{"id":63311,"date":"2019-07-04T17:00:27","date_gmt":"2019-07-04T21:00:27","guid":{"rendered":"https:\/\/newsroom.carleton.ca\/?post_type=cu_story&p=63311"},"modified":"2025-08-19T09:37:28","modified_gmt":"2025-08-19T13:37:28","slug":"ghost-protocol-global-privacy","status":"publish","type":"cu_story","link":"https:\/\/carleton.ca\/news\/story\/ghost-protocol-global-privacy\/","title":{"rendered":"U.K. proposal to \u2018Bcc\u2019 law enforcement on messaging apps threatens global privacy"},"content":{"rendered":"\n
\n
\n\n \n \n \n \n
\n\n
<\/div>\n \n
\n
\n\n

\n U.K. proposal to \u2018Bcc\u2019 law enforcement on messaging apps threatens global privacy\n <\/h1>\n \n <\/header>\n <\/div>\n\n \n <\/path>\n <\/path>\n <\/svg>\n <\/div>\n\n \n\n <\/div>\n<\/section>\n\n

The term \u201cghost protocol\u201d might remind you of a famous blockbuster starring Tom Cruise<\/a>, but here it applies to a new proposal<\/a> by the Government Communications Headquarters (GCHQ) in the United Kingdom<\/a>. <\/p>\n\n\n\n

The GCHQ is the British equivalent of the United States National Security Agency<\/a>, and the proposal\u2019s function is to give law enforcement power to listen in on encrypted communications<\/a> (like those on WhatsApp, for example). <\/p>\n\n\n\n

It\u2019s not the first time the British government has taken aim at encrypted communication: in 2017, then Home Secretary Amber Rudd called for end-to-end encryption to be banned, claiming \u201creal people\u201d don\u2019t need it<\/a>. Rudd\u2019s comment reflected tremendous ignorance about how modern communication works. <\/p>\n\n\n\n

The proposal, referred to informally as ghost protocol, is a more strategic attack on privacy, packaged in security rhetoric that hides technical, personal and societal implications. In an open letter to GCHQ<\/a>, 47 signatories \u2014 including Apple, Google and WhatsApp \u2014 have urged the agency to abandon its plans.<\/p>\n\n\n\n

How end-to-end encryption works<\/h2>\n\n\n\n

<\/p>\n\n\n\n

The government proposal says \u201cyou don\u2019t even have to touch the encryption<\/a>\u201d to implement ghost protocol. End-to-end encryption<\/a> works by generating a pair of public and private keys for each user. Text encrypted using the public key can only be decrypted using the private key, and vice versa.<\/p>\n\n\n\n

Hence, if Bob and Alice want to have a chat, both share their public keys and keep their private keys secret. Bob encrypts messages using Alice\u2019s public key (so only Alice can decipher them), and Alice encrypts messages using Bob\u2019s public key. <\/p>\n\n\n\n

In a group chat between Alice, Bob, and Jill, every message Alice sends is encrypted using Bob\u2019s public key (to Bob) and Jill\u2019s public key (to Jill). Alice is notified by the app that each message has two recipients. This means that the messaging service\u2019s servers only see public keys and encrypted text: they cannot decipher text, even at the request of law enforcement.<\/p>\n\n\n\n

\"\"\/<\/a>
\n How end-to-end encryption works.<\/span>
\n <\/figcaption><\/figure>\n\n\n\n

Ghost in the machine<\/h2>\n\n\n\n

<\/p>\n\n\n\n

Ghost protocol gets around this problem by proposing that law enforcement can be added as an invisible participant to a conversation. Alice, in conversation with Bob, would then encrypt every message twice, using both Bob\u2019s public key and the public key for law enforcement. Alice would be unaware of law enforcement\u2019s ability to access her conversation.<\/p>\n\n\n\n

Framing this as an action that could only be taken if legally approved and only in situations where there is sufficient evidence to justify it sounds reasonable, but ghost protocol completely disregards the many technical implications<\/a> of modifying software to support a ghost user.<\/p>\n\n\n\n

It would require messaging apps to change how keys are negotiated among participants<\/a>, adding complexity and therefore increasing the potential for security vulnerabilities.<\/p>\n\n\n\n

