PerspectiveWhy the Ghost Keys ‘Solution’ to Encryption is No Solution

Published 23 July 2019

The use of applications such as Signal, WhatsApp, iMessage, and Facebook Messenger for communications secured by end-to-end encryption has exploded over the past few years. Today, regular users of these and similar services number in the billions around the world. The U.S. Justice Department and the FBI have claimed repeatedly that the extensive use of such services hampers their ability to conduct investigations, because they cannot access encrypted communications. Officials in other countries have put forward a proposal they say would provide the needed access. But due to the fundamentals of public key encryption, this regime would end up raising most of the same concerns as other encryption back-door proposals floated in recent years.

The use of applications such as Signal, WhatsApp, iMessage, and Facebook Messenger for communications secured by end-to-end encryption has exploded over the past few years. Today, regular users of these and similar services number in the billions around the world. The U.S. Justice Department and the FBI have claimed repeatedly that the extensive use of such services hampers their ability to conduct investigations, because they cannot access encrypted communications. Ross Schulman writes in Just Security that officials in other countries have issued similar complaints, and Ian Levy and Crispin Robinson from the U.K.’s Government Communications Headquarters (GCHQ, roughly equivalent to the U.S. National Security Agency) have put forward a proposal they say would provide the needed access. But due to the fundamentals of public key encryption, this regime would end up raising most of the same concerns as other encryption back-door proposals floated in recent years.

Levy and Robinson suggest authorizing government officials to force the companies that operate these secure communications services to surreptitiously add another party to an encrypted chat and suppress any notification to the users about the existence of that party. This method has been dubbed the “ghost key” or “ghost user” solution.

Levy and Robinson should be commended for their effort to open a rational discussion about government access to encrypted communications, and the six principles they set forth at the beginning of their article are good ones. However, I argue that their specific proposal is highly problematic.