt him.

        David Chaum's absurd proposal might be an attempt to say what they want to hear while assuring that no sane person fall for it. Whether or not it is intentional, nothing he says henceforth should ever again be taken seriously.

        Perhaps it is his Truecrypt "bitlocker" advise?

        link to this | view in chronology ]

  • icon
    DannyB (profile), 6 Jan 2016 @ 12:44pm

    carefully controlled backdoor

    Golden Keys are just back doors by another deceptive name.

    Haven't all past notions of introducing back doors ASSUMED that the back door would be carefully controlled?

    Or are the 'golden key' advocates thinking they can pass out the golden keys like candy at Halloween?

    Just because Chaum's golden key would be 'carefully controlled' doesn't make his argument any different different. All the past objections to backdoors WERE about 'carefully' controlled back doors, or golden keys, or whatever you want to call them.

    The problem is: what happens once the backdoor is hacked by the Russians, the Chinese, Anonymous, the NSA or other bad actors?

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Jan 2016 @ 12:50pm

    That doesn't even begin to getting to the problem of getting people to actual use this.
    And if forced to use this, you could just pre-encrypt the data handed to this algorithm. Unless someone actually used the backdoor key they'd have no way to know.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Jan 2016 @ 1:01pm

    From the linked Wired article:

    "Chaum has yet to reveal the full list of the countries where PrivaTegrity would place its servers. But he suggests they’ll be in the jurisdiction of democratic governments, and names Switzerland, Canada and Iceland as examples"

    Of course Russia, India, China, Pakistan, NK, Saudi Arabia and so on will agree to let their citizens use this wondrous technology, worldwide success is guaranteed, and peace and harmony will descend over the planet.

    link to this | view in chronology ]

  • icon
    DannyB (profile), 6 Jan 2016 @ 1:13pm

    Where to locate the servers. That is a problem.

    Rather than democratic governments as proposed, I suggest an approach more likely to ensure the continuity of service and permanent operation of these servers.

    Make them co-located on the same servers used by:

    the pirate bay

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Jan 2016 @ 1:18pm

    Split keys is nothing new whatsoever. There are split key systems today that allow 2 parts of a 3 way split key be sufficient for complete key reconstruction.

    Also, the NSA proposed split keys in early 2015 and it was roundly rejected. This proposal will go nowhere.

    link to this | view in chronology ]

    • icon
      DannyB (profile), 6 Jan 2016 @ 1:21pm

      Re:

      It will not be roundly rejected.

      I think the FBI, the NSA, the CIA, Congress, and Dianne Feinstein will trip over one another trying to accept it first.

      link to this | view in chronology ]

      • icon
        That One Guy (profile), 6 Jan 2016 @ 7:43pm

        Re: Re:

        I think the FBI, the NSA, the CIA, Congress, and Dianne Feinstein will trip over one another trying to accept it first.

        Almost.

        I think the FBI, the NSA, the CIA, Congress, and Dianne Feinstein will trip over one another trying to force other people to use it first.

        They don't want their communications to be decryptable, they want everyone else's communications to be decryptable.

        link to this | view in chronology ]

  • icon
    DannyB (profile), 6 Jan 2016 @ 1:18pm

    Security experts: Backdoors weaken security. They're a bad idea.
    Chaum: I've built a new system with a backdoor.
    FBI: See? It is possible.
    The question is NOT whether you can build a system with a back door. That is a trivial exercise.

    The question IS whether you can build a SECURE system with a back door.

    The answer is: NO

    Therefore the FIB wants to force an insecure system upon everyone.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Jan 2016 @ 1:21pm

    So who decides who's evil? Can 9 different countries decide the US is pretty damn evil and decrypt all of our politicians' encrypted communications? I mean they are, but they don't seem to think so.

    link to this | view in chronology ]

  • icon
    sigalrm (profile), 6 Jan 2016 @ 1:29pm

    Technology aside, there's this other little issue...

