Encryption

Advancing Encryption for the Masses

/ Christopher Parsons

CryptographyEdward Snowden’s revelations have made it incredibly obvious that signals intelligence agencies have focused a lot of their time and energy in tracking people as they browse the web. Such tracking is often possible at a global scale because so much of the data that crosses the Internet is unencrypted. Fortunately, the ease of such surveillance is being curtailed by large corporations and advocacy organizations alike.

Today, WhatsApp and Open Whisper Systems announced they have been providing, and will continue to deploy, what’s called ‘end to end’ encryption to WhatsApp users. This form of encryption ensures that the contents of subscribers’ communications are be secured from third-party content monitoring as it transits from a sender’s phone to a recipient’s device.

As a result of these actions, WhatsApp users will enjoy a massive boost in their communications security. And it demonstrates that Facebook, the owner of WhatsApp, is willing to enhance the security of its users even when such actions are likely to provoke and upset surveillance-hawks around the world who are more interested in spying on Facebook and WhatsApp subscribers than in protecting them from surveillance.

A separate, but thematically related, blog post the Electronic Frontier Foundation announced the creation of a new Certificate Authority (CA) initiative called ‘Let’s Encrypt’. Partnering with the Electronic Frontier Foundation are Mozilla, Cisco, Akamai, Identrust, and researchers at the University of Michigan. CAs issue the data files that are used to cryptographically secure communications between clients (like your web browser) and servers (like EFF.org). Such encryption makes it more challenging for another party to monitor what you are sending to, and receiving from, a server you are visiting.

Key to the ‘Let’s Encrypt’ initiative is that the issued certificates will be free and installable using a script. The script is meant to automate the process of requesting, configuring, and installing the certificate. Ideally, this will mean that people with relatively little experience will be able to safely and securely set up SSL-protected websites. Academic studies have shown that even those with experience routinely fail to properly configure SSL-protections.

The aim of both of these initiatives is to increase the ‘friction’, or relative difficulty, in massively monitoring chat and web-based communications. However, it is important to recognize that neither initiative can be considered a perfect solution to surveillance.

In the case of WhatsApp and Open Whisper Systems, end to end encryption does not fix the broader problems of mobile security: if an adversary can take control of a mobile device, or has a way of capturing text that is typed into or that is displayed on the screen when you’re using WhatsApp, then any message sent or received by the device could be susceptible to surveillance. However, there is no evidence that any government agency in the world has monitored, or is currently capable of monitoring, millions or billions of devices simultaneously. There is evidence, however, of government agencies aggressively trying to monitor the servers and Internet infrastructure that applications like WhatsApp use in delivering messages between mobile devices.

Moreover, it’s unclear what Facebook’s or WhatsApp’s reaction would be if a government agency tried to force the delivery of a cryptographically broken or weakened version of WhatsApp to particular subscribers using orders issued by American, European, or Canadian courts. And, even if the companies in question fought back, what would they do if they lost the court case?

Similarly, the ‘Let’s Encrypt’ initiative relies on a mode of securing the Internet that is potentially susceptible to state interference. Governments or parties affiliated with governments have had certificates falsely issued in order to monitor communications between client devices (e.g. smartphones) and servers (e.g. Gmail). Moreover, professional developers have misconfigured commerce backends to the effect of not checking whether the certificate used to encrypt a communication belong to the right organization (i.e. not checking that the certificate used to communicate with Paypal actually belongs to Paypal). There are other issues with SSL, including a poor revocation checking mechanism, historical challenges in configuring it properly, and more. Some of these issues may be defrayed by the ‘Let’s Encrypt’ initiative because of the members’  efforts to work with the Decentralized SSL Observatory, scans.io, and Google’s Certificate Authority logs, but the initiative — and the proposals accompanying it — is not a panacea for all of the world’s online encryption problems. But it will hopefully make it more difficult for global-scale surveillance that is largely predicated on monitoring unencrypted communications between servers and clients.

Edward Snowden was deeply concerned that the documents he brought to light would be treated with indifference and that nothing would change despite the documents’ presence in the public record. While people may be interested in having more secure, and more private, communications following his revelations those interests are not necessarily translated into an ability for people to secure their communications. And the position that people must either embark on elaborate training regimes to communicate securely or just not say sensitive things, or visit sensitive places, online simply will not work: information security needs to work with at least some of the tools that people are using in their daily lives while developing new and secure ones. It doesn’t make sense to just abandon the public to their own devices while the ‘professionals’ use hard-to-use ’secured’ systems amongst themselves.

The work of WhatsApp, Facebook, Open Whisper Systems, the Electronic Frontier Foundation, and that other members of the ‘Let’s Encrypt’ initiative can massively reduce the challenges people face when trying to communicate more responsibly. And the initiatives demonstrate how the cryptographic and communications landscape is shifting in the wake of Snowden’s revelations concerning the reality of global-scale surveillance. While encryption was ultimately thrown out of the original design specifications for the Internet it’s great to see that cryptography is starting to get bolted onto the existing Internet in earnest.

