summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
author46halbe <46halbe@berlin.ccc.de>2019-06-14 16:47:27 +0000
committer46halbe <46halbe@berlin.ccc.de>2020-05-23 13:40:21 +0000
commit301f60024f704dba01ecaba7bd5cf92e567f2269 (patch)
tree11cedcd5b29f18fab0b1982d8f9e3d89bde941f3
parentbdd69b4b68f985cb9b6282cef3b570f7b62fb535 (diff)
committing page revision 3
-rw-r--r--updates/2019/encrypted-messengers.en.md298
1 files changed, 298 insertions, 0 deletions
diff --git a/updates/2019/encrypted-messengers.en.md b/updates/2019/encrypted-messengers.en.md
new file mode 100644
index 00000000..075bd335
--- /dev/null
+++ b/updates/2019/encrypted-messengers.en.md
@@ -0,0 +1,298 @@
1title: IT security: CCC against weakening of encryption by law
2date: 2019-06-11 20:42:46
3updated: 2019-06-14 16:47:27
4author: linus
5tags: update, pressemitteilung, verschlüsselung, bmi
6
7Chaos Computer Club (CCC) signed the open letter against backdoors.
8
9<!-- TEASER_END -->
10
11TO: German Federal Ministry of the Interior, Building and Community
12
13IN COPY: German Federal Foreign Office, German Federal Ministry of
14Justice and Consumer Protection, German Federal Ministry of Economic
15Affairs and Energy, German Federal Office for Information Security
16
17**Subject: Planned encroachment on encryption of messenger services
18would have fatal consequences**
19
20Ladies and Gentlemen,
21
22the Federal Ministry of the Interior, Building and Community (BMI) plans
23a change in the law to make it easier for German police and security
24authorities to gain access to the digital communication of suspects in
25the future, according to media reports. To this end, providers of
26messenger services such as Whatsapp, Threema, and iMessage are to be
27required by law to modify their encryption technology in such a way that
28authorities can record the entire communication of users in cases which
29have generated suspicion. ([reported in
30Gerrman](https://www.spiegel.de/plus/horst-seehofer-greift-whatsapp-an-a-00000000-0002-0001-0000-000164076162))
31
32We expressly warn against such a step and demand an immediate
33renunciation of this or similar political intentions at German and
34European level. The proposed reform would precipitously reduce the
35security level of millions of German Internet users, create new gateways
36for foreign intelligence services and Internet criminals, and massively
37damage Germany's international reputation as a leading location for a
38secure and data protection-oriented digital economy. Instead of
39implementing reform ideas that are years out of date, the German Federal
40Ministry of the Interior, Building and Community should, in our view,
41take a new security policy path and develop proposals that improve the
42work of police and security authorities without downgrading the security
43of IT systems and private communications in Germany as a whole.
44
45Our criticism in detail:
46
47## The German Crypto Policy
48
49At the end of May, it became known that the Federal Ministry of the
50Interior, Building and Community is planning to extend the existing
51Telecommunications Act to encrypted messengers such as WhatsApp, Signal,
52Threema, Wire, and Telegram. This means in concrete terms: The operators
53of these services must redesign their software in such a way that the
54content of messages can be passed on in unencrypted form to security
55authorities. Should the operators refuse to do so, their services would
56be blocked in Germany. Representatives of the British GCHQ describe in
57their “Ghost Proposal”^[\[1\]](#ftnt1){#ftnt_ref1}^ what a technical
58implementation of the backdoors in the messenger apps could look like.
59This proposal has recently been strongly criticized in an open letter by
60an international alliance of industry, academia, and civil
61society.^[\[2\]](#ftnt2){#ftnt_ref2}^
62
63The BMI proposal undermines twenty years of successful crypto policy in
64Germany.^[\[3\]](#ftnt3){#ftnt_ref3}^ In the cornerstones of the German
65Crypto Policy of 1999,^[\[4\]](#ftnt4){#ftnt_ref4}^ the then federal
66government agreed on a principle that became known under the maxim
67“security through encryption and security despite encryption”. This
68principle has since been confirmed several times by the subsequent
69federal governments. In 2014, Germany even expressed the ambition to
70become the “No. 1 encryption location”^[\[5\]](#ftnt5){#ftnt_ref5}^ in
71the world. A break with these commitments would cause lasting damage to
72Germany's IT security in administration, industry, and society.
