back to article Here we go again... UK Prime Minister urges nerds to come up with magic crypto backdoors

UK Prime Minister Theresa May has reiterated calls for a special magic version of encryption to be developed by technologists so law enforcement can access everyone's communications on demand – and somehow engineer it so that no one else can abuse this backdoor. Speaking at the World Economic Forum (WEF) in Davos, Switzerland …

  1. jonfr

    No is the answer and it remains that way

    The answer is no and it is going to remain that way. At least for me if I ever go into encryption programming (and just programming to start with).

  2. John Robson Silver badge

    Re: No is the answer and it remains that way

    I might have to start sending line noise to my MP...

  3. Tomato42 Silver badge
    Trollface

    Re: No is the answer and it remains that way

    I don't know what you're talking about.

    making secure crypto that is only breakable for lawful law enforcement is just as easy as staying in EU and exiting the EU at the same time. May does that flawlessly, so obviously that crypto stuff is just as flawless

  4. TRT Silver badge

    Re: as easy as staying in EU and exiting the EU at the same time

    Hence the requirement for vastly increasing funding for research in quantum technology. As we all know, this exciting field allows something to exist simultaneously in a number of apparently contradictory states at the same time.

  5. paulc

    Re: as easy as staying in EU and exiting the EU at the same time

    >As we all know, this exciting field allows something to exist simultaneously in a number of apparently contradictory states at the same time.

    like most members of the Tory Cabinet

  6. MacroRodent Silver badge

    Re: No is the answer and it remains that way

    making secure crypto that is only breakable for lawful law enforcement is just as easy as staying in EU and exiting the EU at the same time. May does that flawlessly, so obviously that crypto stuff is just as flawless

    Actually, it is easy to think of several half-way credible ways of doing that. I mean the crypto breakable by good guys only, not the Schrödinger's Brexit. And politicians, aided by some intellectually dishonest experts, may well latch on one of those and make it mandatory.

  7. Michael H.F. Wilkinson Silver badge

    Re: No is the answer and it remains that way

    I feel May seems to operate much like an Electronic Monk, especially the updated Mk-II version which has advanced illogic circuitry able to hold a huge number of mutually contradictory beliefs without throwing those annoying system errors. Many politicians share this kind of circuitry, it seems

    Doffs hat (black fedora again) to the late, great Douglas Adams

  8. Wibble

    Re: No is the answer and it remains that way

    Schrödinger's Brexit

    Is that Rees' Mogg(y)

    It's alive. Oh no it isn't...

  9. Cynic_999 Silver badge

    Re: No is the answer and it remains that way

    "

    Actually, it is easy to think of several half-way credible ways of doing that. I mean the crypto breakable by good guys only

    "

    I'd love to see an algorithm that only works if a "good guy" uses it. Even more, I'd like to see a method for determining who is "good" and who is "bad" (bonus if it can also predict which "good" guys will become "bad" in the future).

  10. Nick Ryan Silver badge

    Re: No is the answer and it remains that way

    Is that Rees' Mogg(y)

    It's alive. Oh no it isn't...

    It may be alive, but it looks and acts like it slipped through some weird time portal from the 1700s.

  11. This post has been deleted by its author

  12. MacroRodent Silver badge

    Re: No is the answer and it remains that way

    I'd love to see an algorithm that only works if a "good guy" uses it.

    Note I wrote "half-way credible", not "credible". For example, always make the crypto implementation store the user's key on the device or data stream but encrypted with a key known only to the good guys. This may well bamboozle people who forget to consider who all will have want to have these master keys (UK? US? China?), and can they be trusted to keep them secret. (And like you point out, will the custodians remain the good guys?).

  13. TRT Silver badge

    Re: I'd love to see an algorithm that only works if a "good guy" uses it.

    That's easy. You just take an input from the webcam and determine what colour hat they are wearing.

  14. chairman_of_the_bored

    Re: No is the answer and it remains that way

    "staying in EU and exiting the EU at the same time" - isn't that called Quantum Entanglement? Or is the PM enjoying a dead-Heisenberg-cat-bounce?

  15. amanfromMars 1 Silver badge

    Re: as easy as staying in EU and exiting the EU at the same time @TRT

    Hence the requirement for vastly increasing funding for research in quantum technology. As we all know, this exciting field allows something to exist simultaneously in a number of apparently contradictory states at the same time. .... TRT

    You might like to ask Jacob Rees-Mogg MP to share with you the "New Knowledge" missive, [sent to him on 16 November 2017 at 15:15] which contains the following lines amongst a whole host of other relevant and relative information ........

