[Cryptography] With an e2e network, would the US still need to ban Huawei's 5G

[Patrick Chkoreff]

Christian Huitema wrote on 2/18/20 10:32 PM:

>>> We already have a problem with metadata.  Would Alfie's e2e suggestion
>> make that problem worse?
> 
> Of course we need e2e encryption. But Alfie was wondering why the US government was concerned about Huawei providing telecommunication equipment in US-allied country. And the simplest explanation is that on-path devices are in a beautiful position to collect meta data.

Got it.  I incorrectly interpreted your "Metadata" response (nice video
clip by the way) as an argument against deploying e2e over untrusting
equipment.  Your response was actually an answer to Alfie's question of
why U.S officials don't recommend that to other countries.  It takes
U.S. officials out of the metadata loop.

I recently heard an interview with Huawei's head of security (an
American guy).  He said that independent testers in Europe are doing
extensive tests on Huawei equipment to find vulnerabilities and/or back
doors.  I wonder though if they would be able to a back door that's
triggered by some specific magic 128-bit sequence coming in on the
interface.  There would probably need to be some complex circuitry or
weird microcode to recognize it, and that might be a tip-off.

In any case it looks like the Europeans are faced with a simple choice:
 who do they want to grab their metadata, and possibly even their data
-- the Americans or the Chinese?


-- Patrick