Viewable With ANY Browser

Note: My Web pages are best viewed with style sheets enabled.

Unrated

PGP: Backdoors and Key Escrow

Copyright © 2001, 2003 by David E. Ross

Backdoors

Key Escrow

Fundamental Problems


Backdoors

A backdoor is a "feature" in the software of PGP — in what I call the utility functions and not in the encryption algorithm — that allows an outside party to decrypt what you have encrypted. While the ADK feature is technically a backdoor, most attention is directed to the possibility of an unknown, hidden backdoor. ADK is well known, however; and PGP users are even informed of keys that use ADK and of encryptions where ADK is required. Nevertheless, even ADK can be used to subvert the security of our messages and files.

Is There a Backdoor?

How can we know whether someone has deliberately planted their own security hole in PGP? What if the government (pick any government) induced the PGP Corporation to insert a "backdoor" that allows the police, FBI, KGB-reincarnated, et cetera to decrypt our messages and files with ease?

*** Begin Right Sidebar ***

For a while — when NAI owned the PGP product — the source-code was unavailable and outside inspection became impossible. As a result, experienced users of PGP lost confidence in newer versions of the product. This situation has been reversed by the PGP Corporation in an attempt to restore confidence.

*** Begin Right Sidebar ***

The source code for various PGP versions is public. Expert computer programmers — definitely not employed by the PGP Corporation — can pounce on each new version and study the code carefully. After determining that the source code contains no backdoors, they can compile that source code and compare the result with the executable program obtained from the PGP Corporation. Not once has an alarm been raised that a deliberate weakness was inserted into PGP by the PGP Corporation. The same is true of implementations by others of the PGP concept.

As a software test engineer, I must admit that code examination has its limits. Each newer version of PGP released by the PGP Corporation seems much larger than its predecessors, making code examination ever more difficult. For that reason, many individuals continue to rely on PGP 2.6.x, which is quite small and readily subject to examination. However, the mere knowledge that outsiders are looking for backdoors and other deliberate flaws inhibits the PGP Corporation from inserting those weaknesses.

In the meantime, the PGP Corporation signs its executable programs with a key that can be traced back to that company. Anyone who downloads a copy of a PGP program can thus check the authenticity of its source. I would avoid installing any version of PGP that does not include signature files for each component. And I do indeed check the downloaded files against their signatures after verifying the authenticity of the PGP Corporation's public key. In this manner, I try to protect myself from a tampered version of PGP that could have a backdoor.

Backdoors for the Government

As a consequence of the terrorist attack against the Pentagon and World Trade Center on 11 September 2001, a backdoor to PGP may indeed be in the future. On 14 September, Senator Judd Gregg of New Hampshire gave a speech on the floor of the U.S. Senate in which he said:

We need to have the cooperation of the manufacturing community and the inventive community in the Western World and in Asia in the area of electronics. These are folks who have as much risk as we have as a nation, and they should understand, as a matter of citizenship, they have an obligation to allow us to have, under the scrutiny of the search and seizure clauses, which still require that you have an adequate probable cause and that you have court oversight--under that scrutiny, to have our people have the technical capability to get the keys to the basic encryption activity.

Congressional Record, Senate
13 Sep 01, p.S9357

In other words, Senator Gregg requested laws to mandate either a backdoor or key escrow. Ridiculous! Senator Gregg asked us to trust the courts to control the use of backdoors or key escrow, the same courts that rubber-stamp FBI requests for secret warrants. Coupled with an anti-terrorism law that allows the police and FBI to collect and view our E-mail messages without even a search warrant, we would have no privacy at all.

What Senator Gregg failed to understand is that the terrorists will accomplish a significant victory if we surrender our liberties while trying to fight terrorism. The best revenge would be to prove that our nation can indeed survive with our freedoms intact.

Fortunately, Senator Gregg has shelved his proposal (but maybe only temporarily). Unfortunately, the FBI and local police have not removed this concept from their "wish lists".

Key Escrow

Rather than a backdoor, the government of the United Kingdom requires any PGP user to give the police both his private key and his passphrase on demand. Failure to comply is a criminal offense, punishable by a jail term of two years.

Rather than handing over the ability to decrypt after-the-fact, key escrow would have us give the police our private keys and passphrases immediately, as soon as we start using them. Representative Bob Goodlatte of Virginia said about this:

That's like telling people to take their house key down to the police station. People are not going to have greater confidence in their security by doing that.

[Reuters/Yahoo, 21 Sep 01]

Besides allowing the police to decrypt our E-mail without a search warrant, key escrow would also allow the government to sign our messages, a basic violation of the concept of digital signing. The California regulations on the legality of digital signatures clearly state:

An acceptable technology must be capable of creating signatures that conform to requirements set forth in California Government Code Section 16.5, specifically,

3.   It is under the sole control of the person using it;

Fundamental Problems

Backdoors and key escrow on behalf of the government have certain problems:

Last updated 18 November 2003


Valid HTML 4.01