SoylentNews

Phoenix666 [soylentnews.org] writes:

The UK government's official voice encryption protocol, around which it is hoping to build an ecosystem of products, has a massive backdoor that would enable the security services to intercept and listen to all past and present calls [theregister.co.uk], a researcher has discovered.

Dr Steven Murdoch of University College London has posted an extensive blog post [benthamsgaze.org] digging into the MIKEY-SAKKE spec in which he concludes that it has been specifically designed to "allow undetectable and unauditable mass surveillance."

He notes that in the "vast majority of cases" the protocol would be "actively harmful for security."

Murdoch uses the EFF's scorecard [eff.org] as a way of measuring the security of MIKEY-SAKKE, and concludes that it only manages to meet one of the four key elements for protocol design, namely that it provides end-to-end encryption.

And yet, the GCHQ and NSA go unpilloried...

Original Submission