Signal, Govt Funding, & Mathematical backdoors in Encryption Algorithms

Govt funds Signal (NOT for protestors, Journalists, or the like) & others https://yasha.substack.com/p/spy-funded-privacy-tools-like-signal This includes Mathematical back-doors
https://www.theregister.com/2017/12/15/crypto_mathematical_backdoors/
Yeah, that’s pretty troubling. Like Tor, Signal might work if you’re chatting with your local neighborhood dealer to score a few grams of coke, but don’t expect it to protect you if you decide to do anything really transgressive — like organizing against concentrated corporate political power in the United States. For what it’s worth, I personally heard activists protesting the Democratic National Convention in Philadelphia tell me that the cops seemed to know their every move, despite the fact they were using Signal to organize.
https://surveillancevalley.com/blog/internet-privacy-funded-by-spies-cia
Here’s a small sample of what the Broadcasting Board of Governors funded (through Radio Free Asia and then through the Open Technology Fund) between 2012 and 2014:
Open Whisper Systems, maker of free encrypted text and voice mobile apps like TextSecure and Signal/RedPhone, got a generous $1.35-million infusion. (Facebook recently started using Open Whisper Systems to secure its WhatsApp messages.)
CryptoCat, an encrypted chat app made by Nadim Kobeissi and promotedby EFF, received $184,000.
LEAP, an email encryption startup, got just over $1 million. LEAP is currently being used to run secure VPN services at RiseUp.net, the radical anarchist communication collective.
A Wikileaks alternative called GlobaLeaks (which was endorsed by thefolks at Tor, including Jacob Appelbaum) received just under $350,000.
The Guardian Project — which makes an encrypted chat app called ChatSecure, as well a mobile version of Tor called Orbot — got $388,500.
The Tor Project received over $1 million from OTF to pay for security audits, traffic analysis tools and set up fast Tor exit nodes in the Middle East and South East Asia.

Below Excerpt taken from Mathematical Backdoors in Encryption Algorithms Article:
Filiol does not accept the industry-standard and widely reviewed AES algorithm is necessarily secure, even though he doesn’t have evidence to the contrary at hand.

“If I cannot prove that the AES has a backdoor; no one can prove that there is none,” Filiol told El Reg. “And honestly, who would be mad enough to think that the USA would offer a strongly secure, military grade encryption algorithm without any form of control?"

He added: “I do not. The AES contest has been organised by the NIST with the technical support of the NSA (it is of public knowledge). Do you really think that in a time of growing terrorist threat, the USA would have been so stupid not to organise what is known as ‘countermeasures’ in conventional weaponry? Serious countries (USA, UK, Germany, France) do not use foreign algorithms for high-security needs. They mandatorily have to use national products and standards (from the algorithm to its implementation),” he added.

Filiol concluded that reforms were needed in the way that cryptographic algorithms are selected, analysed and standardised. “It should be a fully open process mainly driven by the open crypto community,” he maintains. ®

Maybe people need to reevaluate why Telegram makes it’s own encryption. And why Telegram maybe the better option.
Full Article
https://www.theregister.com/2017/12/15/crypto_mathematical_backdoors/
Regain your privacy! Adopt /e/ the unGoogled mobile OS and online services

Did you ever stop to wonder why human technology seemed to have generally peaked between 1980 and the early 2000’s?

Which is more likely: that we as a species stopped creating technological breakthroughs 20 years ago (Instagram and Pr0nhub are not breakthroughs ) or that said breakthroughs have overwhelmingly been usurped by government-level players?

While we are hopelessly outmatched by this level, in reality it doesn’t matter much to the typical user as the vast majority of people are not (ahem) transgressing at a level sufficient to get noticed. What does matter is the banal and pervasive corporate-level surveillance we as a society are constructing for ourselves and our posterity.

At this time, we are still able to opt-out if we so choose. One day, this calculus may change.

Filiol does not accept the industry-standard and widely reviewed AES algorithm is necessarily secure, even though he doesn’t have evidence to the contrary at hand.

“If I cannot prove that the AES has a backdoor; no one can prove that there is none,” Filiol told El Reg.

What? So because they couldn’t figure out a backdoor on the de-facto gold standard of modern encryption, we should assume it has a backdoor in it? That seems like a terrible argument to make, but of course we shouldn’t assume there aren’t any either. But until that’s proven there’s also no reason to panic.

Maybe people need to reevaluate why Telegram makes it’s own encryption. And why Telegram maybe the better option.

Now this is interesting. Why would they talk AES down and then move on to recommend MTProto? Surely the same arguments for the former apply to the later? Rolling out your own custom algorithm for encryption is widely regarded as a bad idea because of the difficulty involved, which is precisely the whole point of this article and he (Filiol) admits so himself.

Even then, was there any research made around the security advantages of MTProto? Were any backdoors found in it? Afterall, “who would be mad enough to think that [insert country name ] would offer a strongly secure, military grade encryption algorithm without any form of control?”

the cops seemed to know their every move

What does that even mean?

Group chat communication works differently than a two party chat and encrypting that involves a whole new set of problems to overcome. But even assuming the encryption was perfect, this only applies to the communication in transit. What I mean by this is that is far easier to compromise a single device involved in the communication, than breaking the encryption itself.

