encryption – Page 10 – DoGoodSoft's Official Blog

Science on the Hill: For cybersecurity, in quantum encryption we trust

As everyone becomes more interconnected on the Internet, personal information like bank and investment accounts, credit card numbers, home addresses and even social security numbers becomes more vulnerable to cybertheft. The same goes for the corporate world.

Identity theft struck 16.6 million Americans in 2012, the most recent year for which figures were available. According to the U.S. Department of Justice, financial losses hit $24.7 billion — at least $10 billion more than other property crimes. PBS Newshour reported that in 2014, 783 million data breaches exposed 85 million records. This spring, hackers broke into the Anthem Health System, potentially gaining access to the health records of 80 million people.

One can’t build a concrete wall around this kind of information nor post an armed guard at every portal to the Internet. Keeping information secure depends on encryption. The security of electronic messages depends on the unpredictability of the random numbers used to scramble the data. Modern data centers have very limited access to true random numbers.

Current encryption methods are based on the difficulty of finding the right numbers in the key. The Achilles’ heel is that all encryption requires unpredictable, unguessable random numbers and computers do not (generally) do unpredictable things. Large data centers, like those used by online shopping sites, aren’t good at generating truly random numbers in sufficient quantity to offer bulletproof encryption. So to provide truly secure data communications, we need a reliable source of unpredictable numbers that aren’t generated by a set of mathematical operations, or algorithm.
Los Alamos National Laboratory has specialized for decades in security and pushed the limits of computing. With that background, it’s only natural that we made it our business to improve data security with a solution from outside traditional computing. From the physicist’s point of view, the only true unpredictability comes from quantum mechanics. That’s why Los Alamos physicists developed a quantum random number generator and a quantum communication system, both of which exploit the weird and immutable laws of quantum physics to improve cybersecurity.

These physical laws state that events at the subatomic level cannot be predicted; random quantum events lie at the root of the universe. From that starting point, we developed a revolutionary method to generate unpredictable, theoretically unhackable random numbers. Quantum mechanics itself guards the secret. Unlike current math-based encryption keys, which are derived from random numbers generated by a potentially knowable algorithm, a quantum key can’t be determined through calculation, no matter how powerful a computer one uses.

After thorough testing, we teamed with Whitewood Encryption Systems to commercialize a quantum random number generator, called the Entropy Engine. A plug-and-play computer card that fits most network servers, the Entropy Engine creates more than 200 million random numbers each second on demand and integrates with — and greatly improves — existing cryptographic methods over networks.

At the lab, we’ve also demonstrated an impregnable quantum communication system that sends a signal of polarized pulses of light over a fiber-optic cable. Under the peculiar laws of quantum physics, the photons, or light particles, encoding a message are in two different and unpredictable physical states. Because the act of intercepting a message over this quantum system alters the state of the photons, the sender is guaranteed to find out if someone is eavesdropping. The hacker never even gets a chance to examine the key.

This communication system works over distances up to 100 miles. We’re now refining it for commercial use over longer distances and possibly even through the air to satellites. Combined with technology like the Entropy Engine, it could revolutionize cybersecurity worldwide. We envision a wide range of organizations deploying these technologies, including financial institutions, government agencies, health care organizations, large data centers and cloud servers.

Encryption, unhackable digital identities and secure digital signatures are indispensable to establishing trust in the digital world. As Whitewood rolls out the Entropy Engine across the global digital landscape and more quantum-computing technology follows, we can all breathe a little easier that our information is safe.

FBI director: Ability to unlock encryption is not a ‘fatal’ security flaw

In the tug-of-war between the government and U.S. companies over whether firms should hold a key to unlock encrypted communications, a frequent argument of technologists and privacy experts is that maintaining such a key poses a security threat.

But on Thursday, FBI Director James B. Comey pointed out that a number of major Internet companies do just that “so they can read our e-mails and send us ads.”

And, he said: “I’ve never heard anybody say those companies are fundamentally insecure and fatally flawed from a security perspective.”

Comey was airing a new line of government argument in the year-old public debate over the desirability of compelling Internet companies to provide a way for law enforcement to have access to decrypted communications.

Although he didn’t name names, he was alluding to major e-mail providers Google and Yahoo, which both encrypt customers’ e-mails as they fly between servers, but decrypt them once they land in order to scan them and serve customers relevant ads.

Comey, who spoke at a cyberthreats hearing held by the House Intelligence Committee, has been a leading voice advancing the concerns of law enforcement that the growing trend of strong encryption — where devices and some communications are encrypted and companies do not hold the keys to decode them — will increasingly leave criminal investigators in the dark.