    Does Conservative Leadership want to … Make a Quantum Communication Leap into Future Perfect Presentations with Augmented Virtual Reality Production Systems. ….. with Global Operating Devices.

    Such is that which is Presently Running Our Current Programs.

    I Kid U Not.

    ..... or is all of that to be classified and presumed to be TS/SCI whenever it is in fact now more general knowledge to be exploited and expanded upon? Well, you now know of the message, don't you.

    If Jacob refuses, what would that be telling you whenever he has every right to share everything shared freely.

  16. elgarak1

    Re: No is the answer and it remains that way

    The UK will exit the EU. No way around that. Scotland, Wales, North Ireland, and, maybe, England, will enter, though. Perhaps even on the same day.

    Heed my words.

  17. sprograms

    Re: No is the answer and it remains that way

    Agree. It is rather odd that governments insist that spying on electronic communications is the only way to discover the bad guys.....but in the next breath claim that the proposed backdoor will only be used once they get a warrant. If they already have sufficient probable cause to get a warrant, they don't need a backdoor. They need a password. They already have the power to demand that, or hold the suspect in jail if he/she refuses to hand it over. I'm reminded of the FISA bit: Surveillance without true probable cause is enough to ask the suspect a question he might not fully answer. They he is, surprise, a perp. No thanks.

  18. vagabondo

    Re: I'd love to see an algorithm that only works if a "good guy" uses it.

    Its the “Good Cop, Bad Cop” routine. The algorithm starts with a dialogue -- “Are you being a good guy or a bad guy today?”.

  19. JohnFen Silver badge

    Re: No is the answer and it remains that way

    "At least for me if I ever go into encryption programming"

    In order to produce crypto that is even remotely trustworthy, what you need isn't programming skills so much as advanced mathematical skills.

    But you wouldn't need to invent new crypto. Just start using the strong crypto that is readily available right now, and stop relying on the default crypto your devices provide.

  20. JohnFen Silver badge

    Re: No is the answer and it remains that way

    " it is easy to think of several half-way credible ways of doing that."

    I don't think that it's easy at all. But if you really have a great idea, I encourage you to develop it. You'd be rich, and such a method would have many good and legitimate uses.

  21. Uffish

    Re: intellectually dishonest experts

    If the intellectual dishonesty means that a backdoor doesn't really exist then the scam won't last long, equally if the backdoor does exist it won't be much longer before it becomes known.

    Either way, as Sir Humphrey would have said "I do think you are being awfully brave, Prime Minister, to bring in this much needed measure".

  22. Doctor Syntax Silver badge

    Re: No is the answer and it remains that way

    "several half-way credible ways"

    The other half seems to have gone missing.

  23. tempemeaty

    What's the nature of a scorpion?

    Politicians are like scorpions. It's in their nature. This is what they will always do.

  24. Sir Runcible Spoon Silver badge
    WTF?

    Re: What's the nature of a scorpion?

    They're actually starting to sound like whiny brats and it's clear as crystal that this is their default approach to all shitty legislation - keep banging on until the public get bored and resistance fades. Only it isn't fading this time because they are actually asking for something that can't reasonably be done.

    "They must focus their brightest and best on meeting these fundamental social responsibilities."

    What, so the government can ignore all their advice when it doesn't fit with their own pre-conceived world view? (See drugs policy).

    All they want is everything, all the time, no resistance and they will keep whining until they get it or the public wises up and sacks them. The moment someone tells them what they want to hear they'll be all over it, whether it's possible, sensible or legal - doesn't seem to matter.

  25. Anonymous Coward
    Anonymous Coward

    Re: What's the nature of a scorpion?

    "keep banging on until the public get bored and resistance fades. Only it isn't fading this time"

    I'd like to share your optimism, but unfortunately actual evidence doesn't seem to support this: Beyond a little circle of people who a) understand the issue, *and* b) care about it (that's mostly Reg readers...), there is the vast crowd of people who just don't see what the problem might be.

    I've asked a lot of people around me (Ph.D education level...) about this specific issue, and they all just shrug and went "Well, it's not like I have something to hide. And besides, who would be interested in pictures of my pet/my holiday?". That's their standard answer to both blanket surveillance and criminals getting to their information. Questions about losing sensitive information (financial, health, etc) are shrugged off as outliers. "Can't be worse than Facebook" is actually an excuse I heard, and it makes sense - People willing to give Facebook their most intimate life details clearly don't have the same assessment of what privacy is good for.

    So beware, politicians' mantra-like repeating of stuff isn't a sign of some inability to accept reality, it's actually slow and steady brain washing. When the promised reductions in privacy eventually happen (in some technical way or another), the vast majority of people will only think "well, that was overdue, wasn't it".

