From 301f60024f704dba01ecaba7bd5cf92e567f2269 Mon Sep 17 00:00:00 2001 From: 46halbe <46halbe@berlin.ccc.de> Date: Fri, 14 Jun 2019 16:47:27 +0000 Subject: committing page revision 3 --- updates/2019/encrypted-messengers.en.md | 298 ++++++++++++++++++++++++++++++++ 1 file changed, 298 insertions(+) create mode 100644 updates/2019/encrypted-messengers.en.md (limited to 'updates/2019') diff --git a/updates/2019/encrypted-messengers.en.md b/updates/2019/encrypted-messengers.en.md new file mode 100644 index 00000000..075bd335 --- /dev/null +++ b/updates/2019/encrypted-messengers.en.md @@ -0,0 +1,298 @@ +title: IT security: CCC against weakening of encryption by law +date: 2019-06-11 20:42:46 +updated: 2019-06-14 16:47:27 +author: linus +tags: update, pressemitteilung, verschlüsselung, bmi + +Chaos Computer Club (CCC) signed the open letter against backdoors. + + + +TO: German Federal Ministry of the Interior, Building and Community + +IN COPY: German Federal Foreign Office, German Federal Ministry of +Justice and Consumer Protection, German Federal Ministry of Economic +Affairs and Energy, German Federal Office for Information Security + +**Subject: Planned encroachment on encryption of messenger services +would have fatal consequences** + +Ladies and Gentlemen, + +the Federal Ministry of the Interior, Building and Community (BMI) plans +a change in the law to make it easier for German police and security +authorities to gain access to the digital communication of suspects in +the future, according to media reports. To this end, providers of +messenger services such as Whatsapp, Threema, and iMessage are to be +required by law to modify their encryption technology in such a way that +authorities can record the entire communication of users in cases which +have generated suspicion. ([reported in +Gerrman](https://www.spiegel.de/plus/horst-seehofer-greift-whatsapp-an-a-00000000-0002-0001-0000-000164076162)) + +We expressly warn against such a step and demand an immediate +renunciation of this or similar political intentions at German and +European level. The proposed reform would precipitously reduce the +security level of millions of German Internet users, create new gateways +for foreign intelligence services and Internet criminals, and massively +damage Germany's international reputation as a leading location for a +secure and data protection-oriented digital economy. Instead of +implementing reform ideas that are years out of date, the German Federal +Ministry of the Interior, Building and Community should, in our view, +take a new security policy path and develop proposals that improve the +work of police and security authorities without downgrading the security +of IT systems and private communications in Germany as a whole. + +Our criticism in detail: + +## The German Crypto Policy + +At the end of May, it became known that the Federal Ministry of the +Interior, Building and Community is planning to extend the existing +Telecommunications Act to encrypted messengers such as WhatsApp, Signal, +Threema, Wire, and Telegram. This means in concrete terms: The operators +of these services must redesign their software in such a way that the +content of messages can be passed on in unencrypted form to security +authorities. Should the operators refuse to do so, their services would +be blocked in Germany. Representatives of the British GCHQ describe in +their “Ghost Proposal”^[\[1\]](#ftnt1){#ftnt_ref1}^ what a technical +implementation of the backdoors in the messenger apps could look like. +This proposal has recently been strongly criticized in an open letter by +an international alliance of industry, academia, and civil +society.^[\[2\]](#ftnt2){#ftnt_ref2}^ + +The BMI proposal undermines twenty years of successful crypto policy in +Germany.