Russia claims they can now collect crypto keys?

Russia and the Encrypted World

So in top news many have probably already heard of Russia claiming or at least pushing to break encryption.
The initiative is to push for a wide ranging surveillance law, which would allow them access to a whole heck lot of information.

The law calls for metadata and content to be stored for at least six months, plus access to encrypted services.
This means that they also want access to decrypt Whatsapp conversations/chats, Viber & Skype calls… etc… etc…

So how do they go about this now?

Russian Interrogation

The obvious easy way is to obtain a copy of the encryption keys so all traffic making use of encryption can be decrypted.
Essentially, they’re asking for a backdoor into ISP networks, certain applications which also make use of some form of encryption.

It seems like some Russian representatives has so called “claimed” to have broken encryption for some services.
Now whether that is true or not, and more than likely is unlikely true. It could generate a cause for concern not that a majority of governments aren’t already monitoring their citizens.

What was placed in the public was that Putin gave KGB’s successor agency two weeks to deal with encrypted services.
This meant that all local ISP’s would have to provide some sort of method to allow them to decrypt all traffic.

The interesting part will be as to how other companies and businesses will respond to this request.
Will companies like WhatApp actually abide by these new laws? Or will they simply no longer allow Russian users to make use of the app?

This would be a huge loss for many Russian users that make use of some great apps.
And, I can see foresee many users looking for new “underground” apps that may make use of.

Lastly, if there are backdoors put in place.
What happens when those backdoors get leaked or discovered?
What happens then to private data that may be government related or contain business trade secrets?

As a whole this whole “let’s grab the keys for everything on the internet” isn’t the best “secure” or “safe” strategy.

But, let’s see how this plays out in the next few months.

This site uses Akismet to reduce spam. Learn how your comment data is processed.