  26. JohnFen Silver badge

    Re: What's the nature of a scorpion?

    "I've asked a lot of people around me (Ph.D education level...)"

    Just because someone has an advanced degree doesn't mean that they're competent (or even smart) when it comes to areas outside of what they got the degree in.

  27. Doctor Syntax Silver badge

    Re: What's the nature of a scorpion?

    I've asked a lot of people around me (Ph.D education level...) about this specific issue, and they all just shrug and went "Well, it's not like I have something to hide. And besides, who would be interested in pictures of my pet/my holiday?". That's their standard answer to both blanket surveillance and criminals getting to their information.

    Tell them to read the ToS of their bank and any other online services. Then they'll discover that not only do they have something to hide but that they're contractually obliged to hide it.

  28. Chemist

    Re: What's the nature of a scorpion?

    "Well, it's not like I have something to hide. And besides, who would be interested in pictures of my pet/my holiday?""

    Well I've not got anything to hide ( except financial stuff naturally) but I do always use ssh to access my systems at home from outside - this is to ensure security so my systems don't become a playground for spammers etc. My system is as secure as I can make it.

  29. Crisp Silver badge

    There's no magic encryption tree

    Where does she expect her hairbrained idea of encryption to come from?

  30. Mark 85 Silver badge

    Re: There's no magic encryption tree

    I wouldn't use "hairbrained" as I suspect she's pulling this out of her orifice that's lower to the aft. .

  31. 2+2=5 Silver badge
    Headmaster

    Re: There's no magic encryption tree

    I wouldn't use "hairbrained" as I suspect she's pulling this out of her orifice that's lower to the aft it's 'hare-brained' as in 'mad as a March hare'.

  32. Ole Juul Silver badge

    Re: There's no magic encryption tree

    Those who don't know math are doomed to repeat it.

  33. Chemist

    Re: There's no magic encryption tree

    "Those who don't know math are doomed to repeat it."

    That also recurred to me

  34. John Smith 19 Gold badge

    Where does she expect her hairbrained idea of encryption to come from?

    She doesn't have an idea.

    It's just like any politician.

    <gollum>

    We wants it.

    We wants it

    We wants it.

    </gollum>

  35. Anonymous Coward
    Anonymous Coward

    Re: There's no magic encryption tree

    I look at it like a "magic backdoor", however you can't create the back door without lubing it up and everyone taking one for the team. Maybe if someone explained it to her properly using the correct terminology then she might just get it as she's not been adverse to taking one for the team on many occasions. (DUP/Election/EU/Green/Johnson, the list goes on)

    Disclaimer: For impartiality I'll say it a good job Corbyn isn't in power because I'm unsure if he's ever used a computer. The lib dems would probably just put in their manifesto that they won't ban encryption and then ban it.

  36. Anonymous Coward
    Anonymous Coward

    Re: Where does she expect her hairbrained idea of encryption to come from?

    "Where does she expect her hairbrained idea of encryption to come from?"

    Just wait until the politicians hear about quantum entangled photon pairs. Soon they'll be demanding physicists entangle a third photon for monitoring purposes...

  37. Mark 85 Silver badge

    Funny thing about this argument and all the BS flying about. I would think that the "security agencies" would know that any encryption with a backdoor is useless. Maybe the fightback is to insist that they use the same encryption they want us to use?

    Then again, we've not heard from the grunts in the trenches in the agencies, only the political appointees who are mouthing the words they need to say to keep their jobs.

  38. phuzz Silver badge

    Exactly, GCHQ have some of the best cryptographers in the world, so they surely know that there's no way that they can have their own back door without some possibility of another country (or criminals etc.) finding a way to access it.

    I guess this explains the focus on getting companies to do it, then if (for example) Whatsapp's magic backdoor was breached, the government doesn't look responsible.

  39. Chemist

    "I would think that the "security agencies" would know that any encryption with a backdoor is useless"

    It's the same in other areas. I lost count of the number of times I put together very detailed proposals for/against certain approaches to tackling a disease area, going to great lengths to research what was know, list the unknowns, explain the complexities, list the pros & cons and suggest a way forward only for a PHB+2 to dismiss ( or sometimes sanction ) the whole thing after a few moments consideration.

  40. Sir Runcible Spoon Silver badge

    We should give them what they want and then carry on ignoring the useless fuckers. What are they going to do, write their own encryption programs?

  41. amanfromMars 1 Silver badge

    SNAFU v1.0 ....

    We should give them what they want and then carry on ignoring the useless fuckers. What are they going to do, write their own encryption programs? .... Sir Runcible Spoon

    Isn't that the Current State of Status Quo Systems in Politicised Fields of Global Play, Sir? The Spaces and Places were they presume to be able to Provide Lead, and be failing miserably and spectacularly.