The current debate, which echoes a bitter argument over encryption in the 1990s, was triggered by Apple’s announcement last September that it would expand the use of a method of encryption on its mobile operating system in which it did not hold a key. That meant Apple could no longer unlock troves of photos and other data stored on iPhones and iPads where the user had turned off the automatic backup to Apple’s servers. Such data “at rest” is useful in criminal investigations.

Of great concern to counterterrorism officials are communications encrypted in transit, such as text and instant messages, where the companies do not hold a key and where users have turned off automatic backups. Such end-to-end encryption is a feature of Apple’s iMessage and FaceTime — a video phone-call system, as well as Open Whisper Systems’ Signal, and WhatsApp — both instant message platforms.

But stored commercial e-mail is largely either unencrypted, or encrypted with a key known to the provider, Christopher Soghoian, principal technologist at the American Civil Liberties Union, said in an interview. And that’s a recipe for insecurity, he said.

“Any data that’s either unencrypted or encrypted with a key known to another party is inherently more vulnerable,” he said. He added that Google and Yahoo have been criticized for their lack of e-mail security, and the Chinese breach of Gmail announced in 2010 was a case in point.

During the hearing, Comey said that the bureau was “having some very healthy discussions” with companies on the issue. “I would imagine there might be many, many solutions depending upon whether you’re an enormous company in this business, or a tiny company in that business. I just think we haven’t given it the shot it deserves.”

Rep. Adam Schiff (D-Calif.) noted that the tech firms have stiff global competition. Other companies are offering encrypted platforms that customers might choose. “So what do we achieve, apart from harming our economic interests, by insisting on a key?” he said.

Comey said he thought that part of the solution would be “an international set of norms” in which other countries join with the United States to establish a rule that companies should be able to provide law enforcement with communications in the clear. “I hear from our allies all the time,” he said. “The French want the same thing. The Germans. The British. So I think that’s something that could be done.”

Soghoian noted, however, that more and more encryption platforms are being made available on the Internet for free by individuals or groups of open-source developers in the United States and Europe, which will make it difficult to regulate them.

Encryption and privacy are priorities for tech firms

The Justice Department and Microsoft go head-to-head in the U.S. Second Circuit Court of Appeals in Manhattan on Wednesday. The battleground? Data privacy.

At issue is the question of whether U.S. law enforcement can use a search warrant — in this case, in a drug investigation — to force the U.S.-based technology company to turn over emails it has stored in a data center in Ireland. Lower courts have sided with the government and held Microsoft in contempt for refusing to comply with the search warrant. Microsoft has appealed, arguing that its data center is subject to Irish and European privacy laws and outside the jurisdiction of U.S. authorities.

Civil liberties and internet-privacy advocates are watching the case closely, as are company and law-enforcement lawyers. They’re also watching another case, also involving a drug investigation, in which Apple was served with a court order instructing it to turn over text messages between iPhone owners.

After the Edward Snowden revelations, U.S. technology and telecom companies were criticized for allegedly letting the government spy on Americans’ emails, texts and video chats.

Many companies have been fighting back, hoping to burnish their images as protector of their client data privacy. Microsoft is fighting government access to overseas data centers. Apple has been rolling out strong “end-to-end” encryption, in which only the software in the sender’s and receiver’s devices (an iPhone or iPad) have the the requisite keys to decode the message. That means there’s no “back-door key” that could unlock an email or other communication. In addition, both Apple and Google have deployed private-code locking systems that make their smartphones essentially unbreakable, except by the phone’s owner, who sets the code.

“This way, the companies don’t open up the device,” says Peter Swire, an expert on computer security at Georgia Tech who served on President Obama’s task force on surveillance and cybersecurity. “The companies don’t have access to the content between Alice and Bob.”

If the company that made the device, or is carrying the communication on its network, can’t eavesdrop on users like Alice and Bob, he says, the FBI and other outside parties can’t either.

FBI director James Comey has said these new strong encryption technologies are making communications “go dark” for law enforcement. He claims the companies deploying this kind of encryption are hampering law-enforcement investigations.

But Nate Cardozo, a staff attorney at the Electronic Frontier Foundation, says law enforcement will just have to find other ways to gather information. And, he says, with so much non-encrypted information being gathered on private citizens and consumers these days (such as GPS location, purchases, social media “likes” and contacts, web browsing habits), law enforcement still has plenty of investigative tools.

“End-to-end encryption is coming,” he says, pointing to Apple and to Facebook, which recently bought WhatsApp, a popular global messaging platform that is deploying strong encryption. “It will keep us more safe from criminals, from foreign spies, from prying eyes in general.”

