back to article Here we go again... UK Prime Minister urges nerds to come up with magic crypto backdoors

UK Prime Minister Theresa May has reiterated calls for a special magic version of encryption to be developed by technologists so law enforcement can access everyone's communications on demand – and somehow engineer it so that no one else can abuse this backdoor. Speaking at the World Economic Forum (WEF) in Davos, Switzerland …

No is the answer and it remains that way

The answer is no and it is going to remain that way. At least for me if I ever go into encryption programming (and just programming to start with).

77
0
Silver badge

Re: No is the answer and it remains that way

I might have to start sending line noise to my MP...

32
0
Silver badge
Trollface

Re: No is the answer and it remains that way

I don't know what you're talking about.

making secure crypto that is only breakable for lawful law enforcement is just as easy as staying in EU and exiting the EU at the same time. May does that flawlessly, so obviously that crypto stuff is just as flawless

127
0
TRT
Silver badge

Re: as easy as staying in EU and exiting the EU at the same time

Hence the requirement for vastly increasing funding for research in quantum technology. As we all know, this exciting field allows something to exist simultaneously in a number of apparently contradictory states at the same time.

45
0

Re: as easy as staying in EU and exiting the EU at the same time

>As we all know, this exciting field allows something to exist simultaneously in a number of apparently contradictory states at the same time.

like most members of the Tory Cabinet

35
0
Silver badge

Re: No is the answer and it remains that way

making secure crypto that is only breakable for lawful law enforcement is just as easy as staying in EU and exiting the EU at the same time. May does that flawlessly, so obviously that crypto stuff is just as flawless

Actually, it is easy to think of several half-way credible ways of doing that. I mean the crypto breakable by good guys only, not the Schrödinger's Brexit. And politicians, aided by some intellectually dishonest experts, may well latch on one of those and make it mandatory.

2
26
Silver badge

Re: No is the answer and it remains that way

I feel May seems to operate much like an Electronic Monk, especially the updated Mk-II version which has advanced illogic circuitry able to hold a huge number of mutually contradictory beliefs without throwing those annoying system errors. Many politicians share this kind of circuitry, it seems

Doffs hat (black fedora again) to the late, great Douglas Adams

34
0

Re: No is the answer and it remains that way

Schrödinger's Brexit

Is that Rees' Mogg(y)

It's alive. Oh no it isn't...

19
0
Silver badge

Re: No is the answer and it remains that way

"

Actually, it is easy to think of several half-way credible ways of doing that. I mean the crypto breakable by good guys only

"

I'd love to see an algorithm that only works if a "good guy" uses it. Even more, I'd like to see a method for determining who is "good" and who is "bad" (bonus if it can also predict which "good" guys will become "bad" in the future).

32
0
Silver badge

Re: No is the answer and it remains that way

Is that Rees' Mogg(y)

It's alive. Oh no it isn't...

It may be alive, but it looks and acts like it slipped through some weird time portal from the 1700s.

16
0

This post has been deleted by its author

Silver badge

Re: No is the answer and it remains that way

I'd love to see an algorithm that only works if a "good guy" uses it.

Note I wrote "half-way credible", not "credible". For example, always make the crypto implementation store the user's key on the device or data stream but encrypted with a key known only to the good guys. This may well bamboozle people who forget to consider who all will have want to have these master keys (UK? US? China?), and can they be trusted to keep them secret. (And like you point out, will the custodians remain the good guys?).

4
16
TRT
Silver badge

Re: I'd love to see an algorithm that only works if a "good guy" uses it.

That's easy. You just take an input from the webcam and determine what colour hat they are wearing.

27
0

Re: No is the answer and it remains that way

"staying in EU and exiting the EU at the same time" - isn't that called Quantum Entanglement? Or is the PM enjoying a dead-Heisenberg-cat-bounce?

11
0
Silver badge

Re: as easy as staying in EU and exiting the EU at the same time @TRT

Hence the requirement for vastly increasing funding for research in quantum technology. As we all know, this exciting field allows something to exist simultaneously in a number of apparently contradictory states at the same time. .... TRT

You might like to ask Jacob Rees-Mogg MP to share with you the "New Knowledge" missive, [sent to him on 16 November 2017 at 15:15] which contains the following lines amongst a whole host of other relevant and relative information ........

Does Conservative Leadership want to … Make a Quantum Communication Leap into Future Perfect Presentations with Augmented Virtual Reality Production Systems. ….. with Global Operating Devices.

