Placeholder Image

字幕表 動画を再生する

  • So, recently the Home Secretary of the United Kingdom Government was on

  • breakfast news or something along those lines

  • and was talking about how criminals are using

  • end-to-end encryption to essentially evade detection

  • and that this is unacceptable.

  • Um, now, in some sense that's very much true: it is unacceptable.

  • Um, criminal activity IS unacceptable

  • Um, but... What they're suggesting is that we

  • find a way to remove this encryption

  • or we find a way of only allowing certain parties, like trusted government parties,

  • to have access to it.

  • So, before we declare that as insane, let's look at what that means

  • and what end-to-end encryption is

  • and if that's even feasible.

  • Let's imagine that I am using Whatsapp or

  • Facebook Messenger or some other end-to-end encrypted messenger with you, right?

  • So, you have a phone here, right? It could be a phone, it could be a computer

  • it's not really important - some device, right, with a screen

  • - this is why I'm not employed to design these things.

  • This is you, but I'm gonna call you Alice this time because we always do that

  • (Brady) >> Does that make you Bob?

  • (Mike) >> It does. So we've got Alice and Bob here having a communication between two phones

  • There's gonna be some communication mechanism between these two devices, right?

  • It could be SMS or, you know, GSM phone signal

  • or it could be something like Wi-Fi over the internet.

  • In all of these cases there's usually gonna be an intermediary server

  • handling this transport

  • This phones aren't capable of connecting to each other on their own

  • apart for things like NFC, where you come really close.

  • So, there's going to be some server in here, which I'm just gonna label "S"

  • which in the case of Whatsapp will be a Whatsapp server

  • and obviously it's gotta be a server for whatever product you're using

  • Now, anytime that Bob sends Alice a message it's going to go via the server, by definition

  • because that's the thing that relays the message to Alice.

  • It knows how to communicate with Alice, you know, it knows what her phone number is,

  • it has a list of you contacts and things, you know, this is how it works.

  • This could be a phone provider, and there's gonna be, you know, phone antennas and things in this mix, but

  • it's not important.

  • So, this message here is gonna come in this way from Bob and it's gonna go to Alice like this.

  • The issue is if we want to encrypt this channel, right, we want certain people not to be able to read it,

  • if I'm sitting on a router somewhere on the internet, here

  • we do want me to go "Oh, that's a nice message with your credit card details" and I'll have that, right?

  • So that's what we're trying to avoid here

  • (Brady) >> Because that's how email works, right? (Mike) >> Yeah (Brady) >> You could sit there and-

  • (Mike) >> Absolutely. And people do. Encryption of channels is nothing new, right?

  • We've seen it for a long long time, right? These techniques, things like public key cryptography

  • and some of these cyphers has been around for many years.

  • So how do we do this? Well, there's really two options:

  • the first is that Alice could negotiate some shared secret key with the server.

  • We'll call that key "KAS".

  • So that key there could be used by Alice to talk to the server

  • and she could send a message encrypted by KAS to the server and say

  • "Please, can you forward this message to Bob?"

  • Bob would have another key with the server, KBS,

  • and that's what he uses to communicate.

  • Obviously here Alice does not know what KBS is, and Bob doesn't know what KAS is.

  • The server decrypts a message using KAS, that it knows

  • and it re-encrpyts it with KBS and forwards it to Bob.

  • Now, this IS NOT end-to-end encryption

  • because obviously it's been decrypted halfway through.

  • In some sense that's a good thing, right?

  • If I'm a terrorist, or a criminal, and I send a message,

  • this server could perform some kind of rudimentary checks to make sure I wasn't doing anything untoward.

  • But for obvious reasons a lot of people don't like this idea.

  • What end-to-end encryption does is replace these two keys

  • with a key that only Alice and Bob know.

  • The idea being that this server's quite happy to relay the packages back and forth

  • but it doesn't have any idea of what's in them.

  • And this works you very well for this server as well, because when someone says "Can you give us this data?"

  • they can reasonably say "No. Not because we don't want to, but because we actually can't."

  • The process we use for this is something called a "key exchange".

  • The obvious problem here is that at some point Alice and the server have got to share a key,

  • without an encrypted channel. When she first ever connects

  • they haven't got this key yet, right?

  • And so, how do we get the key? There's a sort of chicken and egg problem.

  • The solution was proposed by Diffie and Hellman

  • which is the Diffie-Hellman key exchange, right?

