UK's GCHQ spy agency pushes VOIP crypto protocol that 'facilitates mass surveillance,' says researcher

A VOIP encryption protocol the UK spy agency GCHQ is pushing for mandatory adoption comes with a hidden surprise: a built-in backdoor that lets anyone who has a master key decrypt the call. That's according to a security expert at University College in London, who published the findings on his blog this week.

In a post titled "UK government (through GCHQ) are mandating a voice encryption protocol—MIKEY-SAKKE—with a key-escrow backdoor," Steven Murdoch argues that GCHQ's push for this voice over internet security tool would make calls anything but secure.

GCHQ told BBC News it did not recognize the findings.

Dr. Murdoch says the backdoor makes it possible to undermine the system's overall security because the network operator can listen in to your session, or enable someone else to. And anyone who hacks into the system would be able to eavesdrop, he said.

"The existence of a master private key that can decrypt all calls past and present without detection, on a computer permanently available, creates a huge security risk, and an irresistible target for attackers," Murdoch wrote.

"Also calls which cross different network providers (e.g., between different companies) would be decrypted at a gateway computer, creating another location where calls could be eavesdropped."

"The EFF scorecard gives a summary of some important security features for the diverse range of instant messaging applications and networks," Murdoch wrote, "So these serve as a useful starting point to develop security requirements of voice encryption."

Check out that scorecard, then read his entire essay.


From Ars Technica's roundup:

The MIKEY-SAKKE protocol is a specification based on the Secure Chorus, an encryption standard for voice and video that was developed by the Communications Electronics Security Group, the information security arm of the UK's Government Communications Headquarters. British governmental officials have indicated that they plan to certify voice encryption products only if they implement MIKEY-SAKKE and Secure Chorus.

According to Steven J. Murdoch, a Royal Society University Research Fellow in the Information Security Research Group of University College, MIKEY-SAKKE contains a backdoor that allows communications to be decrypted in bulk. It can be activated by anyone who has access to a master private key that's responsible for generating intermediate private keys. Because the master key is required to create new keys and to update existing ones, network providers must keep the master key permanently available.

"Secure Chorus facilitates undetectable mass surveillance," wrote Murdoch. "This is presented as a feature rather than bug."

Related coverage over at Motherboard.

A MIKEY-SAKKE message is sent from the initiator to responder. []

A MIKEY-SAKKE message is sent from the initiator to responder. []