Such is that which is Presently Running Our Current Programs.

I Kid U Not.

..... or is all of that to be classified and presumed to be TS/SCI whenever it is in fact now more general knowledge to be exploited and expanded upon? Well, you now know of the message, don't you.

If Jacob refuses, what would that be telling you whenever he has every right to share everything shared freely.

1
2

Re: No is the answer and it remains that way

The UK will exit the EU. No way around that. Scotland, Wales, North Ireland, and, maybe, England, will enter, though. Perhaps even on the same day.

Heed my words.

1
6

Re: No is the answer and it remains that way

Agree. It is rather odd that governments insist that spying on electronic communications is the only way to discover the bad guys.....but in the next breath claim that the proposed backdoor will only be used once they get a warrant. If they already have sufficient probable cause to get a warrant, they don't need a backdoor. They need a password. They already have the power to demand that, or hold the suspect in jail if he/she refuses to hand it over. I'm reminded of the FISA bit: Surveillance without true probable cause is enough to ask the suspect a question he might not fully answer. They he is, surprise, a perp. No thanks.

8
0

Re: I'd love to see an algorithm that only works if a "good guy" uses it.

Its the “Good Cop, Bad Cop” routine. The algorithm starts with a dialogue -- “Are you being a good guy or a bad guy today?”.

3
0
Silver badge

Re: No is the answer and it remains that way

"At least for me if I ever go into encryption programming"

In order to produce crypto that is even remotely trustworthy, what you need isn't programming skills so much as advanced mathematical skills.

But you wouldn't need to invent new crypto. Just start using the strong crypto that is readily available right now, and stop relying on the default crypto your devices provide.

9
0
Silver badge

Re: No is the answer and it remains that way

" it is easy to think of several half-way credible ways of doing that."

I don't think that it's easy at all. But if you really have a great idea, I encourage you to develop it. You'd be rich, and such a method would have many good and legitimate uses.

5
1

Re: intellectually dishonest experts

If the intellectual dishonesty means that a backdoor doesn't really exist then the scam won't last long, equally if the backdoor does exist it won't be much longer before it becomes known.

Either way, as Sir Humphrey would have said "I do think you are being awfully brave, Prime Minister, to bring in this much needed measure".

6
0
Silver badge

Re: No is the answer and it remains that way

"several half-way credible ways"

The other half seems to have gone missing.

1
0

What's the nature of a scorpion?

Politicians are like scorpions. It's in their nature. This is what they will always do.

42
0
Silver badge
WTF?

Re: What's the nature of a scorpion?

They're actually starting to sound like whiny brats and it's clear as crystal that this is their default approach to all shitty legislation - keep banging on until the public get bored and resistance fades. Only it isn't fading this time because they are actually asking for something that can't reasonably be done.

"They must focus their brightest and best on meeting these fundamental social responsibilities."

What, so the government can ignore all their advice when it doesn't fit with their own pre-conceived world view? (See drugs policy).

All they want is everything, all the time, no resistance and they will keep whining until they get it or the public wises up and sacks them. The moment someone tells them what they want to hear they'll be all over it, whether it's possible, sensible or legal - doesn't seem to matter.

23
0
Anonymous Coward

Re: What's the nature of a scorpion?

"keep banging on until the public get bored and resistance fades. Only it isn't fading this time"

I'd like to share your optimism, but unfortunately actual evidence doesn't seem to support this: Beyond a little circle of people who a) understand the issue, *and* b) care about it (that's mostly Reg readers...), there is the vast crowd of people who just don't see what the problem might be.

I've asked a lot of people around me (Ph.D education level...) about this specific issue, and they all just shrug and went "Well, it's not like I have something to hide. And besides, who would be interested in pictures of my pet/my holiday?". That's their standard answer to both blanket surveillance and criminals getting to their information. Questions about losing sensitive information (financial, health, etc) are shrugged off as outliers. "Can't be worse than Facebook" is actually an excuse I heard, and it makes sense - People willing to give Facebook their most intimate life details clearly don't have the same assessment of what privacy is good for.

So beware, politicians' mantra-like repeating of stuff isn't a sign of some inability to accept reality, it's actually slow and steady brain washing. When the promised reductions in privacy eventually happen (in some technical way or another), the vast majority of people will only think "well, that was overdue, wasn't it".

