"Encryption" Misunderstanding May Prove Fatal.
And Not Just In Gaza.
Palestinians in Gaza are confronting a cybersecurity issue that stands to impact the general public, journalists and dissidents elsewhere across the globe—but the danger arises from the public’s widespread misunderstanding of encryption, not a weakness in particular messaging platforms.
WhatsApp was singled out by The Intercept on Wednesday over an “Undisclosed” vulnerability. “Despite the software’s powerful encryption,” wrote The Intercept’s Sam Biddle, “users remained vulnerable to a dangerous form of government surveillance.”
The Intercept is particularly worried about Palestinians in Gaza who use WhatsApp.
But this “dangerous form of government surveillance” is nothing new. Almost certainly it has long been used in other countries and against other encrypted messaging systems, including in the United States, where the government runs one of the widest Internet dragnets in the world.
It arises from the mere monitoring of the sending and receipt of encrypted messages, not deciphering them. (The Intercept likened it to “observing a mail carrier ferrying a sealed envelope,” and concluded, “This view into national internet traffic is enough to make powerful inferences about which individuals are conversing with each other, even if the subjects of their conversations remain a mystery.”)
Simply stated, governments that perform widespread Internet monitoring may be unable to decode robustly encrypted messages or calls, but they are easily able to identify who is using encryption and with whom they are exchanging encrypted communications. This, in turn, allows such governments to target individuals based on their associations with others or their mere uses of encryption.
In the strict sense—and arguably the most reasonable one—this can not accurately be called a “vulnerability” at all. And, as WhatsApp told The Intercept, it is not specific to WhatsApp.
Encryption aims to protect the contents of communications, i.e. what is being communicated, not the fact that one is communicating or the identities of those with whom one is communicating. One of cryptography’s core assumptions is, in fact, the presence of eavesdroppers—known as “adversaries”—who observe who is communicating with whom. (According to the National Institute of Standards and Technology, “Cryptography uses mathematical techniques to transform data and prevent it from being read or tampered with by unauthorized parties.” Notably, cryptography “enables exchanging secure messages even in the presence of adversaries.” Hence, a cryptographic vulnerability is one that allows an adversary to obtain information about the original contents of an encrypted communication, not merely identify the communicating parties.)
Those who assume encryption masks their identities, the existence of their messages or the identities of their communications partners have confused encryption with other techniques, which, in turn, have their own practical limitations.
Steganography, for instance, is the practice of “embedding information into something else, such as a text file in an image or a sound file, for the sole purpose of hiding the existence of the embedded information.”
Unlike encryption, where an adversary knows there is a message but is unable to decipher it, steganography provides stealthiness by hiding the very existence of a message inside a decoy. But it gives itself away as the volume of communications increases. (Why would millions of people regularly send and receive large volumes of seemingly inconsequential content?)
And, in steganographic systems, adversaries still know who communicates with whom, even if they only observe them exchange seemingly mundane images or sound files.
Anonymity, a distinct concept, leaves adversaries “without sufficient identity information to establish a link” to a particular person. Popular anonymizing technologies like Tor and I2P bounce data around the world to obscure who is communicating with whom and use encryption to protect the contents of those communications.
But anonymizers can not hide that a user is communicating anonymously with others without facing the same problem steganography does as communications volume increases. (Tor, for instance, tells users, “All anyone monitoring your browsing habits can see is that you’re using Tor.”)
Though WhatsApp and similar services like Signal would benefit from incorporating anonymity techniques to make it harder for adversaries to associate individuals with other individuals, incorporating them would not materially impact the problem that The Intercept noted. (It is easy to imagine certain governments in certain circumstances targeting those who use anonymizers, even if they can not readily determine what they are communicating or with whom.)
Ironically, The Intercept’s focus on WhatsApp arose from WhatsApp’s effort to improve user safety beyond the level provided by most of its competitors. Its security team wrote a “threat assessment” that asserted, “Our at-risk users need robust and viable protections against traffic analysis.” This is arguably an instance of a good deed not going unpunished.
The bottom line is that neither WhatsApp nor Signal ever claimed stealthiness or anonymity. (Instead, WhatsApp tells users, “With end-to-end encryption, your personal messages and calls are secured. Only you and the person you’re talking to can read or listen to them.” Signal tells users, “State-of-the-art end-to-end encryption (powered by the open source Signal Protocol) keeps your conversations secure. We can’t read your messages or listen to your calls, and no one else can either.”)
No competent computer-security professional expects WhatsApp, Signal or similar programs to protect the identities of communicating parties or hide that those parties are communicating.
Asserting that this issue was “undisclosed,” as The Intercept did, was false. It has long been widely known to, and publicly discussed by, the cybersecurity community. And labeling it a “WhatsApp vulnerability,” as opposed to an architectural limitation common across encrypted-messaging applications, was misleading. (The Signal Wikipedia page, for example, has noted for more than six years that Signal “does not provide anonymity preservation.”)
The apparent problem today is the widespread fundamental misperception that encryption not only includes steganography and anonymity but somehow transcends their practical limitations.
Martin Gottesfeld has written for The Intercept. This article does not represent The Intercept.