In recent months, we’ve learned governments believe there should exist backdoors in tech’s biggest products. We’ve also learned, recently, they’re no hypocrites: the UK government’s official voice encryption protocol has a glaring backdoor allowing security services to eavesdrop, according to new research. The UK government planned to build an assortment of products based on the technology, but this might be under review considering the findings of one cybersecurity expert.
University College London cybersecurity expert, Dr Steven Murdoch, wrote a blog post regarding the MIKEY-SAKKE spec of the UK government’s phone security software, which he conjectures was designed to “allow undetectable and unauditable mass surveillance.” While Murdoch conjectures the backdoor was designed intentionally, this has not been confirmed, and could be an oversight by government developers.
According to Dr Murdoch, the “vast majority of cases” in which the technology would be used could be “actively harmful for security.” Thus, while using the technology, users could see their personal data and past conversations leaked to hackers.
“The existence of a master private key that can decrypt all calls past and present without detection, on a computer permanently available, creates a huge security risk, and an irresistible target for attackers,” Murdoch wrote.
The project stems from the Internet Engineering Task Force (IETF), a division of Britain’s Government Communication Headquarters (GCHQ), in 2012, and celebrated by the government as featuring a “number of desirable features, including simplex transmission, scalability, low-latency call setup, and support for secure deferred delivery”. The system was designed with “a desire to allow undetectable and unauditable mass surveillance.” How does it make users vulnerable?
It creates a vulnerable single point of failure, which would require huge effort, skill and cost to secure – requiring resource beyond the capability of most companies.
Using the EFF’s security scorecard, Murdoch determined that MIKEY-SAKKE meets just one of the four key elements for protocol design. The manner in which the protocol incorporates encryption keys means a telecom provider could initiate a man-in-the-middle attack without victims knowing. Hackers could decrypt conversations over the network.
The UK’s Communications Electronics Security Group (CESG) has pushed a similar approach in recent months, incorporating such eavesdropping tech into a product called Secure Chorus. MIKEY-SAKKE does not effort to protect the identity of users, as the metadata provided by calls can link locations and identities. The backdoor can then allow a hacker to access past and present phone calls.
“Also calls which cross different network providers (e.g. between different companies) would be decrypted at a gateway computer, creating another location where calls could be eavesdropped,” Murdoch said. The design of the system’s crypto protocol means past calls can be decrypted.
“While the GCHQ protocol was explicitly stated to support key escrow to facilitate law enforcement and intelligence agency access, this controversial aspect has not been included in the description of MIKEY-SAKKE and instead the efficiency over EDH is emphasised,” Murdoch states about the UK history of such espionage.
Featured image from Shutterstock.