^[\[3\]](#ftnt3){#ftnt_ref3}^ In the cornerstones of the German +Crypto Policy of 1999,^[\[4\]](#ftnt4){#ftnt_ref4}^ the then federal +government agreed on a principle that became known under the maxim +“security through encryption and security despite encryption”. This +principle has since been confirmed several times by the subsequent +federal governments. In 2014, Germany even expressed the ambition to +become the “No. 1 encryption location”^[\[5\]](#ftnt5){#ftnt_ref5}^ in +the world. A break with these commitments would cause lasting damage to +Germany's IT security in administration, industry, and society. + +## Impact on IT security + +The planned obligation on messenger operators would result in operators +being required to incorporate a vulnerability in their software. This +demands a profound encroachment on the existing complex software systems +of the operators. This vulnerability could be exploited by intelligence +services and criminals to gain access to sensitive information from +individuals, government authorities, and companies. Current +examples^[\[6\]](#ftnt6){#ftnt_ref6}^ show that securing a messenger is +already complex enough, without incorporating additional vulnerabilities +and thus further jeopardizing IT security. + +At the same time, this incorporation of vulnerabilities would enable +employees of the operators to view communication content, something +which is currently not possible. This not only increases the potential +for abuse – a central storage of the required cryptographic +keys^[\[7\]](#ftnt7){#ftnt_ref7}^ would also represent a primary target +for attackers, which in the case of a successful attack could lead to +the disclosure of the communication of all (!) users +(Single-Point-of-Failure). + +In addition, the new version of the respective messenger app with a +backdoor would have to be installed as a software update. Either all +German users or selected German users would receive this backdoor as an +update. This process would shake consumer confidence in security updates +to the core, and would thus have a lasting negative impact on IT +security in Germany. + +Should the messenger operators fail to implement the planned measure, +the Ministry of the Interior plans to block their services in Germany. +This would also be the only way for the authorities to deal with +messengers whose encryption does not require a central operator and in +which no backdoors could be implemented by regulation (e.g. Pretty Good +Privacy, Off-The-Record). This would inevitably mean that there would no +longer be any secure messenger communication within Germany. However, a +technical implementation would be virtually impossible, especially for +open source messenger apps such as Signal. It would require a dedicated +IT infrastructure which deeply encroaches on civil liberties, in order +to rule out the bypassing of these blocks (including blocking Virtual +Private Networks \[VPNs\] and The Onion Router \[TOR\]), as criminals +would be the first to attempt this.^[\[8\]](#ftnt8){#ftnt_ref8}^ + +However, this would not “only” affect German authorities (e.g. police, +fire brigade, technical relief), companies and citizens in general, but +also people subject to professional confidentiality (e.g. lawyers, +clergymen, physicians, journalists, and parliamentarians) and other +groups of persons who are in particular need of protection. + +Meanwhile, former intelligence chiefs are increasingly arguing that in +the age of cyber crime, data leaks, and espionage, the benefits of +comprehensive encryption (without backdoors) more than outweigh the loss +of surveillance capability. Strategic interests such as the stability of +the IT sector and the IT ecosystem outweigh the tactical interests of +prosecutors, such as former NSA chief Michael Hayden and former head of +the British domestic intelligence service +MI5.^[\[9\]](#ftnt9){#ftnt_ref9}^ + +## Empirical state of knowledge and alternatives + +In keeping with the cornerstones of the German Crypto Policy, the German +federal government decided in 1999 not to weaken encryption (including +the installation of backdoors) but to use malware (“State Trojan”) to +obtain data before/after encryption. For understandable reasons, the +German Federal Constitutional Court set high barriers for this measure. +Instead of carrying out an urgently needed needs analysis on the basis +of the existing surveillance measures and the +overall^[\[10\]](#ftnt10){#ftnt_ref10}^ surveillance account demanded +many years ago by the Federal Constitutional Court, a regulation is now +to be implemented that ignores^[\[11\]](#ftnt11){#ftnt_ref11}^ more than +twenty years of scientific findings in IT security research. + +The often cited hypothesis that secret services and law enforcement +authorities no longer have access to relevant data due to encryption +(going dark) has not been empirically proven to +date.