When It Comes To Encryption, Our Policy Makers Could Learn A Thing Or Two From Thomas Jefferson

Thomas Jefferson was so interested in cryptography that he may have developed his own enciphering device after his mail was inspected by postmasters when the revolution was looming. Indeed, codes and ciphers are as American as the American Revolution itself. In fact, the revolution may not have happened if confidential correspondence, both military and otherwise, had been compromised by the British. In December 1801, Jefferson received an encrypted letter from a mathematics professor (the two both served at the American Philosophical Society) that was so inscrutable that he was never able to decode it—in fact, it was not decoded until over 200 years later.

The thread of cipher text runs through the very core of the history of this country. When James Madison penned a letter to Thomas Jefferson in 1789, letting him know that “a Bill of rights, incorporated perhaps into the Constitution will be proposed, with a few alterations most called for by the opponents of the Government and least objectionable to its friends,” the letter was partially enciphered, so that discussion about might run the Department of Finance, a smattering of international politics, and a bit of gossip about the French minister to the United States, the count de Moustier, and his sister-in-law, Madame de Brehan, wouldn’t have fallen into the wrong hands.

It’s hard to know when the narrative shifted, moving from trying to crack your enemies’ crypto and secure your own communications to working to weaken crypto for everyone. NSA director Michael Rogers, FBI director James Comey, and others in the Obama Administration have been working hard to try to convince the public that it’s possible to have secure communications that the government can access, but that criminals and bad nation-state actors can’t circumvent. They give lip service to the need for secure communications to fuel innovation and economic growth, while simultaneously working to dismantle the very systems that make those communications secure.

It is not entirely clear which approach the government will take, but whether it tries to pursue legislation forcing companies to work on mandated backdoors that they don’t want or even need, or simply tries to coerce them with fearmongering about the threat of terrorism, one thing is clear: the government should be embracing cryptography, as it once did, rather than fighting against it.

It’s true that end-to-end encryption could thwart investigation attempts for a small amount of crimes—or maybe call for more hands-on detective work—but this pales in comparison to the damage caused by government backdoors. “Cryptography was once a private game of shadows played by spy masters, but today it has become the critical foundation of our information infrastructure,” says Ethan Heilman, Research Fellow at Boston University.

A recent MIT paper written by a slew of experts makes it clear that giving the government backdoor access to secure communications would weaken the security of any system. “This report’s analysis of law enforcement demands for exceptional access to private communications and data shows that such access will open doors through which 24 criminals and malicious nation-states can attack the very individuals law enforcement seeks to defend. The costs would be substantial, the damage to innovation severe, and the consequences to economic growth difficult to predict. The costs to developed countries’ soft power and to our moral authority would also be considerable. Policy-makers need to be clear-eyed in evaluating the likely costs and benefits,” it reads. (Oh, and China wants backdoors, too. So there’s that.)

This isn’t the first time the government has worked to weaken encryption on purpose. It goes back as far as the 1950s, and continued in the 1970s, (…NSA tried to convince IBM to reduce the length of thekey from 64-bit to 48-bit. Ultimately, they compromised on a 56-bit key,” wrote Tom Johnson in Book III: Retrenchment and Reform, an official NSA book), and the 1990s. Intentionally bad cryptography led to the Logjam bug, which can “break secure connections by tricking the browser and server to communicate using weak crypto,” Cory Doctorow explained on Boing Boing—and the government is to blame for these browsers and servers supporting weak crypto in the first place. Weak crypto, courtesy of the U.S. government, can be blamed for the FREAK SSL/TSL vulnerability as well.

NCUA institutes encryption protocols for data provided to examiners

NCUA has instituted data encryption protocols as suggested by its Office of Inspector General this June following review of an examiner’s loss of a thumb drive containing credit union members’ data.

The protocols were communicated Aug. 21 in a letter from NCUA Examination and Insurance Director Larry Fazio to the chief executives of federally insured credit unions.

The letter says the agency’s examiners now will accept data files from credit unions only if the files are encrypted first by the credit union or, if the credit union is unable or does not wish to do that, via transfer to NCUA’s encrypted equipment. In either case, parties involved will sign a “chain of custody” document. The letter, in a footnote, also advises credit unions against electronically transmitting unencrypted data to examiners.

Encryption protocols outlined in the letter will remain in use until the agency acquires a secure file transfer solution that will allow credit unions and exam staff to “securely and efficiently” exchange information, Fazio wrote. That solution is expected to be in place early next year.

Reflective satellites may be the future of high-end encryption

Quantum key distribution is regularly touted as the encryption of the future. While the keys are exchanged on an insecure channel, the laws of physics provide a guarantee that two parties can exchange a secret key without knowing whether they’re being overheard. This unencrypted-but-secure form of key exchange circumvents one of the potential shortcomings of some forms of public key systems.