15
0
Silver badge

Re: What's the nature of a scorpion?

"I've asked a lot of people around me (Ph.D education level...)"

Just because someone has an advanced degree doesn't mean that they're competent (or even smart) when it comes to areas outside of what they got the degree in.

8
0
Silver badge

Re: What's the nature of a scorpion?

I've asked a lot of people around me (Ph.D education level...) about this specific issue, and they all just shrug and went "Well, it's not like I have something to hide. And besides, who would be interested in pictures of my pet/my holiday?". That's their standard answer to both blanket surveillance and criminals getting to their information.

Tell them to read the ToS of their bank and any other online services. Then they'll discover that not only do they have something to hide but that they're contractually obliged to hide it.

4
0

Re: What's the nature of a scorpion?

"Well, it's not like I have something to hide. And besides, who would be interested in pictures of my pet/my holiday?""

Well I've not got anything to hide ( except financial stuff naturally) but I do always use ssh to access my systems at home from outside - this is to ensure security so my systems don't become a playground for spammers etc. My system is as secure as I can make it.

1
0
Silver badge

There's no magic encryption tree

Where does she expect her hairbrained idea of encryption to come from?

59
0
Silver badge

Re: There's no magic encryption tree

I wouldn't use "hairbrained" as I suspect she's pulling this out of her orifice that's lower to the aft. .

43
0
Silver badge
Headmaster

Re: There's no magic encryption tree

I wouldn't use "hairbrained" as I suspect she's pulling this out of her orifice that's lower to the aft it's 'hare-brained' as in 'mad as a March hare'.

35
0
Silver badge

Re: There's no magic encryption tree

Those who don't know math are doomed to repeat it.

58
1

Re: There's no magic encryption tree

"Those who don't know math are doomed to repeat it."

That also recurred to me

56
0
Gold badge

Where does she expect her hairbrained idea of encryption to come from?

She doesn't have an idea.

It's just like any politician.

<gollum>

We wants it.

We wants it

We wants it.

</gollum>

49
0
Anonymous Coward

Re: There's no magic encryption tree

I look at it like a "magic backdoor", however you can't create the back door without lubing it up and everyone taking one for the team. Maybe if someone explained it to her properly using the correct terminology then she might just get it as she's not been adverse to taking one for the team on many occasions. (DUP/Election/EU/Green/Johnson, the list goes on)

Disclaimer: For impartiality I'll say it a good job Corbyn isn't in power because I'm unsure if he's ever used a computer. The lib dems would probably just put in their manifesto that they won't ban encryption and then ban it.

8
21
Anonymous Coward

Re: Where does she expect her hairbrained idea of encryption to come from?

"Where does she expect her hairbrained idea of encryption to come from?"

Just wait until the politicians hear about quantum entangled photon pairs. Soon they'll be demanding physicists entangle a third photon for monitoring purposes...

23
0
Silver badge

Funny thing about this argument and all the BS flying about. I would think that the "security agencies" would know that any encryption with a backdoor is useless. Maybe the fightback is to insist that they use the same encryption they want us to use?

Then again, we've not heard from the grunts in the trenches in the agencies, only the political appointees who are mouthing the words they need to say to keep their jobs.

36
0
Silver badge

Exactly, GCHQ have some of the best cryptographers in the world, so they surely know that there's no way that they can have their own back door without some possibility of another country (or criminals etc.) finding a way to access it.

I guess this explains the focus on getting companies to do it, then if (for example) Whatsapp's magic backdoor was breached, the government doesn't look responsible.

9
0

"I would think that the "security agencies" would know that any encryption with a backdoor is useless"

It's the same in other areas. I lost count of the number of times I put together very detailed proposals for/against certain approaches to tackling a disease area, going to great lengths to research what was know, list the unknowns, explain the complexities, list the pros & cons and suggest a way forward only for a PHB+2 to dismiss ( or sometimes sanction ) the whole thing after a few moments consideration.

7
0
Silver badge

We should give them what they want and then carry on ignoring the useless fuckers. What are they going to do, write their own encryption programs?

7
1
Silver badge

SNAFU v1.0 ....

We should give them what they want and then carry on ignoring the useless fuckers. What are they going to do, write their own encryption programs? .... Sir Runcible Spoon

Isn't that the Current State of Status Quo Systems in Politicised Fields of Global Play, Sir? The Spaces and Places were they presume to be able to Provide Lead, and be failing miserably and spectacularly.