73
74## Impact on IT security
75
76The planned obligation on messenger operators would result in operators
77being required to incorporate a vulnerability in their software. This
78demands a profound encroachment on the existing complex software systems
79of the operators. This vulnerability could be exploited by intelligence
80services and criminals to gain access to sensitive information from
81individuals, government authorities, and companies. Current
82examples^[\[6\]](#ftnt6){#ftnt_ref6}^ show that securing a messenger is
83already complex enough, without incorporating additional vulnerabilities
84and thus further jeopardizing IT security.
85
86At the same time, this incorporation of vulnerabilities would enable
87employees of the operators to view communication content, something
88which is currently not possible. This not only increases the potential
89for abuse – a central storage of the required cryptographic
90keys^[\[7\]](#ftnt7){#ftnt_ref7}^ would also represent a primary target
91for attackers, which in the case of a successful attack could lead to
92the disclosure of the communication of all (!) users
93(Single-Point-of-Failure).
94
95In addition, the new version of the respective messenger app with a
96backdoor would have to be installed as a software update. Either all
97German users or selected German users would receive this backdoor as an
98update. This process would shake consumer confidence in security updates
99to the core, and would thus have a lasting negative impact on IT
100security in Germany.
101
102Should the messenger operators fail to implement the planned measure,
103the Ministry of the Interior plans to block their services in Germany.
104This would also be the only way for the authorities to deal with
105messengers whose encryption does not require a central operator and in
106which no backdoors could be implemented by regulation (e.g. Pretty Good
107Privacy, Off-The-Record). This would inevitably mean that there would no
108longer be any secure messenger communication within Germany. However, a
109technical implementation would be virtually impossible, especially for
110open source messenger apps such as Signal. It would require a dedicated
111IT infrastructure which deeply encroaches on civil liberties, in order
112to rule out the bypassing of these blocks (including blocking Virtual
113Private Networks \[VPNs\] and The Onion Router \[TOR\]), as criminals
114would be the first to attempt this.^[\[8\]](#ftnt8){#ftnt_ref8}^
115
116However, this would not “only” affect German authorities (e.g. police,
117fire brigade, technical relief), companies and citizens in general, but
118also people subject to professional confidentiality (e.g. lawyers,
119clergymen, physicians, journalists, and parliamentarians) and other
120groups of persons who are in particular need of protection.
121
122Meanwhile, former intelligence chiefs are increasingly arguing that in
123the age of cyber crime, data leaks, and espionage, the benefits of
124comprehensive encryption (without backdoors) more than outweigh the loss
125of surveillance capability. Strategic interests such as the stability of
126the IT sector and the IT ecosystem outweigh the tactical interests of
127prosecutors, such as former NSA chief Michael Hayden and former head of
128the British domestic intelligence service
129MI5.^[\[9\]](#ftnt9){#ftnt_ref9}^
130
131## Empirical state of knowledge and alternatives
132
133In keeping with the cornerstones of the German Crypto Policy, the German
134federal government decided in 1999 not to weaken encryption (including
135the installation of backdoors) but to use malware (“State Trojan”) to
136obtain data before/after encryption. For understandable reasons, the
137German Federal Constitutional Court set high barriers for this measure.
138Instead of carrying out an urgently needed needs analysis on the basis
139of the existing surveillance measures and the
140overall^[\[10\]](#ftnt10){#ftnt_ref10}^ surveillance account demanded
141many years ago by the Federal Constitutional Court, a regulation is now
142to be implemented that ignores^[\[11\]](#ftnt11){#ftnt_ref11}^ more than
143twenty years of scientific findings in IT security research.
144
145The often cited hypothesis that secret services and law enforcement
146authorities no longer have access to relevant data due to encryption
147(going dark) has not been empirically proven to
148date.^[\[12\]](#ftnt12){#ftnt_ref12}^ On the contrary, technological
149developments in recent decades have resulted in more data being
150available to prosecutors than ever
151before.^[\[13\]](#ftnt13){#ftnt_ref13}^ The law enforcement authorities
152have so far documented very little regarding the number of cases where
153encrypted communication has actually brought investigations to a halt.