However, quantum key distribution (QKD) has one big downside: the two parties need to have a direct link to each other. So, for instance, banks in and around Geneva use dedicated fiber links to perform QKD, but they can only do this because the link distance is less than 100km. These fixed and short links are an expensive solution. A more flexible solution is required if QKD is going to be used for more general encryption purposes.

A group of Italian researchers have demonstrated the possibility of QKD via a satellite, which in principle (but not in practice) means that any two parties with a view of a satellite can exchange keys.

Why QKD?

We live in a world where quantum computing is looming as a viable tool, one that could make current means of encryption obsolete. More secure forms of cryptography are becoming increasingly important. Even now, researchers contemplate a world where various agencies store some intercepted encrypted communication under the assumption that one day they will have sufficient computational power to decode them.

Ars readers know that most security breaches are not due to a failure of encryption; rather they are enabled by poor security practices. However, I think it is fair to say that the exfiltrated data is more accessible due to poor encryption practices. And, once encrypted data has been exfiltrated, it simply awaits the requisite computational power to decode it.

This expectation—that encrypted data can be decrypted in the near future—comes from the fact that many cryptographic algorithms rely on an assumption of mathematical difficulty for their security. The validity of this assumption relies on some deep ideas about how mathematical problems can be solved.

Specifically, the mathematical assumptions that underlie public key exchange are under attack. The most commonly used algorithms are based on the computational complexity of finding prime factors of large numbers. But a quantum computer can solve this problem in far fewer steps than a classical computer. Indeed, the scaling of Shor’s algorithm—this is the quantum version of an algorithm for finding prime factors—is so favorable that it is expected that a practical quantum computer will render all encryption methods based on prime factors useless.

This is one reason why QKD is so attractive for certain people: the keys are secret and are exchanged in a way that allows one to ensure that it cannot be intercepted during exchange. Thus, an attacker is always forced to guess the key (rather than use the public part of the key to compute the secret part of the key). Any brute force attack must be performed without even knowing the length of the key or how often a new key is used.

You might argue that an assumption of QKD is that the laws of physics are correct. Science makes a big deal about how we can only get an increasingly accurate approximation of the truth, so surely this assumption is as suspect as the mathematical ones made for classical cryptography? Well, no, not really. Even if we were to discover some deeper theory than quantum mechanics, that theory must still replicate all the experimental results of quantum theory, and this includes the ones on which QKD are based. So this assumption is a fairly safe one.

In space, no one can hear your key exchange

In terms of technology, QKD is very close to being suitable for widespread use—though by “use” I mean communication between data centers, rather than for home use. The hurdle, as I stated in the introduction, is that the link must be directly between two parties, which limits us to about 100km via fiber.

There, has, however, been a rather strong push to develop free-space QKD, and this has now gone critical with the tests that show QKD via satellite is possible. In order to do this, the researchers made use of laser ranging satellites, which have corner cube mirrors mounted on them. The corner cube mirrors are retro-reflectors, so any signal that arrives gets sent back in the direction that it came from. More importantly, corner cube reflectors normally preserve polarization, which is commonly used to carry data.

So, as long as the signal arrives at your detector, then you should be able to generate a key using lasers bounced off this satellite.

Getting a signal is, unfortunately, no easy task. First, you need a clock signal to tell you when to measure—the properties of the atmosphere and the relative motion between the sender, detector, and satellite mean that you can’t rely on local timing. The clock takes the form of a powerful, let-me-fry-your-eyes laser, emitting 10 pulses per second. The actual qubits (quantum bits) are sent at 100 MHz, with every 105th pulse synchronized with the clock signal. These pulses are emitted and collected by a 1.5m telescope.

The researchers compared the polarization states they detected to the pulses of light they sent. They determined that the newer satellites did preserve polarization, while older satellites generated more errors, possibly because the coatings on the reflectors had been damaged over time (the older satellites are 15 to 20 years old). For the researchers, this showed that the error rate was low enough that a key could be shared via quantum states. But, at this point I was extremely skeptical.

QKD security is only guaranteed if the source emits single photons, since those get altered by any eavesdropping. But, in this system, the receiver gets single photons, while each pulse contains 1.3 billion photons when it exits the telescope. You would think that this renders the result useless. An eavesdropper can, by tapping a tiny fraction of the signal emitted from the telescope, obtain every bit sent without the knowledge of either sender or receiver.

The standard QKD protocol involves revealing how each measurement was performed. While only the sender knows which polarization state was sent, everyone (including an eavesdropper) knows how the measurement was performed. If only the sender and receiver know the results of the measurements, the key is secure.