How to Dispel the Confusion Around iMessage Security

/ Christopher Parsons / 2 Comments

Image by Graham BrennaApple’s hardware and communications products continue to be widely purchased and used by people around the world. Comscore reported in March 2013 that Apple enjoyed a 35% market penetration in Canada, and their desktop and mobile computing devices remain popular choices for consumers. A messaging service, iMessage, spans the entire Apple product line. The company has stated that it “cannot decrypt that data.”

Apple’s statements concerning iMessage’s security are highly suspect. In what follows I summarize some of the serious questions about Apple’s encryption schemas. I then discuss why it’s important for consumers to know whether iMessages are secure from third-party interception. I conclude by outlining how Canadians who use the iMessage application can use Canadian privacy law to ascertain the validity of Apple’s claims against those of the company’s critics. Continue reading

Understanding the Lawful Access Decryption Requirement

/ Christopher Parsons

Photo by walknboston

For several months I and a handful of others in the Canadian privacy and security community have been mulling over what Bill C-30, better known as Canada’s ‘lawful access’ legislation, might mean for the future of encryption policy in Canada. Today, I’m happy to announce that one of the fruits of these conversation, a paper that I’ve been working on with Kevin McArthur, is now public. The paper, titled “Understanding the Lawful Access Decryption Requirement,” spends a considerable amount of time considering the potential implications of the legislation. Our analysis considers how C-30 might force companies to adopt key escrows, or decryption key repositories. After identifying some of the problems associated with these repositories, we suggest how to amend the legislation to ensure that corporations will not have to establish key escrows. We conclude by outlining the dangers of leaving the legislative language as it stands today. The full abstract, and download link, follows.

Abstract

Canada’s lawful access legislation, Bill C-30, includes a section that imposes decryption requirements on telecommunications service providers. In this paper we analyze these requirements to conclude that they may force service providers to establish key escrow, or decryption key retention, programs. We demonstrate the significance of these requirements by analyzing the implications that such programs could have for online service providers, companies that provide client software to access cloud services, and the subscribers of such online services. The paper concludes by suggesting an amendment to the bill, to ensure that corporations will not have to establish escrows, and by speaking to the dangers of not implementing such an amendment.

Download paper at the Social Sciences Research Network

Security, Hierarchy, and Networked Governance

/ Christopher Parsons

UnlockedThe capacity for the Internet to route around damage and censorship is dependent on there being multiple pathways for data to be routed. What happens when there are incredibly few pathways, and when many of the existing paths contain hidden traps that undermine communications security and privacy? This question is always relevant when talking about communications, but has become particularly topical given recent events that compromised some of the Internet’s key security infrastructure and trust networks.

On March 22 2011, Tor researchers disclosed a vulnerability in the certificate authority (CA) system. Certificates are used to encrypt data traffic between parties and to guarantee that security certificates are actually issued to the parties holding them. The CA system underpins a massive number of the Internet’s trust relationships; when individuals log into their banks, some social networking services, and many online email services, their data traffic is encrypted to prevent a third-party from listening into the content of the communication. Those encrypted sessions are made possible by the certificates issued by certificate authorities. The Tor researchers announced that an attacker had compromised a CA and issued certificates that let the attacker impersonate the security credentials associated with many of the world’s most prominent websites. Few individuals would ever detect this subterfuge. In effect, Tor researchers discovered that a central element of the Internet’s trust network was broken.

In this post I want to do a few things. First, I’ll briefly describe the attack and its accompanying risks. This will, in part, see me briefly discuss modes of surveillance and motivations for different gradients of surveillance. I next address a growing problem for today’s Internet users: the points of trust we depend on, such as CAs and the DNS infrastructure, are increasingly unreliable. As a result, states can overtly or subtly manipulate to disrupt or monitor their citizens’ communications. Finally, I suggest that in spite of these points of control, states are increasingly limited in their capacities to unilaterally enforce their will. As a consequence of networked governance, and its accompanying power structures, citizens can impose accountability on states and limit their ability to (re)distribute power across and between nodes of networks. Thus, networked governance not only transforms state power but redistributes (some) power to non-state actors, empowering those actors to resist illegitimate state actions.