  • We're not gonna go into the details of mathematics of Diffie-Hellman in this video

  • but I'll simply say that Alice and Bob both have public and private components of this key.

  • They share the public ones, and then they use the private ones in secret

  • to create a shared key that no one else can know.

  • That's essentially how it works. So it is a way

  • of even via the server, producing a shared key "KAB" that no one else knows.

  • So now they have this shared communication channel.

  • So when you first connect, you will send some identifiers to the server,

  • you will establish a public and private key pair, and then from then on

  • anytime you want to connect to anyone new you'll generate one of these keys.

  • It's called "ephemeral" which means that basically generate one almost every message,

  • if not every message for some of these apps.

  • The important thing is that the server, although they relay these messages,

  • is not involved in this key exchange process and can't

  • inject itself in the middle, which means that it doesn't know what KAB is

  • and it can't decrypt the message physically.

  • When the Minister or someone in the media says

  • "What we really want to do is allow some kind of entry for government into the system"

  • you can quite reasonably say "That is impossible."

  • because you'd have to inject something in the middle of this key exchange which would completely undo it.

  • So let's think about the different ways we could do it and discuss whether they're practical.

  • Okay, so the first one is we could go back to this system here.

  • So, we could have Alice talking to the server in a secure way, using a key exchange.

  • We could have Bob talking to the server in a secure way, through key exchange

  • and the advantage would be that if, let's say, a judge ordered a warrant on some of this data

  • the company would have it on their servers, probably, decrypted, and they could send it off.

  • In some sense I don't absolutely object to that because I don't really have anything to hide, right?

  • that's the obvious argument. But the problem is that if this server ever gets hacked

  • everyone's messages and emails and pictures get dumped out on the Internet, right?

  • We see that happen lots of times. We can't know for sure that this is secure, right?

  • So in some sense what we're doing is introducing a very big point of failure that could be catastrophic

  • simply so that the very few people who do things illegally could... we could serve a warrant on those people.

  • Another alternative that gets sort of suggested is this kind of backdoor.

  • Now, in some sense this is a backdoor already, this double key mechanism.

  • But when we talk about a backdoor what we're really talking about is some mathematical property of this key exchange

  • that no one else knows about, that means that we could actually decrypt the messages -is the idea.

  • Again, this is a huge problem. It's a problem because if someone else -

  • a criminal - finds out this flaw, then again all of our photos are dumped on the Internet.

  • And it seems unlikely to me that the majority of people who found this flaw, would publicize it straight away,

  • right? They would quite happily sit on it and see what interesting things they could find out.

  • That's a kind of-that's kind of worrying. Um... So again, I have some concerns about that approach.

  • (Brady) >> As long as we don't have a backdoor then there's no way for them to get in there, is it?

  • (Mike) >> Erm... Well, so yes and no, right?

  • The issue is that the messages have to be decrypted somewhere because they have to be presented onto your screen, right?

  • So Alice receives this message, her mobile app receives this message, using KAB decrypts it

  • and then it's on the screen, right?

  • At this point someone just steals her phone, runs off and reads her messages

  • or bugs her phone... Um, and reads her messages routinely, has them forwarded on.

  • In this day and age of quite secure end-to-end encryption

  • the much more likely target of attack is not the encryption itself: it's just the end points.

  • So, I've got your phone here, right? Which you have kindly left the PIN code off for me.

  • And I can just scroll thought your messages and read them all, right?

  • They're not encrypted because that encryption has been removed once it got to this end point.

  • (Brady) >> So it's basically automatically decrypted, then.

  • (Mike) >> Well, yes. To have a good user experience it's got to essentially hide all that encryption away

  • and it presents you with a nice set of readable messages.

  • So, in some sense, then your security relies on your PIN code, and the operating system running on your phone

  • or your laptop device. Um, and if those are vulnerable then, you know, really the end-to-end encryption is completely circumvented.

  • "This is directly adding content to my normal vision.

  • The problem is the area that it has to add this content is really very narrow, I think it's the [...]"

So, recently the Home Secretary of the United Kingdom Government was on

字幕と単語

動画の操作 ここで「動画」の調整と「字幕」の表示を設定することができます

A2 初級

エンド・ツー・エンド暗号化(E2EE) - コンピュータマニア (End to End Encryption (E2EE) - Computerphile)

  • 0 0
    林宜悉 に公開 2021 年 01 月 14 日
動画の中の単語