It is the first and last bit of hidden knowledge—the bits sent and the measurement results—that keeps the key secret. On the face of it, in this scheme, anyone can know what polarization state was sent if they can simply snag one of those 1.3 billion photons. Everyone knows how the measurement was performed; therefore, everyone knows what the measurement results were. No secrets are kept in this situation.

However, the researchers realize this and have an alternative protocol. In their approach, the satellite would contain optics that would modify the polarization of the light at the satellite. Since the reflected signal is at the single photon level, interception after this point is detectable. Therefore, all is well, right?

The key is to make sure that the polarization state sent to the satellite does not reveal the polarization state reflected from the satellite. This can be done by sending pulses of light that are circularly polarized. This can be filtered to two pairs of linearly polarized states at the satellite (under the control of the sender). Now, the sender knows which states were sent, everyone knows how the measurements were performed, and, only the sender and receiver know the results of the measurements. This meets the requirements for QKD, but only under the condition that the control signal sent to the satellite remains secure.

This later point seems like a pretty serious weakness. A solution might be to have two identical pseudo random number generators and initiate both with the same seed at the beginning of the key generation process. But you really need to ensure that the random number generator is protected or that the seed is truly obfuscated.

I guess that what this paper demonstrates is that the single photon states behind QKD are certainly preserved on reflection from a satellite and that this opens up the possibility of having non-fixed links between parties that need to share keys. But we can’t use this technique with existing satellites, and there are some very practical problems associated with controlling the satellites in a secret manner that remain unsolved.

Jeb Bush: encryption makes it too hard to catch “evildoers”

Jeb Bush: encryption makes it too hard to catch "evildoers"

Bush, the former governor of Florida, said Tuesday that encryption “makes it harder for the American government to do its job.”

That job would be, according to Bush, “making sure that evildoers aren’t in our midst,” echoing a phrase frequently used by his brother President George W. Bush to describe the threat of radical Islamic terrorism.

If you create encryption, it makes it harder for the American government to do its job – while protecting civil liberties – to make sure that evildoers aren’t in our midst.

Governor Bush’s comments were delivered at a forum hosted by a lobbyist group called Americans for Peace, Prosperity and Security (APPS) with close ties to military contractors, that is pushing presidential candidates to adopt “hawkish positions,” according to The Intercept.

(APPS’s advisory board includes members of what you might call the National Security establishment – including a former national security advisor to George W. Bush and a former CEO of BAE Systems. Its honorary chair is Mike Rogers, formerly the chairman of the US Congress’s Permanent Select Committee on Intelligence.)

Bush also advocated for wide latitude for the NSA to continue collecting phone metadata, although the NSA’s surveillance powers over Americans have been curtailed by Congress.

There’s “no evidence” that the NSA abused its powers or infringed on civil liberties of Americans, Bush said.

In fact, Bush said, in the clash of surveillance and civil liberties, “the balance has actually gone the wrong way” – meaning that civil liberties have too much weight.

There’s a place to find common ground between personal civil liberties and NSA doing its job. I think the balance has actually gone the wrong way.

While some US officials have advocated for technology companies to give law enforcement backdoors to read encrypted data, many security experts and tech companies say such a move would jeopardize security for everyone.

Others have pushed for some sort of middle ground, such as a multi-part encryption key that would keep encryption safeguarded by multiple agencies or companies holding part of the key.

Bush falls into this middle ground category, saying at the APPS forum that Silicon Valley companies (like Google and Apple) should cooperate with the government.

We need to find a new arrangement with Silicon Valley in this regard because I think this is a very dangerous kind of situation.

In response to Bush’s comments, some in tech and media suggested that Bush doesn’t really understand encryption.

Andrew Wooster, co-founder of a Seattle mobile software company, tweeted:

The presidential politics of cybersecurity

As the 2016 US presidential election contest has heated up this summer, we’re reminded that cybersecurity isn’t just about technology, it’s also about policy – and that makes it highly political.

It’s still quite early in the election cycle, but cyber issues have taken up a good bit of the debate so far.

At a 6 August Republican debate, two contenders – Governor Chris Christie and Senator Rand Paul – clashed on NSA powers, with Christie claiming that the government needs “more tools” for fighting terrorism, and Paul arguing that the US Constitution requires a warrant for collecting data from Americans.

On the Democratic side, former Secretary of State Hillary Clinton has largely avoided the issue of NSA surveillance, while her chief rival, Senator Bernie Sanders, has called the NSA activities exposed by leaker Edward Snowden “Orwellian” and “clearly unconstitutional.”

Beyond encryption and surveillance, the cyberthreat from China has also taken up a lot of air time, with Republican candidates Mike Huckabee and Marco Rubio calling for retaliation against China over its presumed involvement in cyberattacks on the US government.