    Ok, so the points about the technology are spot on. But no one has commented on the other problem:

    Assuming the system worked as advertised (which, lets face it, you may as well assume the assistance of a perfectly spherical purple cow):

    Good luck finding 9 people globally who are both smart and ethical enough to make a legitimate "Good/Evil" decision _and_ stupid enough to attract the attention of every intelligence organization on the planet to themselves and their families.

    link to this | view in chronology ]

    • icon
      Almost Anonymous (profile), 7 Jan 2016 @ 8:14am

      Re: Technology aside, there's this other little issue...

      Excellent point. They would have to be kept a secret, I guess?

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Jan 2016 @ 1:31pm

    Pure FUD.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Jan 2016 @ 1:31pm

    Chaum has devolved into a crank

    He simply cannot be taken seriously: he's just a raving loon seeking attention for himself and his idiotic projects.

    It's a pity, but it's true: he's completely lost it and anything he says or does may be safely dismissed on inspection.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Jan 2016 @ 1:32pm

    Knowing there is a backdoor is sufficient to gain access to it. Nation states don't play by the same rules as everyone else. They have fairly much unlimited funds, tons of manhours to throw at a problem, are willing to invest many more man hours than and individual group, and many, many, professional people to draw on their talents to obtain some desired goal.

    What may not be able to be accomplished in one method can be in another. Bribery, setup for false charges for deal making, honeypots for embarrassment, blackmail; hell where does this list end? If you can't get one of these administrators to deal, then there is always removal from the group or death to accomplish a much more favorable person to their way of seeing things.

    If not this year when it comes out, then next year after it is no longer in the public eye. If that won't work then the next year after that.

    My point being you can't measure nation states and how far they are willing to go by individual standards.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Jan 2016 @ 1:47pm

    Three Keys for the CIA agents under the sky,
    Seven for the NSA in their halls of stone,
    Nine for Mortal Men corrupted by greed,
    One for the Dark Lord on his dark throne
    In the Land of Langley where the Government lies.
    One Key to rule them all, One Key to find them,
    One Key to decrypt them all and in the courts convict them
    In the Land of Langley where the Shadows lie.

    link to this | view in chronology ]

  • icon
    Chronno S. Trigger (profile), 6 Jan 2016 @ 1:47pm

    I don't give a fuck how many bits you split the key into, it's still one key hole.

    link to this | view in chronology ]

  • identicon
    Adrian Lopez, 6 Jan 2016 @ 1:56pm

    The problem is not technical, but human

    Will the nine people in charge of the decryption key be operating independently as caped crusaders against the improper use of cryptography, or will they be working together with governments in deciding which messages get decrypted? Will they respond to court orders? Subpoenas? Requests from governments bent on catching political dissidents?

    That Chaum thinks this is a good idea shows that geeks used to thinking technically can be very naive when it comes to thinking practically.

    link to this | view in chronology ]

  • identicon
    Mark Wing, 6 Jan 2016 @ 2:01pm

    RE: What Windows is based upon

    Three keys for the puppet regimes under the sky,
    Seven for NATO in their halls of stone,
    Nine for admins doomed to die,
    In the land of America, where the shadows lie.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Jan 2016 @ 2:09pm

    Anyone knowingly using backdoored technology is a fool. Period.

    link to this | view in chronology ]

    • icon
      DannyB (profile), 6 Jan 2016 @ 2:35pm

      Re:

      Or is obeying the law under pain of imprisonment.

      link to this | view in chronology ]

      • icon
        tqk (profile), 6 Jan 2016 @ 4:38pm

        Re: Re:

        Or is obeying the law under pain of imprisonment.

        A simpler and safer way of obeying that law is simply to assume encryption has been made illegal. Encryption is not the only way to pass secrets so I'll use the other, less convenient, ways instead. What have they gained? Animosity. What have I lost? Convenience, and that's all.