154Nor is there a complete overview of which alternative possibilities for
155collecting the necessary data are already legal in Germany and where
156there are still gaps.^[\[14\]](#ftnt14){#ftnt_ref14}^
157
158## International spillover effects
159
160If this proposal were to be implemented, it would also have a negative
161impact far beyond Germany's borders. Authoritarian states would refer to
162this regulation and request corresponding content data from the
163messenger operators with reference to the fact that this is technically
164possible, given that it is already being done in Germany. This would
165massively affect the communication of human rights activists,
166journalists, and other pursued groups ofpeople – groups of people that
167German foreign and development aid policy has tried to protect up to now
168and supports to the tune of billions of Euros annually. Germany must
169also be aware of its responsibility in the world in this area. By
170deliberately weakening secure messenger apps, Germany would jeopardize
171its credibility in foreign policy as an advocate of a free and open
172Internet.^[\[15\]](#ftnt15){#ftnt_ref15}^ The Network Enforcement Act
173serves here as a warning of the impact German legislation can have on
174the world.^[\[16\]](#ftnt16){#ftnt_ref16}^
175
176## Germany as a business location
177
178Administration, businesses, and consumers must be able to rely on the
179fact that the use of digital products and services meets the
180requirements for the protection of their data and the integrity of their
181systems. For companies in particular, this plays a major role in the
182choice of their production location. They establish their headquarters
183in those places where they know their trade secrets and customer data
184are protected.
185
186Sabotage and industrial espionage caused 43 billion Euro damage to the
187industrial sector alone in 2016/2017.^[\[17\]](#ftnt17){#ftnt_ref17}^ It
188can be assumed that a weakening of encryption will further increase
189these figures, as built-in backdoors can also be abused by foreign
190intelligence services and criminals. If Germany wants to be an
191innovation-friendly and competitive business location, technical
192backdoors that allow access for third parties must continue to be
193excluded.
194
195In addition, Germany is also a location for IT security companies with,
196among other things, a focus on encryption technologies. The
197trustworthiness of these companies in particular would be massively
198jeopardized by the planned intentions. This would weaken Germany as a
199location for the IT security industry as a whole, which directly
200contradicts the industrial policy goals of Germany and Europe.
201
202We expressly warn against the planned intentions of the German Federal
203Ministry of the Interior, Building and Community to regulate messenger
204services and demand an immediate abandonment of this and similar
205political intentions at German and European level. In addition, an
206official assessment from the following bodies would be required: :
207
208- The Federal Ministry for Economic Affairs and Energy (BMWi) (focus:
209 possible damage to German industry and the digital economy),
210- of the German Federal Foreign Office (focus: Spillover effects,
211 especially in authoritarian states, loss of Germany’s reputation as
212 an established constitutional state),
213- German Federal Ministry of Justice and Consumer Protection (focus:
214 loss of consumer confidence),
215- Federal Office for Information Security (focus: jeopardizing IT
216 Security in Germany for the state, industry, and society).
217
218Yours sincerely
219
220[**German version**](/de/updates/2019/encrypted-messengers)
221
222------------------------------------------------------------------------
223
224## Links:
225
226- [\[1\]](#ftnt_ref1){#ftnt1} [Ian Levy, Crispin Robinson: Principles
227 for a More Informed Exceptional Access
228 Debate](https://www.lawfareblog.com/principles-more-informed-exceptional-access-debate)
229- [\[2\]](#ftnt_ref2){#ftnt2} [Coalition Letter: Open Letter to
230 GCHQ](https://newamericadotorg.s3.amazonaws.com/documents/Coalition_Letter_to_GCHQ_on_Ghost_Proposal_-_May_22_2019.pdf)
231- [\[3\]](#ftnt_ref3){#ftnt3} [Sven Herpig, Stefan Heumann: Encryption
232 Debate in
233 Germany](https://carnegieendowment.org/2019/05/30/encryption-debate-in-germany-pub-79215)
234- [\[4\]](#ftnt_ref4){#ftnt4} [Die Raven-Homepage: Eckpunkte der
235 deutschen
236 Kryptopolitik](https://hp.kairaven.de/law/eckwertkrypto.html) (The
237 Cornerstones of German Crypto Policy)
238- [\[5\]](#ftnt_ref5){#ftnt5} [Die Bundesregierung: Digitale Agenda
239 2014 -
240 2017](https://www.bmwi.de/Redaktion/DE/Publikationen/Digitale-Welt/digitale-agenda.pdf?__blob%253DpublicationFile%2526v%253D3)
241- [\[6\]](#ftnt_ref6){#ftnt6} [Jürgen Schmidt: Kritische
242 Sicherheitslücke gefährdet Milliarden
243 WhatsApp-Nutzer](https://www.heise.de/security/meldung/Kritische-Sicherheitsluecke-gefaehrdet-Milliarden-WhatsApp-Nutzer-4186365.html)
244 (Critical vulnerability threatens billions of WhatsApp users) und
245 [Marius Mestermann: Ernster iPhone-Bug: Apple schaltet
246 FaceTime-Gruppenanrufe
247 ab](https://www.spiegel.de/politik/deutschland/nachrichten-am-morgen-die-news-in-echtzeit-a-1249669.html)
248 (Apple turns off FaceTime group calls)
249- [\[7\]](#ftnt_ref7){#ftnt7} This is one possible implementation of
250 these backdoors. There are also other implementation possibilities,
251 but these are technically no less problematic.