Clinton didn’t go as far as Huckabee or Rubio, but talked up the threat of Chinese economic espionage in a speech last month in which she also claimed that China wants to hack “everything that doesn’t move in America.”

A lot of important policies affecting privacy and security of Americans – and others around the world – will be decided by the next US president.

If you care about any of these issues – encryption, surveillance and the powers of law enforcement; privacy rights; government oversight of the internet and telecommunications; and laws that affect everything from data breach liability, to the rights of security researchers to hack things – it’s time to tune in and make your voice heard.

NSA-grade encryption for mobile over untrusted networks

The only term being thrown around government more than “2016 elections” these days is “cybersecurity,” particularly following a rash of damaging and high-profile data breaches. With that focus on protecting information top of mind in agencies, USMobile officials hope to find a ready market for their commercial app, which lets government workers use their personal smartphones for top-secret communications.

Called Scrambl3, the app creates a secure virtual-private network that connects bring-your-own devices to an agency server to send messages using end-to-end encryption. Irvine, Calif.- based USMobile developed the Scrambl3 technology when team members worked with the National Security Agency to create “Fishbowl,” a secure phone network available only to Defense Department users via the DOD Information Network.

“We’ve implemented Fishbowl in the form of a software-defined network, so all of those typical hardware components that you’d find in a mobile network — routers, VPNs, gateways, firewalls, proxy servers — all of those components are expressed or implemented in our system in the form of software,” said Jon Hanour, USMobile’s president and CEO. “We’ve made an affordable version of Fishbowl.”

When the turnkey solution comes to market in October, it will work with Android and Apple iOS devices. It uses the Security-Enhanced Linux operating system and a defense-in-depth approachThe layered approach uses a VPN connection with an encrypted VoIP call travelling within.When an agency deploys Scrambl3 Enterprise, administrators will set up what USMobile calls Black Books, or lists of contacts that each user can communicate with via the VPN.

“A lower-level person wouldn’t necessarily have the director of that particular agency listed,” Hanour said. “Conversely, the director of that particular agency would have [a] contact list populated with people that are at the higher levels of management.”

When a user logs into the app on a smartphone, it creates a VPN that connects to the agency’s server, whether it’s in the cloud or on premises. Currently, Scrambl3 Enterprise software is deployed only on IBM Power Systems Linux servers.

A two-rack server can handle up to 3,000 concurrent calls, Hanour said, a capacity “that would handle comfortably an agency of 50,000 people.”

Once connected, users can see who in their Black Book is also logged in, as indicated by a green dot next to the name, and then select the mode of communication: email, voice call or text. Both senders and recipients would need to have Scrambl3 installed.

“Once you establish this powerful VPN, you can run anything through it,” Hanour said. “Anything that you can put on a server, you can use Scrambl3 to communicate with.”

Calls are highly encrypted until they reach the recipient, where the app decrypts them. That communication happens at a top-secret-grade level as specified by NSA. Despite that encryption/decryption process, Hanour said, latency is unnoticeable.

For additional protection, nothing is recorded – users can’t even leave voicemail – unless an agency specifies otherwise. For instance, Hanour said, some law enforcement regulations require that all communication among officers be recorded.

The law enforcement community is a prime target customer for Scrambl3 because public cell phone networks don’t meet heightened police security standards, and photographic evidence requires a secure uploading process.

To use Scrambl3, agencies don’t need mobile device management systems, but it integrates with any that might exist.

“The advantage of this architecture is that the communication that the mobile device management software would typically have with the device, that communication can now run inside the VPN, so it makes that even more secure,” Hanour said. “It creates value for the mobile device management system as well because you can protect it inside the VPN.”

Licensing fees for Scrambl3 depend on the number of users, but typically start at $5 per user per month. The most it would cost, Hanour said, is about $10 per user per month.

Right now, Scrambl3 for Android is available in beta form in the Google Play Store for testing. Scramble3 for iOS will be available next month.

The beta version does not include all Scrambl3’s features, such as conference calling. When the release version is up and running in October, Scrambl3 will offer the only top-secret-grade conference call capability outside DOD’s network, Hanour said. Users will be able to initiate a conference call by touching a few people’s names and pressing the call button.

Besides law enforcement, Hanour sees potential customers in several types of government operations, including health care, the State Department when conducting diplomatic relations and even individual politicians, who might want to communicate in absolute privacy.

“The whole idea is to create trusted communications over untrusted networks (i.e., the Internet),” Hanour said.

SafeChats aims to give messaging an encryption edge

THE revelations from former US National Security Agency (NSA) contractor Edward Snowden that the US Government has been tapping communications have created greater awareness on the need for secure communications, which in turn has given rise to secure messaging apps such as Telegram, Wickr and Threema.