  42. ThatOne Bronze badge
    Big Brother

    > would know that any encryption with a backdoor is useless

    Isn't that the whole point?

  43. Alister Silver badge

    The crucial point that all these politicians seem to be missing is that the knowledge and technology to do end-to-end encryption now exists.

    No matter what laws are passed, criminals and terrorists are, by their nature, not law abiding, and therefore will ignore those laws, and continue to use the technology.

    It is not possible to remove the ability to create end-to-end encryption, now it exists, all you can do is disadvantage law-abiding citizens.

  44. Ledswinger Silver badge

    all you can do is disadvantage law-abiding citizens

    That would appear to be the goal. A bit like all of the pantomime around "money laundering" that doesn't work, or "airport security".

  45. Nick Kew Silver badge

    The technology exists, but time and time again, we hear that real-life terrorists used unencrypted communication. They weren't caught because nobody was looking. Criminals and terrorists are not law-abiding, but more to the point, most of them are not awfully bright.

    If I were advising the security services, I'd be looking to put out messages calculated to encourage villains into using particular means of communication, where anything they might leak would be less needle-inna-haystack than the sum of all 'net traffic. One way to encourage that might be to have politicians and officials call for particular apps to be banned, thereby sending out the message that diabolical plots can be safely shared using precisely those apps. If any such app happened to have a backdoor, the calls to ban it (or force it to introduce a backdoor) would be loud and clear.

  46. StargateSg7 Bronze badge

    I will make encryption software such as encrypted video phones, fully encrypted instant message and custom encrypted web browsers as i see FIT !!!! I will release them FULLY OPEN SOURCE WITHOUT ANY BACKDOORS and ANY BAN will be USELESS because I simply will not LISTEN and will CONTINUE to release new versions when and where I see fit! I'm also in another country so you cannot touch me legally without some SERIOUS LEGAL FIREPOWER being brought in against you by me! I know some of the BEST lawyers in the business WORLDWIDE and the sheer weight of my legal opinions and legal paper deluge will obliterate any statutes you may wish to bring about!

    So Tough Tootie Minister!

    You can't disobey the laws of Math and Physics, they are COMPLETELY immutable!

    AND FINALLY!!!! Get away from AES-256, Triple DES and Elliptic Curve-based encryption algorithms!

    Modern supercomputers AND newer Quantum Computing-style (i.e. All States At Once Computing) WILL be able to break such systems.

    YOU MUST HAVE POST-QUANTUM CRYPTOGRAPHY !!!!

    You need Multivariate, Lattice, Code-based and other forms of "Post Quantum Cryptography" to be able to keep your data secrets from being ratted out by Shor's Algorithm!

  47. Flocke Kroes Silver badge

    Re: Goal ... disadvantage law-abiding citizens

    People tend to ascribe to others crimes they would commit themselves. For techies, this shows as an attempt to find sane intelligent motives consistent with other peoples' actions. This cannot work with Teresa May. Although ability at government is not a required attribute of a successful politician they do need to be better at politics ... than other politicians. She called for an election in June 2017. Now you know her level of competence at a core skill you have to base the motives behind her other activities consistent with determined ignorance and fly bashing against the closed half of a window level stupidity.

    The only defence against such people is education - somehow we have to educate enough voters to prevent people like her getting elected again.

  48. Hey Nonny Nonny Mouse

    The crux of it.

    "No matter what laws are passed, criminals and terrorists are, by their nature, not law abiding, and therefore will ignore those laws, and continue to use the technology."

    That.

    It always amazed me that a regular sentence for driving without a licence was a driving ban (I know the sister of a lad who, at the age of 14, got a lifetime driving ban for stealing and joyriding cars, needless to say, it had absolutely no deterrent effect), while I understand the reasoning behind it it seems absolutely nonsensical, rather it made them more likely to kill someone in their attempts to get away from the police, the inherent nature of a criminal is that they do not obey the laws that are used to punish them, nor do they care about the punishment meted out

    The weakening of the cryptography that's being demanded and justified as a means to keep us 'safe' is going to achieve the exact opposite.

  49. Halfmad

    Like a shell company?

    Government starts shell company with funds from taxpayer, shell company buys out trusted encryption system and changes the encryption in the background to suit themselves. Job done.

  50. jmch Silver badge

    Re: Goal ... disadvantage law-abiding citizens

    "People tend to ascribe to others crimes they would commit themselves"

    Not only that but even more generally, people tend to ascribe to others any behaviour they would do themselves

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2018