By requiring apps to hide participants, it would undermine authentication mechanisms, introducing new potential vulnerabilities and eroding user trust in the service.<\/p>\n\n\n\n

It would also effectively create a backdoor<\/a> that could be exploited by messaging apps themselves \u2014 for example, a company employee who wants to stalk a co-worker. This would create a single point of failure: should a malicious attacker hack into the messaging app system, they would then be able to inject themselves as a silent listener into any conversation.<\/p>\n\n\n\n

Social implications<\/h2>\n\n\n\n

<\/p>\n\n\n\n

The personal and societal implications are even more serious. Messaging apps would need to update their software to support ghost protocol. Would this update affect all users, regardless of geographical location? Would a Canadian user be affected because a messaging app update implements U.K. law? This opens the door to any government, including dictatorships, to spy on their citizens effortlessly and covertly. <\/p>\n\n\n\n

Remember the Edward Snowden leaks<\/a>?<\/p>\n\n\n\n

If two versions of the software existed \u2014 one for users in the U.K., one for everywhere else \u2014 how would these inter-operate? Would a Canadian visiting the U.K. be able to use the messaging app? Probably not, without an update that incorporates ghost protocol. That update that would remain on their phone after they returned home. <\/p>\n\n\n\n

Law enforcement definitely needs access to information to provide security and prosecute crimes, and technology has certainly made this more challenging. But law enforcement\u2019s intelligence-gathering capabilities cannot be supported by undermining individuals\u2019 right to privacy, which is what ghost protocol proposes. It makes the many more vulnerable, so the U.K. can spy on a few.<\/p>\n\n\n\n

\n\n\n\n

<\/p>\n\n\n\n

This article is republished from The Conversation<\/a> under a Creative Commons license. Carleton University is a member of this unique digital journalism platform that launched in June 2017 to boost visibility of Canada\u2019s academic faculty and researchers. Interested in writing a piece? Please contact Steven Reid<\/a> or sign up to become an author<\/a>.<\/p>\n\n\n\n

All photos provided by The Conversation from various sources.<\/em><\/p>\n\n\n\n


\nCarleton Newsroom<\/a><\/p>\n\n\n\n

\"The<\/figure>\n\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

The term \u201cghost protocol\u201d might remind you of a famous blockbuster starring Tom Cruise, but here it applies to a new proposal by the Government Communications Headquarters (GCHQ) in the United Kingdom. The GCHQ is the British equivalent of the United States National Security Agency, and the proposal\u2019s function is to give law enforcement power […]<\/p>\n","protected":false},"author":410,"featured_media":63312,"template":"","meta":{"_acf_changed":false,"footnotes":"","_links_to":"","_links_to_target":""},"cu_story_type":[1623],"cu_story_tag":[],"class_list":["post-63311","cu_story","type-cu_story","status-publish","has-post-thumbnail","hentry","cu_story_type-expert-perspectives"],"acf":{"cu_post_thumbnail":false},"_links":{"self":[{"href":"https:\/\/carleton.ca\/news\/wp-json\/wp\/v2\/cu_story\/63311","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/carleton.ca\/news\/wp-json\/wp\/v2\/cu_story"}],"about":[{"href":"https:\/\/carleton.ca\/news\/wp-json\/wp\/v2\/types\/cu_story"}],"author":[{"embeddable":true,"href":"https:\/\/carleton.ca\/news\/wp-json\/wp\/v2\/users\/410"}],"version-history":[{"count":3,"href":"https:\/\/carleton.ca\/news\/wp-json\/wp\/v2\/cu_story\/63311\/revisions"}],"predecessor-version":[{"id":63319,"href":"https:\/\/carleton.ca\/news\/wp-json\/wp\/v2\/cu_story\/63311\/revisions\/63319"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/carleton.ca\/news\/wp-json\/wp\/v2\/media\/63312"}],"wp:attachment":[{"href":"https:\/\/carleton.ca\/news\/wp-json\/wp\/v2\/media?parent=63311"}],"wp:term":[{"taxonomy":"cu_story_type","embeddable":true,"href":"https:\/\/carleton.ca\/news\/wp-json\/wp\/v2\/cu_story_type?post=63311"},{"taxonomy":"cu_story_tag","embeddable":true,"href":"https:\/\/carleton.ca\/news\/wp-json\/wp\/v2\/cu_story_tag?post=63311"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}