> you can't backdoor encryption without making it insecure.
That’s not really true is it? If I have a building where every room has its own key, but there is also a “master key” that can open all doors; then it’s not “insecure”. You want to be pretty bl—dy careful with that master key, sure, but the idea isn’t crazy.
Physical analogies don't really work in this situation because of the scale, and the payout.
A physical master key for a building has a few hundred thousand/a few million people that could potentially access it. The payout is low (i.e. the motivation is low on average)
An encryption backdoor to phones has a few billion people that could potentially access it. From anywhere in the world. The payout is huge (access to all iPhones).
Multiple entire governments would dedicate tens of millions of dollars and thousands of people to gain access to a ubiquitous backdoor on something like a phone. The same just isn't true with your building analogy -- they are completely different.
More to the point, a master key is a management tool for infrastructure maintenance. Its relationship to security is that I can securely keep all the monkeys organized in my monkey hut. The master key exists in a world where you can throw a brick through a window.
Security *around* the master key is entirely about pinning liability to one human being at a time. Security through hot potato.
It doesn’t have to be one key for all, one key for a bucket, per user if needs be. Can’t these master keys be in offline HSM’s? I get your argument, but it doesn’t seem an impossible problem to solve.
So the UK government would buy one HSM for every UK citizen and store their backdoor access key on there?
And put the HSMs where? In a big room? Protected by a door, with one key?
Or maybe each of the 650 elected politicians gets to hold 10 HSMs, each holding 10,000 keys? That way, by distributing trust, we can be completely sure that politicians are always snooping on about 10% of everyone's mails, instead of worrying about whether it's 100% or 0% at any particular moment.
It's (perhaps not?) well known that locks that are master keyed are inherently less secure than locks that aren't
It requires roughly half the picking effort.
in a lock you have multiple sets of pins. the key pushes pins, and if it pushes all the pins so that the top of the pin is at the boundary of the lock (the shear line), the lock turns.
There is a spring that pushes a connected pin down, which is what actually prevents the lock from turning. These are called driver pins. there is a separate pin(s) that the key actually interfaces with. The key pushes the pins until the driver pin moves past the shear line, when all driver pins and key pins are not interfering with the shear line, you can rotate/whatever the key and it is unlocked.
A master-keyed lock has additional discs inside the keyway, usually below the normal pins (closest to the key.) The discs are added based on the amount of extra movement needed to accept both the non-master, and the master key. So a master keyed lock has two, separate shearing points, the top of the regular pin, and the top of the master disc. This means there are at least two set-points for picking to get the driver pin out of the way - where the driver pin is flush with the shear line (as it would be with a regular, non-master key,) and where the normal pin's lower face is flush with the shear line (as it would be when a master key is inserted).
That master key sounds like a high value target, if it can open so many doors. Are you sure the one who guards that key is storing it securely enough and not just in a keyring together with other "important" keys he sometimes carries around needlessly? Are you sure he can't be coerced into "borrowing" it to someone, or handing it over to the police without first letting a lawyer check the warrants?
Have you considered that the locks need to have a weaker security if a key must exist which can open all the doors in the building?
The last part is probe to discussion, though. You need to make the lock weaker, yes, but maybe just a little bit and you maybe need 4.5 days to open it vs. the 5 days when there is no master key. It is a matter of math (mechanics in that case) and risk assessment.
The ability to steal the master key by virtue of it being a physical object is SEVERAL orders of magnitude lower than a "virtual master key" that is potentially vulnerable to the entire online community.
If you consolidate security into a singular "skeleton key" - you 100% weaken your security.
That’s not really true is it? If I have a building where every room has its own key, but there is also a “master key” that can open all doors; then it’s not “insecure”. You want to be pretty bl—dy careful with that master key, sure, but the idea isn’t crazy.