Privacy should not be a concern for just individuals, but businesses also need to be aware of how tapped communications can affect them, according to Maxim Glazov (pic above), chief executive officer of Singapore-based SafeChats.

For example, customers’ VoIP (Voice-over-Internet Protocol) calls can be intercepted and sensitive information gathered for blackmail. Hackers can gain unauthorised access to a customer’s webmail account to forge emails, and issue payment instructions to send the money to the hackers’ accounts instead.

The scenario is made worse by the fact that many businesses use unsecured mass-market services because of their ease of use.

It was this realisation that catalysed Glaznov and his chief technology officer Nikita Osipov to build SafeChats, which they claim is a secure communications platform that protects collaboration as well.

The company was one of the finalists at the recent RSA Conference Asia Pacific and Japan (RSAC APJ) Innovation Sandbox startup competition in Singapore.

SafeChat began as an internal project for an undisclosed international logistics and finance company that Osipov and Glaznov were part of, looking into the problem of communicating sensitive information with customers more securely and efficiently than existing methods.

Glaznov’s initiative to build a secure communication platform got traction with his customers which were eager to use the platform for themselves

The market for secure communication, whether for consumers or enterprises, is gaining traction with the entry of companies like Silent Circle, Tigertext and ArmourText.

Osipov recognises the growing maturity of the market but remains undeterred. “We keep ourselves motivated by acquiring more use cases for what is essentially a red-ocean market, and the constant validation that there is a need for such a communications platform.”

The SafeChats platform aims to encompass the entire suite of communications, from email to messaging, and from file transfers to video and voice calls. It also gives the option of using the customer’s own server infrastructure instead of SafeChats’.

“SafeChats is the only secure communications platform that also integrates collaborative features and a full suite of privacy features,” Osipov claimed.

The SafeChats messaging volume has grown 10 times in the last six months, organically from initial customers, without an official release, the startup claimed.

When asked about its customers, Osipov cryptically replied, “As a company entrenched in security and privacy, we cannot reveal our current client list … and there are some users on board that we simply don’t know who they are.”

The company’s revenue model is set to be freemium Software-as-a-Service, with different tiers of control and fees being charged for white labeling and on-premises installation.

It also charges enterprise customers on a per-user if they “enforce a security policy on employees or create groups of more than 15 individuals,” Osipov said.

SafeChats is currently in public beta and will be officially launched at the end of August. It is currently available for the iOS and Android platforms. There are plans to make a desktop version for Mac OS X and Windows.

The challenges

Spinning off into its own startup has seen some challenges, with Osipov (pic above) saying that one main one was building the right team.

“Once you have a great team, everything becomes so much easier,” he said.

On the technical front, coming up with the right set of technologies to use was one of the biggest challenges.

“We evaluated multiple different software solutions, protocols and algorithms that we could use before we settled on the current architecture,” said Osipov.

“All that required extensive research work – thinking of the whole system from the technical side and possible technical challenges in the future … and how to solve them … [while making sure] it remains very easy to use,” he added.

Under the hood

SafeChats uses a variety of encryption algorithms, depending on the particular function.

“We use well-known end-to-end encryption algorithms trusted by security experts as the core of our platform, which means that your data stays safe in transit and only you and the intended recipient have access to it,” Osipov said. For instant messaging, it uses Off-the-Record messaging (OTR) and the socialist millionaire protocol. OTR messaging uses a combination of Advanced Encryption Standard (AES) algorithms with a 128-bit key strength, with a public key exchange protocol for authentication. The socialist millionaire protocol allows two parties to verify each other’s identity through a shared secret.

For voice calls and file transfers, SafeChats uses an AES 256-bit key, military-grade encryption to protect data and calls.

Future plans

SafeChats started as a bootstrapped startup, and is now on the lookout for investors who will be more than just people writing cheques.

“We are on the lookout for investors with the capacity to be strategic partners and who can provide channels for the product and its derivatives,” Osipov said.

SafeChats will be seeking pre-Series A round within the next six months, and is looking to raise over US$700,000, aiming for a valuation of US$6 million.

It intends to expand the team, especially on the marketing and technical fronts, the latter including 24/7 support.

And it will beef up its software development team “to work on enterprise features like integration with third-party services and advanced authentication options like two-factor authentication (2FA) using software and hardware tokens,” Osipov said.

Beyond expanding the platforms SafeChats works on, the company is also working on integrating the platform with other software and hardware solutions to utilise its end-to-end encryption. This will secure other software solutions as well as pave the way for Internet of Things (IoT) security.