        Stupid game. Their move.

        link to this | view in chronology ]

  • icon
    Anonymouse (profile), 6 Jan 2016 @ 2:58pm

    Old bad idea.

    Sounds like a rehash of key escrow. These are not the droids you're looking for.

    https://en.wikipedia.org/wiki/Key_escrow

    link to this | view in chronology ]

  • icon
    testcore (profile), 6 Jan 2016 @ 3:35pm

    Just saw the talk...

    At the beginning, Chaum did acknowledge that some controversy does surround this proposal, then waved his hand and said, "I have no idea why."

    He then went on to completely omit the fact that there is this glaring security hole. Rather it's left to an exercise for the reader. What a cowardly cop-out.

    Oh, and he also stated that the system would have to run "in a highly secure data center managed by someone in this room", ignoring the fact that most people in the room could also break in to such a "secure data center".

    Bad news all around.

    link to this | view in chronology ]

  • identicon
    Dave, 6 Jan 2016 @ 4:53pm

    Isn't it easier

    Isn't it easier to break nine server administrators than it is to break crypto? Social engineering and espionage by state actors would make this child's play.

    link to this | view in chronology ]

    • icon
      DannyB (profile), 7 Jan 2016 @ 6:24am

      Re: Isn't it easier

      Also easier than breaking crypto is to manipulate the process of appointing those golden key holders.

      link to this | view in chronology ]

  • icon
    Dismembered3po (profile), 6 Jan 2016 @ 7:38pm

    Captain Crypto....

    BY OUR POWERS COMBINED, WE ARE...


    ...able to spy on all those girls who wouldn't date us.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 7 Jan 2016 @ 3:30am

    US Government: A fantastic idea which we will fully support with just 9 minor amendments...

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 7 Jan 2016 @ 5:28am

    I kinda hope this takes off for a bit just for the lord of the rings/"creeper watching your porn habits" jokes.

    "The fellowship of watching you masturbate", "the porn wraiths", "the nine kings of ".

    But yeah in all seriousness this is a steaming pile of utter failure.

    link to this | view in chronology ]

  • icon
    Matt (profile), 7 Jan 2016 @ 5:34am

    I guess I don't understand the premise, if it's as good at protecting privacy and anonymity as it claims... how exactly are these nine eyes going to know who the bad guys are to decrypt or for that matter know if what they are doing is bad (it's supposed to be encrypted after all). That suggests that there is no anonymity or privacy or real encryption

    link to this | view in chronology ]

  • icon
    orbitalinsertion (profile), 7 Jan 2016 @ 7:24am

    I'd like to know why anyone would use this system. It will be enforced as the only legal encryption method?

    Also, I just love the name. It should be sold on late night infomercials and YouTube.

    link to this | view in chronology ]

    • icon
      That One Guy (profile), 7 Jan 2016 @ 8:13am

      Re:

      Unfortunately the problem with this system doesn't require that anyone use it, it presents a problem simply by having been suggested, because those same idiots that have been insisting that tech companies can create 'secure' broken encryption if they just try harder will be holding this bit of idiocy up as 'proof' that their claims are reasonable.

      With this moron's actions the voyeurs will be re-energized, claiming that this is exactly what they were demanding, and if one person can do it, clearly other companies can do the same, completely ignoring that this 'encryption' system is useless, just as tech companies have been saying of any form of broken encryption.

      link to this | view in chronology ]

  • identicon
    cf, 7 Jan 2016 @ 6:53pm

    It's aptly named, at least. Priva, for what we'll lack in privacy, and Tegrity, for what Chaum lacks in integrity.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 11 Jan 2016 @ 12:15pm

    Best scenario...system turns out to be 100% unhackable EXCEPT for the nine admin.

    Day two: Admin reports he's lost his key, he thinks he left it on the fridge, and he's DEFINITELY sure he had it when he left to gas up his car last monday.

    Cue homeland security being called in to check down the back of his sofa.....

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.