Are there any real-world examples where encryption backdoors have been successfully used without compromising cybersecurity? How do different governments and tech companies approach this issue, and what are the implications for global digital security?
Benefits - ape gets a grenade. Risks - ape doesn’t care about risks, because it throws the grenade far enough.
Please see exhibit A, the US telecoms infrastructure which has backdoors added by the alphabet agencies and has now been so thoroughly violated by Chinese hackers that they’ve basically given up trying to fix it. It would literally be easier to burn every telecom installation in the US to the ground and build new ones on the ashes than it would be to remove all the Chinese rootkits and back doors. All because someone just had to have a backdoor for the NSA/CIA/FBI.
Member when they tried to do this publicly and it only took hackers a few months to completely annihilate the most secure backdoor ever devised?
FUCK NO. How many times do we have to rehash this bullshit?
Encryption with a backdoor is no encryption.
Encryption with a backdoor is malware.
Are there any real-world examples where encryption backdoors have been successfully used without compromising cybersecurity?
No. Adding a backdoor to cybersecurity is fundamentally introducing a vulnerability that can be exploited by an attacker.
A backdoor in your IT security is like a hidden button to bypass the lock on the impenetrable front door of your impenetrable house. Sure, it makes the police serving a warrant easier, but now there’s a button that anyone can push to bypass your door.
What you will find are instances with no apparent violations. Just like setting all the nuclear weapons to have the exact same easily remembered activation code didn’t actually lead to a nuclear exchange.
What you *will* find are instances with no apparent violations. Just like setting all the nuclear weapons to have the exact same easily remembered activation code didn’t actually lead to a nuclear exchange.
This isn’t a great example. Not even a backdoor. That’s an example of weak security, at the final stage behind multiple layers of extremely strong security. If an adversary had got to the point where they were at an ICBM bunker console, and the only thing stopping them was a 4 digit code, it was already basically game over.
The backdoors our corporate oligarchs want have zero safeguards, and once discovered grant any attacker the keys to the entire kingdom, remotely. It’s more like the only security being the 4 digit code. It fundamentally weakens the security of everyone, and every system we rely on, to the extent any attempt to do it should be considered a direct act of war against us — as treasonous sabotage, that only our worst enemies would attempt.
Opponents point out that encryption backdoors might not significantly improve law enforcement’s
There have been cases where police was granted access to the data, but the crimes it was supposed to stop just continued. Not enough personnel, equipment, too difficult or some excuse like that. But if you don’t have enough resources to use the data in a meaningful way, why grant access?
That brings us to the next part, abuse of that data. There have been cases where the access to the data is used to go after organisers of legal protest against environment or labor. Going after certain political parties to harass them, usually left wing, also happens. And there have been cases of police using their access to stalk an ex.
It doesn’t seem to be a net positive.
The FBI pressured Apple to create an encryption backdoor to bypass their security features
This was more like a hardware security device backdoor - the key was in a hardware security device, that would only release it after receiving the PIN (without too many wrong attempts). But the hardware accepts signed firmware from Apple - and the firmware decides the rules like when to release the key. So this was effectively a backdoor only for Apple, and the FBI wanted to use it.
Systems would create a public audit trail whenever a backdoor is used, allowing independent auditors to monitor and report misuse of backdoors.
This has limits. If there is a trusted central party who makes sure there is an audit log before allowing the backdoor (e.g. the vendor), they could be pressured to allow access without the audit log.
If it is a non-interactive protocol in a decentralised system, someone can create all the records to prove the audit logs have been created, use the backdoor, but then just delete the audit logs and never submit them to anyone else.
The only possibility without a trusted central party is an interactive protocol. This could work as: For a message (chat message, cryptocurrency transaction etc…) to be accepted by the other participants, they must submit a zero-knowledge proof that the transaction includes an escrow key divided into 12 parts (such that any 8 of 12 participants can combine their shares to decrypt the key), encrypted with the public keys of 12 enrolled ‘jury’ members - who would need to be selected based on something like the hash of all messages up to that point. The jury members would be secret in that the protocol could be designed so the jury keys are not publicly linked to specific users. The authority could decrypt data by broadcasting a signed audit log requesting decryption of certain data, and jury members would receive credits for submitting a share of the escrow key (encrypted so only the authority could read it) along with a zero-knowledge proof that it is a valid and non-duplicate escrow key. Of course, the person sending the message could jury shop by waiting until the next message will have the desired jury, and only sending it then. But only 8/12 jurors need to be honest. There is also a risk jurors would drop out and not care about credits, or be forced to collude with the authority.
Cryptographic Enforcement: Technical solutions could ensure that the master key is unusable if certain conditions—such as an invalid warrant or missing audit trail—are not met.
Without a trusted central party (or trusted hardware playing the same role), this seems like it would require something like Blackbox Obfuscation, which has been proven to be impossible. The best possibility would be an interactive protocol that would need enough people to collude to break it.
Are there any real-world examples where encryption backdoors have been successfully used without compromising cybersecurity?
No. That concept is an oxymoron.
At a certain point, we’re back to philosophy. Do you really want to build in a back door in the first place? What is the trade off between privacy and security and potential use by any enforcement agency in apprehending who they consider to be bad actors? How much of the resources of those agencies are actually allocated to taking down real threats to actual people vs protecting moneyed interest?
We also know that these back doors are entry points for other bad often state actors. There is no reasonable use for them to exist!