3
1
Bronze badge
Big Brother

> would know that any encryption with a backdoor is useless

Isn't that the whole point?

6
0
Silver badge

The crucial point that all these politicians seem to be missing is that the knowledge and technology to do end-to-end encryption now exists.

No matter what laws are passed, criminals and terrorists are, by their nature, not law abiding, and therefore will ignore those laws, and continue to use the technology.

It is not possible to remove the ability to create end-to-end encryption, now it exists, all you can do is disadvantage law-abiding citizens.

85
0
Silver badge

all you can do is disadvantage law-abiding citizens

That would appear to be the goal. A bit like all of the pantomime around "money laundering" that doesn't work, or "airport security".

68
0
Silver badge

The technology exists, but time and time again, we hear that real-life terrorists used unencrypted communication. They weren't caught because nobody was looking. Criminals and terrorists are not law-abiding, but more to the point, most of them are not awfully bright.

If I were advising the security services, I'd be looking to put out messages calculated to encourage villains into using particular means of communication, where anything they might leak would be less needle-inna-haystack than the sum of all 'net traffic. One way to encourage that might be to have politicians and officials call for particular apps to be banned, thereby sending out the message that diabolical plots can be safely shared using precisely those apps. If any such app happened to have a backdoor, the calls to ban it (or force it to introduce a backdoor) would be loud and clear.

28
1
Bronze badge

I will make encryption software such as encrypted video phones, fully encrypted instant message and custom encrypted web browsers as i see FIT !!!! I will release them FULLY OPEN SOURCE WITHOUT ANY BACKDOORS and ANY BAN will be USELESS because I simply will not LISTEN and will CONTINUE to release new versions when and where I see fit! I'm also in another country so you cannot touch me legally without some SERIOUS LEGAL FIREPOWER being brought in against you by me! I know some of the BEST lawyers in the business WORLDWIDE and the sheer weight of my legal opinions and legal paper deluge will obliterate any statutes you may wish to bring about!

So Tough Tootie Minister!

You can't disobey the laws of Math and Physics, they are COMPLETELY immutable!

AND FINALLY!!!! Get away from AES-256, Triple DES and Elliptic Curve-based encryption algorithms!

Modern supercomputers AND newer Quantum Computing-style (i.e. All States At Once Computing) WILL be able to break such systems.

YOU MUST HAVE POST-QUANTUM CRYPTOGRAPHY !!!!

You need Multivariate, Lattice, Code-based and other forms of "Post Quantum Cryptography" to be able to keep your data secrets from being ratted out by Shor's Algorithm!

5
25
Silver badge

Re: Goal ... disadvantage law-abiding citizens

People tend to ascribe to others crimes they would commit themselves. For techies, this shows as an attempt to find sane intelligent motives consistent with other peoples' actions. This cannot work with Teresa May. Although ability at government is not a required attribute of a successful politician they do need to be better at politics ... than other politicians. She called for an election in June 2017. Now you know her level of competence at a core skill you have to base the motives behind her other activities consistent with determined ignorance and fly bashing against the closed half of a window level stupidity.

The only defence against such people is education - somehow we have to educate enough voters to prevent people like her getting elected again.

26
0

The crux of it.

"No matter what laws are passed, criminals and terrorists are, by their nature, not law abiding, and therefore will ignore those laws, and continue to use the technology."

That.

It always amazed me that a regular sentence for driving without a licence was a driving ban (I know the sister of a lad who, at the age of 14, got a lifetime driving ban for stealing and joyriding cars, needless to say, it had absolutely no deterrent effect), while I understand the reasoning behind it it seems absolutely nonsensical, rather it made them more likely to kill someone in their attempts to get away from the police, the inherent nature of a criminal is that they do not obey the laws that are used to punish them, nor do they care about the punishment meted out

The weakening of the cryptography that's being demanded and justified as a means to keep us 'safe' is going to achieve the exact opposite.

31
0

Like a shell company?

Government starts shell company with funds from taxpayer, shell company buys out trusted encryption system and changes the encryption in the background to suit themselves. Job done.

2
1
Silver badge

Re: Goal ... disadvantage law-abiding citizens

"People tend to ascribe to others crimes they would commit themselves"

Not only that but even more generally, people tend to ascribe to others any behaviour they would do themselves

9
0

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2018