252- [\[8\]](#ftnt_ref8){#ftnt8} [Matthias Schulze: Überwachung von
253 WhatsApp und Co. Going dark? (Monitoring of WhatsApp and
254 Co.)](http://percepticon.de/2019/06/04-going-dark/)
255- [\[9\]](#ftnt_ref9){#ftnt9} [Michael Hayden: The Pros and Cons of
256 Encryption](https://www.youtube.com/watch?v%253D6HNnVcp6NYA) and
257 [The Guardian: Ex-MI5 Chef warns against crackdown on encrypted
258 messaging
259 apps](https://www.theguardian.com/technology/2017/aug/11/ex-mi5-chief-warns-against-crackdown-encrypted-messaging-apps)
260- [\[10\]](#ftnt_ref10){#ftnt10} [Constanze Kurz:
261 Überwachungsgesamtrechnung: Vorratsdatenspeicherung ist der Tropfen,
262 der das Fass zum Überlaufen
263 bringt](https://netzpolitik.org/2015/ueberwachungsgesamtrechnung-vorratsdatenspeicherung-ist-der-tropfen-der-das-fass-zum-ueberlaufen-bringt/)
264 (Overall Surveillance Account: Blanket Data Retention is the Straw
265 that Broke the Camel’s Back)
266- [\[11\]](#ftnt_ref11){#ftnt11} [Danielle Kehl, Andi Wilson, Kevin
267 Bankston: Doomed to repeat history? Lessons from the Crypto Wars of
268 the
269 1990s](https://static.newamerica.org/attachments/3407-doomed-to-repeat-history-lessons-from-the-crypto-wars-of-the-1990s/Crypto%252520Wars_ReDo.7cb491837ac541709797bdf868d37f52.pdf)
270- [\[12\]](#ftnt_ref12){#ftnt12} [Matthias Schulze, Going Dark?
271 Dilemma zwischen sicherer, privater Kommunikation und den
272 Sicherheitsinteressen von
273 Staaten.](http://www.bpb.de/apuz/259141/going-dark?p%253Dall)
274 (Dilemma between secure, private communication and the security
275 interests of states.)
276- [\[13\]](#ftnt_ref13){#ftnt13} [Peter Swire, The FBI Doesn’t Need
277 More Access: We’re Already in the Golden Age of
278 Surveillance](https://www.justsecurity.org/17496/fbi-access-golden-age-surveillance/)
279 and [Matthias Schulze: Clipper Meets Apple vs. FBI—A Comparison of
280 the Cryptography Discourses from 1993 and
281 2016](https://www.cogitatiopress.com/mediaandcommunication/article/view/805)
282- [\[14\]](#ftnt_ref14){#ftnt14} [Sven Herpig: A Framework for
283 Government Hacking in Criminal
284 Investigations](https://www.stiftung-nv.de/sites/default/files/framework_for_government_hacking_in_criminal_investigations.pdf)
285- [\[15\]](#ftnt_ref15){#ftnt15} [Matthias Schulze: Verschlüsselung in
286 Gefahr](https://www.swp-berlin.org/publikation/verschluesselung-in-gefahr/)
287 (Encryption in danger) and [Cathleen Berger: Is Germany
288 (involuntarily) setting a global digital
289 agenda?](https://medium.com/@_cberger_/is-germany-involuntarily-setting-a-global-digital-agenda-21c7eb735e26)
290- [\[16\]](#ftnt_ref16){#ftnt16} [Reporter ohne Grenzen: Russland
291 kopiert Gesetz gegen
292 Hassbotschaften](https://www.reporter-ohne-grenzen.de/russland/alle-meldungen/meldung/russland-kopiert-gesetz-gegen-hassbotschaften/)
293 (Russia copied law against hate messages)
294- [\[17\]](#ftnt_ref17){#ftnt17} [bitkom: Spionage, Sabotage und
295 Datendiebstahl – Wirtschaftsschutz in der
296 Industrie](https://www.bitkom.org/sites/default/files/file/import/181008-Bitkom-Studie-Wirtschaftsschutz-2018-NEU.pdf)
297 (Espionage, sabotage and data theft – economic protection in
298 industry)