University College London researcher Steven Murdoch, who works in the university's Information Security Research Group, analysed a protocol developed by CESG, which is part of the spy agency GCHQ.
MIKEY-SAKKE (Multimedia Internet KEYing-Sakai-KasaharaKey Encryption) protocol calls for a master decryption key to be held by a service provider, just like the spooks want. The only problem is that the existence of a master private key that can decrypt all calls past and present without detection, on a computer permanently available, creates a huge security risk, and an irresistible target for attackers.
Cryptography engineers normally want to avoid this idea, called "key escrow," as it makes whatever entity holding the key a target for attack. It also makes the data of users more vulnerable to legal action and secret court orders.
This appears to be a case of the British government eating its own crazy security dog food and suffering because of it. The governmentis worried about how encryption could inhibit law enforcement and impact terrorism-related investigations so it insisted on having a back door on its own government phone communications.
Murdoch wrote CESG is well aware of the implications of its design. Interestingly, the phrase "key escrow" and avoided mentioning it in the protocol's specification.
"This is presented as a feature rather than bug, with the motivating case in the GCHQ documentation being to allow companies to listen to their employees calls when investigating misconduct, such as in the financial industry," he wrote.
But this is going to cause a major headache for technology vendors. Murdoch wrote that the British government will only certify voice encryption products that use it.
"MIKEY-SAKKE has a monopoly over the vast majority of classified U.K. government voice communication, and so companies developing secure voice communication systems must implement it in order to gain access to this market," he wrote.
GCHA has already begun certifying products under its Commercial Product Assurance (CPA) security evaluation program. Approved products must use MIKEY-SAKKE and also Secure Chorus, an open-source code library that ensure interoperability between different devices.