“We won’t announce any names for now as there are many legal issues involved in this sort of integration, and with providing official software developer kits to everyone,” Osipov said.

“All we can say at the moment is that you can be sure that most popular software and hardware solutions will work with SafeChats,” he declared.

The company wants to open up its Application Program Interface (API) to others so that they can work on their own integrations as well, bringing the SafeChats level of security to other software.

“We also hope to form a community of developers to implement future integrations so everyone benefits,” Osipov claimed.

It’s Time to End the “Debate” on Encryption Backdoors

Yesterday, on Lawfare, FBI Director James Comey laid out his concern that the growing adoption of strong encryption technologies will frustrate law enforcement’s ability to conduct investigations — what he calls the “Going Dark” problem. The gist of Comey’s position is this: He recognizes encryption is important to security and privacy, but believes we are fast approaching an age of “universal encryption” that is in tension with the government’s investigative needs. Although he assures us he is not a “maniac,” Comey also feels it is his duty to ensure that we have a broad public debate that considers the costs as well as the benefits of widespread encryption. Comey will presumably be making the same points tomorrow afternoon at a Senate Intelligence Committee hearing where he will be the sole witness, while a broader panel of witnesses will be testifying on the same controversy tomorrow morning before the Senate Judiciary Committee.

First, credit where credit is due: James Comey is certainly not a maniac but a dedicated law enforcement official, one who has in the past put his career on the line to impose the rule of law on overreaching government surveillance. And it’s true that encryption will likely frustrate some investigations, a point I addressed directly when I testified House hearing on the subject in April. It’s also true that the FBI has so far to come up with any compelling examples of how encryption has actually stymied any investigations, and the latest wiretapping report shows that encryption is not yet a significant barrier to FBI electronic surveillance — encryption prevented law enforcement from obtaining the plaintext of communications in only four of the 3,554 criminal wiretaps authorized in 2014! Even so, it’s a given that just as ordinary citizens use encryption, so too will criminals, and that will likely pose a challenge for law enforcement in some cases.

So we are not “talking past each other” on encryption, as Comey puts it. Rather, since he first raised this issue last October, there has been an incredibly robust debate (as reflected in this massive of recent statements and writing on the subject), directly addressing the Director’s suggestion that companies should engineer their encrypted products and services to enable government surveillance. As that debate reflects, the broad consensus outside of the FBI is that the societal costs of such surveillance backdoors — or “front doors,” as Comey prefers to call them — far outweigh the benefits to law enforcement, and that strong encryption will ultimately prevent more crimes than it obscures.

Tech companies, privacy advocates, security experts, policy experts, all five members of President Obama’s handpicked Review Group on Intelligence and Communications Technologies UN human rights experts, and a majority of the House of Representatives all agree: Government-mandated backdoors are a bad idea. There are countless reasons why this is true, including: They would unavoidably weaken the security of our digital data, devices, and communications even as we are in the midst of a cybersecurity crisis; they would cost the US tech industry billions as foreign customers — including many of the criminals Comey hopes to catch — turn to more secure alternatives; and they would encourage oppressive regimes that abuse human rights to demand backdoors of their own.

Most of these arguments are not new or surprising. Indeed, it was for many of the same reasons that the US government ultimately rejected the idea of encryption backdoors in the 90s, during what are now called the “Crypto Wars.” We as a nation already had the debate that Comey is demanding — we had it 20 years ago! — and the arguments against backdoors have only become stronger and more numerous with time. Most notably, the 21st century has turned out to be a “Golden Age for Surveillance” for the government. Even with the proliferation of encryption, law enforcement has access to much more information than ever before: access to cellphone location information about where we are and where we’ve been, metadata about who we communicate with and when, and vast databases of emails and pictures and more in the cloud. So, the purported law enforcement need is even less compelling than it was in the 90s. Meanwhile, the security implications of trying to mandate backdoors throughout the vast ecosystem of digital communications services have only gotten more dire in the intervening years, as laid out in an exhaustive new report issued just this morning by over a dozen heavy-hitting security experts.

Yesterday, Comey conceded that after a meaningful debate, it may be that we as a people decide that the benefits of widespread encryption outweigh the costs and that there’s no sensible, technically feasible way to guarantee government access to encrypted data. But the fact is that we had that debate 20 years ago, and we’ve been having it again for nearly a year. We are not talking past each other; a wide range of advocates, industry stakeholders, policymakers, and experts has been speaking directly to Comey’s arguments since last fall. Hopefully he will soon start listening, rather than dooming us to repeat the mistakes of the past and dragging us into another round of Crypto Wars.

We have already had the debate that Comey says he wants. All that’s left is for him to admit that he’s lost.