cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
leroux
Community Champion

UK GCHQ demand for backdoor key criticised by tech giants in open letter

In an open letter signed by 47 organisations, including Google, Apple and Microsoft, UK GCHQ was urged to abandon its proposal, warning that it would pose a threat to digital security and also undermine trust in messaging services.

 

The organisation is demanding a 'ghost' protocol be built-in to messaging services that would effectively enable it to eavesdrop on any encrypted communications. 

"GCHQ's ghost protocol creates serious threats to digital security: if implemented, it will undermine the authentication process that enables users to verify that they are communicating with the right people, introduce potential unintentional vulnerabilities, and increase risks that communications systems could be abused or misused," the signatories wrote in their letter.

GCHQ first published its proposal last November, demanding that the services add a 'ghost participant' into all encrypted chats. GCHQ's plan means that a copy of each encrypted message would be sent to intelligence agencies, without users ever knowing that a third party also has access to all of their messages.

In support of its proposal, GCHQ argued that the idea is no more intrusive than practices currently being used to listen-in on unencrypted telephone conversations, and that it would also eliminate the need to add a back door to encryption protocols.

The coalition's open letter, however, criticises GCHQ's proposal, pointing out that such a practice would not only undermine user trust, but would also inject complexity into the entire system, with the risk of adding new vulnerabilities that could potentially be exploited by cybercriminals.

The ghost protocol would also result in messaging services getting a mechanism to overhear users' communications — thus thwarting the privacy benefits provided by end-to-end encryption in messaging.

2 Replies
CraginS
Defender I

Aw, geee guys!

 

Please search the interWebs for Santayana, Skipjack, and Clipper chip.

 

 

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts
rslade
Influencer II

I refer you, once again, to the crypto wars (recidivus) ...

 

(Yeah, @CraginS, I remember Skipjack, and the Clipper chip ...)

 

"Ghost protocol."  Sounds like it's spelled "backdoor" to me ...


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468