^[\[12\]](#ftnt12){#ftnt_ref12}^ On the contrary, technological +developments in recent decades have resulted in more data being +available to prosecutors than ever +before.^[\[13\]](#ftnt13){#ftnt_ref13}^ The law enforcement authorities +have so far documented very little regarding the number of cases where +encrypted communication has actually brought investigations to a halt. +Nor is there a complete overview of which alternative possibilities for +collecting the necessary data are already legal in Germany and where +there are still gaps.^[\[14\]](#ftnt14){#ftnt_ref14}^ + +## International spillover effects + +If this proposal were to be implemented, it would also have a negative +impact far beyond Germany's borders. Authoritarian states would refer to +this regulation and request corresponding content data from the +messenger operators with reference to the fact that this is technically +possible, given that it is already being done in Germany. This would +massively affect the communication of human rights activists, +journalists, and other pursued groups ofpeople – groups of people that +German foreign and development aid policy has tried to protect up to now +and supports to the tune of billions of Euros annually. Germany must +also be aware of its responsibility in the world in this area. By +deliberately weakening secure messenger apps, Germany would jeopardize +its credibility in foreign policy as an advocate of a free and open +Internet.^[\[15\]](#ftnt15){#ftnt_ref15}^ The Network Enforcement Act +serves here as a warning of the impact German legislation can have on +the world.^[\[16\]](#ftnt16){#ftnt_ref16}^ + +## Germany as a business location + +Administration, businesses, and consumers must be able to rely on the +fact that the use of digital products and services meets the +requirements for the protection of their data and the integrity of their +systems. For companies in particular, this plays a major role in the +choice of their production location. They establish their headquarters +in those places where they know their trade secrets and customer data +are protected. + +Sabotage and industrial espionage caused 43 billion Euro damage to the +industrial sector alone in 2016/2017.^[\[17\]](#ftnt17){#ftnt_ref17}^ It +can be assumed that a weakening of encryption will further increase +these figures, as built-in backdoors can also be abused by foreign +intelligence services and criminals. If Germany wants to be an +innovation-friendly and competitive business location, technical +backdoors that allow access for third parties must continue to be +excluded. + +In addition, Germany is also a location for IT security companies with, +among other things, a focus on encryption technologies. The +trustworthiness of these companies in particular would be massively +jeopardized by the planned intentions. This would weaken Germany as a +location for the IT security industry as a whole, which directly +contradicts the industrial policy goals of Germany and Europe. + +We expressly warn against the planned intentions of the German Federal +Ministry of the Interior, Building and Community to regulate messenger +services and demand an immediate abandonment of this and similar +political intentions at German and European level. In addition, an +official assessment from the following bodies would be required: : + +- The Federal Ministry for Economic Affairs and Energy (BMWi) (focus: + possible damage to German industry and the digital economy), +- of the German Federal Foreign Office (focus: Spillover effects, + especially in authoritarian states, loss of Germany’s reputation as + an established constitutional state), +- German Federal Ministry of Justice and Consumer Protection (focus: + loss of consumer confidence), +- Federal Office for Information Security (focus: jeopardizing IT + Security in Germany for the state, industry, and society). + +Yours sincerely + +[**German version**](/de/updates/2019/encrypted-messengers) + +------------------------------------------------------------------------ + +## Links: + +- [\[1\]](#ftnt_ref1){#ftnt1} [Ian Levy, Crispin Robinson: Principles + for a More Informed Exceptional Access + Debate](https://www.lawfareblog.com/principles-more-informed-exceptional-access-debate) +- [\[2\]](#ftnt_ref2){#ftnt2} [Coalition Letter: Open Letter to + GCHQ](https://newamericadotorg.s3.amazonaws.com/documents/Coalition_Letter_to_GCHQ_on_Ghost_Proposal_-_May_22_2019.pdf) +- [\[3\]](#ftnt_ref3){#ftnt3} [Sven Herpig, Stefan Heumann: Encryption + Debate in + Germany](https://carnegieendowment.org/2019/05/30/encryption-debate-in-germany-pub-79215) +- [\[4\]](#ftnt_ref4){#ftnt4} [Die Raven-Homepage: Eckpunkte der + deutschen + Kryptopolitik](https://hp.kairaven.de/law/eckwertkrypto.html) (The + Cornerstones of German Crypto Policy) +- [\[5\]](#ftnt_ref5){#ftnt5} [Die Bundesregierung: Digitale Agenda + 2014 - + 2017](https://www.bmwi.de/Redaktion/DE/Publikationen/Digitale-Welt/digitale-agenda.pdf?