[Cryptography] Licensing of cryptographic services in France

[Jon Callas]

> On Aug 27, 2024, at 08:13, Phillip Hallam-Baker <phill at hallambaker.com> wrote:
> 
> At this point, we don't know what charges are going to be brought against Durov in France. 

This is the most important part of the whole discussion. We're speculating ahead of evidence. All we know is what's in the press release. The press release isn't anything like, for example and indictment like what we'd see in a common-law legal system, as opposed to Napoleonic code.


> It is very likely that the 'failure to register to provide cryptographic services' cited in the complaint is merely the equivalent of a holding charge.

I think it's also very likely, given that the three cryptographic things are tossed in at the end, that they're just tack-on charges. Effectively, "Oh, and another thing, you didn't fill out this paperwork correctly."

> 
> That said, there is a big difference between providing cryptographic apparatus and providing cryptographic services and this is why I believe Signal, Session and many other companies need to consider a change of course because their current architectures make them sitting ducks for hostile government intervention.

Here we're getting to a thing that many, many people don't understand.

Telegram is not a cryptographic system. 

I repeat, Telegram is not a cryptographic system.

Telegram is a social media, chat system. It is an analogue to Signal, it is an analogue to Reddit, IRC, Twitter, and even Facebook (modulo the E2EE stuff that Meta does). 

Telegram does have an encrypted-chat bag on the side of it with some crappy cryptography in it. (A discussion of the crappiness is mostly orthogonal to the subject, but hang on, it'll be back.) You can only do encrypted chats in a 1:1, two-person setting, and it is not on by default.

The reason one uses Telegram is not for private discussion, but for *public* discussion. It's the only place where you can have a discussion channel with a million people in it. It's far better to think of Telegram to be like Reddit except it handles gazillions of people effectively than to think of it being like Signal, WhatsApp, etc.

The core charges against Durov are about moderation failures in the unencrypted discussions. Daphne Keller has done a nice short thread about this; here's a link to the Bluesky version of the thread, which one can also find on Twitter: <https://bsky.app/profile/daphnek.bsky.social/post/3l2n7vyxvn22e>.

Keller makes the point that a number of the things that Durov is charged with would not be outrageous in any jurisdiction because they include allowing things like CSAM and operations by legally designated terrorists, drug sales, etc. Keller says that this is far more like the Silk Road prosecutions than an assault on private communications. Thus, even if one thinks the Silk Road prosecution is an outrage, it behooves one to be upset about the correct outrage.

Ironically, it appears that if Telegram were E2EE up and down, there would be more be more and better defenses for Durov.

Getting to the crypto charges -- again, we don't know what the details are. However, they're at the end, and seem to be tacked on, and are far more not doing the proper paperwork (like export approval) than anything else. I've done crypto approvals for France, and was never anything like an expert in them. I might be mistaken here, but I think another irony is that had Telegram used off-the-shelf crypto like TLS, Signal Protocol, Wireguard, or even OpenPGP, then they might not have been charges -- I don't know if there are exemptions for standard, open protocols in France the way that US export law has an exception for open source and one for "mass market" systems. If someone here knows, please tell us.

Summing up, I want to go back to Telegram's main use case, that of a discussion channel with very large numbers of participants, and as a hypothetical I'll wave my magic wand and make it all E2EE.

Is an E2EE chat room with a million people in it private? Operationally, an E2EE chat with that many people and no barriers to joining in is nothing like private. The Hong Kong Umbrella Protests were organized on Telegram, because that was the only platform that could support the 40-50K people doing the protests. There were informants in the channels! It was not "secure" and yet it worked. I think we also need to avoid saying things like that Telegram is bad because it's not encrypted. Telegram is not encrypted. However, Telegram is useful because it can handle conversations so large that the *size* makes them not secure and no encryption would fix that. Franklin's aphorism that three people can keep a secret if two of them are dead is active here in force.

	Jon