[Cryptography] Zoom publishes draft cryptographic design for end-to-end encryption

Dave Howe davehowe.pentesting at gmail.com
Mon Jun 8 06:46:59 EDT 2020 

On 05/06/2020 04:27, Phillip Hallam-Baker wrote:
> I think this is what people are really missing with Skype/Signal/Zoom
> etc. End to End makes no damn difference if the service is only
> accessible from a single app provided by the service provider who can
> force an automatic update.
> Lawful intercept of a Signal or Zoom call is merely a matter of
> getting a warrant that requires the service provider to drop a client
> with a backdoor onto the specific users they want to intercept. Oh and
> of course a court can and will tell you to lie about how many warrants
> you have been served. I can't see a judge being remotely impressed by
> warrant canaries. If a person intentionally constructs a situation
> that makes it impossible for them to comply with a court warrant in
> good conscience, that is their problem, not the court's.

Hushmail is my usual example here.

On 04/06/2020 21:32, Christian Huitema wrote:
> After Microsoft bought Skype they centralized the
> handling of the call set-up, and the centralized handling made it much
> easier to satisfy law enforcement requests. We are seeing the same
> process happening with Zoom.

Probably pedantic, but I seem to recall Microsoft claiming for years
they didn't do that... because the previous owners of the platform had
already done it just before Microsoft took over.

On 05/06/2020 04:27, Phillip Hallam-Baker wrote:
> How many users did Lavabit have when the FBI went after them? You only
> need to have one customer to get a warrant if it is the wrong customer.
>
> The only robust solution to this problem I can see is an open standard
> for end-to-end communications that covers all the common modalities
> and is supported by multiple implementations and the updates to those
> implementations are subject to some form of transparency controls.
>
> NOBUS is the key here: NObody But US. NSA is not going to rubber hose
> my company to force it to issue a backdoored version of the code if
> they think the backdoor can be used by someone else. Nor are they
> likely to want to do so if the compromise is likely to be discovered.

Its debatable. The TLAs will balance the value of the intelligence NOW
against the risk (to them) of it being revealed and targets leaving the
platform. We see time and again (for instance, the "growing dark"
narrative) that they don't care if the backdoor is exploited by others,
nor will they hesitate to throw "partners" under the bus if they are no
longer useful.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20200608/d0d36879/attachment.htm>

More information about the cryptography mailing list