In the current debate over decryption by governments there are three basic postions:
- Government backdoor: the government should be able to see everything.
- Vendor encryption: the vendor should be able to see everything.
- End-to-end encryption: nobody but the users should be able to see everything.
A simple version of the arguments against the postions is:
- Government backdoor will allow the government to do everything they want without controls.
- Vendor encryption will allow companies to do everything they want without controls.
- End-to-end encryption will make it harder to prevent crime.
The above is a simplified version and there are many considerations, from human rights, to terrorism, to the increasing availibility of meta-data. This is a complex subject and I’m not sure what the best solution is. I do want to bring awareness to a fourth option that I have not seen discussed much, government encryption. I don’t know if government encryption is a good solution to the problem!
Government encryption means that every piece of content is encrypted in parallel in the two following ways:
- Once with end-to-end encryption for use in normal operation where only the user can see the content.
- Once with a government public key for use when there is a search warrant.
Each private key (the user owned one and the govenment owned one) is enough to decrypt the message by itself, this is not multiple encryption.
If there is a search warrent against the user:
- The vendor checks that search warrent presented by the government is valid.
- The vendor retrieves the govenment encoded ciphertext and sends it to the govenment
- The government decrypts the ciphertext with their private key.
The advantages of government encryption are:
- Government access is double-checked by vendor who can now make a transparency report.
- The vendor will not be able to access any user content.
- When there is a valid search warrent the data can be accessed to stop crime.
The disadvantages of government encryption are:
- The government needs to go through an extra step to get the data compared to a backdoor, delaying access to potentially crucial information.
- The usability of end-to-end encryption is worse than vendor encryption since key management is harder.
- There is complexity in encrypting messages twice leading to a higher cost to develop and run software.
- The government encryption introduces another attack vector, it is less safe than only using end-to-end encryption.