__blob%253DpublicationFile%2526v%253D3) +- [\[6\]](#ftnt_ref6){#ftnt6} [Jürgen Schmidt: Kritische + Sicherheitslücke gefährdet Milliarden + WhatsApp-Nutzer](https://www.heise.de/security/meldung/Kritische-Sicherheitsluecke-gefaehrdet-Milliarden-WhatsApp-Nutzer-4186365.html) + (Critical vulnerability threatens billions of WhatsApp users) und + [Marius Mestermann: Ernster iPhone-Bug: Apple schaltet + FaceTime-Gruppenanrufe + ab](https://www.spiegel.de/politik/deutschland/nachrichten-am-morgen-die-news-in-echtzeit-a-1249669.html) + (Apple turns off FaceTime group calls) +- [\[7\]](#ftnt_ref7){#ftnt7} This is one possible implementation of + these backdoors. There are also other implementation possibilities, + but these are technically no less problematic. +- [\[8\]](#ftnt_ref8){#ftnt8} [Matthias Schulze: Überwachung von + WhatsApp und Co. Going dark? (Monitoring of WhatsApp and + Co.)](http://percepticon.de/2019/06/04-going-dark/) +- [\[9\]](#ftnt_ref9){#ftnt9} [Michael Hayden: The Pros and Cons of + Encryption](https://www.youtube.com/watch?v%253D6HNnVcp6NYA) and + [The Guardian: Ex-MI5 Chef warns against crackdown on encrypted + messaging + apps](https://www.theguardian.com/technology/2017/aug/11/ex-mi5-chief-warns-against-crackdown-encrypted-messaging-apps) +- [\[10\]](#ftnt_ref10){#ftnt10} [Constanze Kurz: + Überwachungsgesamtrechnung: Vorratsdatenspeicherung ist der Tropfen, + der das Fass zum Überlaufen + bringt](https://netzpolitik.org/2015/ueberwachungsgesamtrechnung-vorratsdatenspeicherung-ist-der-tropfen-der-das-fass-zum-ueberlaufen-bringt/) + (Overall Surveillance Account: Blanket Data Retention is the Straw + that Broke the Camel’s Back) +- [\[11\]](#ftnt_ref11){#ftnt11} [Danielle Kehl, Andi Wilson, Kevin + Bankston: Doomed to repeat history? Lessons from the Crypto Wars of + the + 1990s](https://static.newamerica.org/attachments/3407-doomed-to-repeat-history-lessons-from-the-crypto-wars-of-the-1990s/Crypto%252520Wars_ReDo.7cb491837ac541709797bdf868d37f52.pdf) +- [\[12\]](#ftnt_ref12){#ftnt12} [Matthias Schulze, Going Dark? + Dilemma zwischen sicherer, privater Kommunikation und den + Sicherheitsinteressen von + Staaten.](http://www.bpb.de/apuz/259141/going-dark?p%253Dall) + (Dilemma between secure, private communication and the security + interests of states.) +- [\[13\]](#ftnt_ref13){#ftnt13} [Peter Swire, The FBI Doesn’t Need + More Access: We’re Already in the Golden Age of + Surveillance](https://www.justsecurity.org/17496/fbi-access-golden-age-surveillance/) + and [Matthias Schulze: Clipper Meets Apple vs. FBI—A Comparison of + the Cryptography Discourses from 1993 and + 2016](https://www.cogitatiopress.com/mediaandcommunication/article/view/805) +- [\[14\]](#ftnt_ref14){#ftnt14} [Sven Herpig: A Framework for + Government Hacking in Criminal + Investigations](https://www.stiftung-nv.de/sites/default/files/framework_for_government_hacking_in_criminal_investigations.pdf) +- [\[15\]](#ftnt_ref15){#ftnt15} [Matthias Schulze: Verschlüsselung in + Gefahr](https://www.swp-berlin.org/publikation/verschluesselung-in-gefahr/) + (Encryption in danger) and [Cathleen Berger: Is Germany + (involuntarily) setting a global digital + agenda?](https://medium.com/@_cberger_/is-germany-involuntarily-setting-a-global-digital-agenda-21c7eb735e26) +- [\[16\]](#ftnt_ref16){#ftnt16} [Reporter ohne Grenzen: Russland + kopiert Gesetz gegen + Hassbotschaften](https://www.reporter-ohne-grenzen.de/russland/alle-meldungen/meldung/russland-kopiert-gesetz-gegen-hassbotschaften/) + (Russia copied law against hate messages) +- [\[17\]](#ftnt_ref17){#ftnt17} [bitkom: Spionage, Sabotage und + Datendiebstahl – Wirtschaftsschutz in der + Industrie](https://www.bitkom.org/sites/default/files/file/import/181008-Bitkom-Studie-Wirtschaftsschutz-2018-NEU.pdf) + (Espionage, sabotage and data theft – economic protection in + industry) -- cgit v1.2.3