Or you know, maybe the trained specialists in charge of monitoring the demonstration were just doing their jobs and were able to plan ahead. Or probably they had undercover agents, possibly already infiltrated in the group chat.

That’s why I think that more and more folks who are privacy minded will move to the Session private messenging platform.

It’s my understanding that even this method is subject to MITM (“Man in the Middle”) attack. Also, exit node packet sniffing is still an issue.

But I may not be totally up to speed on the particulars of this private messenger…!

the argument in favor of telegram is self defeating…
if a known standard is a problem because it can contain a backdoor an unknown standard can also contain a backdoor, thus both are to be doomed unsafe. But, if anything, what is secret is unverifiable thus making it riskier.
We have to trust security standards enough that we use them and doubt them enough that we try to break them. Not trusting them because of the unknowns defies logic on itself.

I think people are missing these links above when reading the post:

“Controlled Opposition”

Can you talk about why Telegram maybe a better option? It’s obvious that the same arguments you are making against AES also apply to MTProto. Even more so since AES has been around for a lot longer and examined closely by more experts on the matter (hence the name: Advanced Encryption Standard).

Apologies for the late reply. Thanks for asking the question. I will attempt to clarify.
The Arguments I am making are not so much against AES as they are against a specific protocol, the Signal Protocol.
“Here’s the problem: Signal was created by the same spooky regime change outfits that fund the Tor Project. The money primarily comes through the federal government’s premier Internet Freedom venture capital outfit: Open Technology Fund, which works closely with the State Department’s regime change arm and is funded through several layers of Cold War CIA cutouts — including Radio Free Asia and the Broadcasting Board of Governors…Signal, like Tor, is bankrolled by the soft-power wing of the U.S. National Security State as part of a larger “Internet Freedom” initiative — an attempt to leverage the Internet and digital communication tools as a compliment to more traditional elements of psychological warfare and regime change ops. "
Now MTProto " Version v2.0 is formally verified, meets IND-CCA criterion and uses RSA-2048, AES-256 cryptographic and SHA256 hashing primitives” which meets the…standard… you are wanting to emphasize.
Please feel free to click on the “formally verified” link above to see the security audit of MTProto 2.0

The main differences I see from the start are as follows:
Signal has been verified to be funded by the U.S. Govt.
The U.S. is part of Five Eyes.
Signal Servers are centralized in the U.S.
Signal runs on Amazon AWS cloud service — and Amazon is itself a CIA contractor
So more than likely the Signal encryption protocol can be accessed by the U.S. Govt; They fund it, they own it, they control it.
Signal is not on F-Droid

Telegram has not be proven to be funded by any government
Telegram headquarters is not in either Five Eyes, Nine Eyes, or Fourteen Eyes.
Telegram Servers are decentralized and multi-geographic/multinational.
Telegram server keys are not stored in the same geographic location as the servers
Telegram Keys are split between 2 countries.
Telegram is on F-Droid
Telegram servers are to be fully open sourced this year.

Those are things that I consider. Of course everyone has to come up with their own threat model as everyone’s concerns are different. Just trying to give food for thought, but I do encourage you read the links to the articles in the initial post. A few of them are embedded in the body of the post and are not shown at the bottom.

Now there are many methods and techniques out there. I would suggest always exploring the alternatives as like anything else in tech; things improve, something better comes along, or even a different way to implement and existing method which makes it even better as AES is not the ONLY cryptographic standard out there.

I do like that Telegram takes the road of implementation in their own way. Another option. I hope other open source projects will start to do the same by giving us new methods and techniques. Projects that give us more options.

Here is a list of different Cryptographic techniques, branches of cryptography, and ciphers aside from AES. There are many to explore.

MTProto 2.0 formally verified security audit PDF

If you’re worried about three-letter agencies, I would argue that legal jurisdiction is nothing but a bump on the road to them.

What’s interesting is that Telegram has servers all over the world and their location kept under great secrecy. Why? The whole point of end-to-end encryption is that you don’t have to trust the underlying infrastructure. If the encryption is strong enough there’s no need for that. If legal jurisdiction is a concern, I very much doubt this will deter the powerful actors they are trying to hide from for a long time.

Everything about Telegram is highly unusual, both from a technical and organizational perspective. And this raises flags. This is not a messenger that I would consider a better option.

Generally speaking, the more bumps in the road the better.

I would see that as a level of security actually. How do you view it?

Agreed. However this assumes that the U.S. Govt does not have a backdoor to the very protocol they funded. I had mentioned earlier in the post that is that is more than likely the case. Along with other reasons I would not use Signal.

Everything about Signal is more than highly unusual which has raised many a red flag for me. That’s why I brought it up in this post. I even listed why I would not recommend Signal.

Did you manage to take the time to read the links I provided in these articles? I put them there to address these very questions. They go more in depth.

With that said can you please provide specifics as what you find to be red flags about Telegram?
Which option would you suggest?

I imagine we are working off of very different threat models here. So if you don’t mind sharing. Thanks.

This topic was automatically closed after 30 days. New replies are no longer allowed.