Continue reading

Review of Wired Shut: Copyright and the Shape of Digital Culture

/ Christopher Parsons

Image courtesy of the MIT PressGillespie argues that we must examine the technical, social-cultural, legal and market approaches to copyright in order to understand the ethical, cultural, and political implications of how copyrights are secured in the digital era. Contemporary measures predominantly rely on encryption to survey and regulate content, which has the effect of intervening before infringement can even occur. This new approach is juxtaposed from how copyright regulation operated previously: individuals were prosecuted after having committing copyright infringement. The shift to pre-regulation treats all users as criminals, makes copyright less open to fair use, renders opposition to copyright law through civil disobedience as challenging, and undermines the sense of moral autonomy required for citizens to recognize copyright law’s legitimacy. In essence, the assertion of control over content, facilitated by digital surveillance and encryption schemes, has profound impacts on what it means to be, and act as, a citizen in the digital era.

This text does an excellent job at working through how laws such as the Digital Millennium Copyright Act (DMCA), accompanied by designs of technologies and the political efforts of lobbyists, have established a kind of ‘paracopyright’ regime. This regime limits uses that were once socially and technically permissible, and thus is seen as undermining long-held (analogue-based) notions of what constitutes acceptable sharing of content and media. In establishing closed trusted systems that are regulated by law and received approval from political actors content industries are forging digitality to be receptive to principles of mass-produced culture.

Continue reading

Kinder DRM Still Undermines Digital Abundance

/ Christopher Parsons / 3 Comments

We live in an era of digital abundance, an era where we can genuinely rethink the underlying economics of information creation and dissemination as the cost of creation, storage, and dissemination infrastructures approach zero. Against fears that this threatens to ‘undermine’ content production we see the rise in the quantity of content that is produced and, correspondingly, a rise in novel approaches to profit from the generation of that content in an abundant bitscape. We should resist efforts to undermine abundance through Digital Rights Management protocols.

As reported by Ars Technica, the IEEE is developing a novel kind of DRM that would see ‘content’ folders encrypted and only accessible after individuals used decryption keys to access that content. For rights holders and some content producers, this is seen as having the merit of securing their ‘goods’ by attempting the replicate the scarcity of atoms in the bitscape. Consumers would ‘benefit’ because they would not longer have to deal with onerous licensing terms: they would own the keys and the keys would have value because of their capacity to ‘open’ content streams. Of course, this would also introduce the pain in the ass of key management, something that few consumers are likely to want to suffer through any more than the already existing consumer ‘protection’ measures they regularly encounter.

The IEEE’s motivations behind this DRM system are to remedy problems caused by non-rivalrous digital content. Paul Sweazey has stated that;

…a truly non-rivalrous system makes commerce too difficult, even impossible, and that we need to create ways for the digital world to mirror the constraints of the physical one.

The creation of this rivalrous system is seen as a ‘middle road’ between advocates of abundance and total DRM lockdown. I would suggest that what we’re really seeing is just another attempt to undermine (arguably) the most significant quality of the bitscape, which is the capacity to replicate information across networks spanning the globe without diminishing the ‘holdings’ of whomever held the original copy. Moreover, it demonstrates a continued unwillingness and/or inability to experiment with novel business models that, while perhaps reducing overall revenue compared to past years/decades, will enable companies to continue delivering profits in the long-term. Value continues to be perceived as existing in the sales of digital things, and instead of seeking out novel ways to extract derivative value from their ubiquitous existence resulting from widespread copying there is an attempt to totally monetize all copies. This is in defiance of demonstrably successful freemium strategies, as well as other related schemes that work to gain widespread brand awareness and capitalize off the sale of rivalrous goods to a small percentage of users. 

I have incredible doubts that any key system will remain secure over the long-haul (and, by long-haul, I mean just 10-20 days of the system being deployed). There are just too many parties that will do everything in their power to break the encryption and key management system, and history has proven that the attackers tend to far outstrip the defenders in the field of content protection algorithms. Central is that technological security systems tend to be incredibly brittle, fail poorly, and enable modes of attack that relatively ineffective against human-based security. Schneier, in his 2006 book Beyond Fear, notes that;

Technology gives attackers leverage because they can do more in an attack. Class breaks give attackers leverage because they can exploit one vulnerability to attack every system within a class. Automation gives attackers leverage because they can exploit vulnerabilities a million times.. Technique propagation gives attackers leverage because now they can try more attacks, including ones they can’t even understand. Action at a distance and aggregation also give attackers leverage because now there are many more potential targets (p. 99).

A DRM scheme that aims to use encryption keys to establish digital bits as rivalrous will fall prey to each of the items noted in that quotation.

Making customers screw around with encryption keys, have adequate key management systems, always requiring connections to the ‘net to access keys, or any other ways that engineers imagine customers dealing with key management is almost destined to fail. Engineers are, in this case, trying to stuff the genie back in a bottle instead of working with progressive MBAs and innovators who are trying to create (and often, though certainly not always, succeeding) novel business models that leverage add-on services, scarce extras, and other things that are genuinely exclusive to monetize digital distribution systems. Focusing on protection, in this case, is the dead wrong way to to and highly unlikely to do much other than waste a lot of people’s time that could otherwise be productively exercised.