B007: Futile Censorship

I had a discussion the other day with one of my friends regarding government-instated censorship and how manipulatable the whole internet is, ultimately supported by a select few companies of a conglomerate cabal that can theoretically impose whatever they wish on the users of the internet.

My viewpoint on the matter is that whatever the government attempts would be futile in the long run for a myriad of reasons and this debate prompted me to formulate my arguments in a full-fledged article so here we are.

Cyberattacks & Sanctions

A core argument of the other side is that we have observed a steady rise in cyber-attacks and/or technical failures the past few months which are being deliberately done so to justify heightened surveillance in the name of security and government-backed sanctions on non-compliant actors.

Although this is stepping a little bit into conspiracy theory territory, the fact that these incidents are garnering popularity and are more common is undeniable. It is not completely illogical that, while perhaps not deliberately, these attacks can be used as fodder by local governments to pass laws that increase the surveillance level of their citizens around the globe.

Another fact that we have observed is the major opposition against open cryptography by the U.S. government, going so far as to attempt to legalize cryptographic backdoors in what is known as the LAED act. The government of the U.K. was not that far behind a while ago either, hinting towards an outright ban of end-to-end encrypted messaging apps in a nationwide surveillance effort.

Government Rationale

The trojan horse the governments are riding on to propose these bans is that cryptography is “mostly” utilized by malicious parties to conduct illicit activity and that their communication should not be shielded by a veil of unbreakable encryption should legal actions indeed be carried out against them.

While the argument appears sound, it is quite improbable that the true purpose of such a stern opposition to cryptography by governments is solely fueled by an extra level of surveillance on illicit activity. A ban of encryption in the manner the governments are seeking would be quite public and would in turn simply stop wrong-doers from using these applications altogether.

Furthermore, cryptography is (mostly) based on open-source technology, meaning anyone is free to implement and/or use a cryptographic suite in their own software. Let us consider a hypothetical scenario whereby the major governments around the world form a coalition to end cryptography and thus ban such applications from use.

It would be trivial for democratic individuals and criminal networks alike to develop a peer-to-peer messaging solution that utilizes end-to-end cryptography. Given that the application could be entirely peer-to-peer, there would be no “central” servers to ban via an access list and the communication itself would seemingly appear as any other encrypted communication on the internet.

Supplemental Means

Even if end-to-end encrypted messaging apps are banned, there are multiple other avenues that criminals would pursue to carry on their illegal activities without hindrance. The world of the internet is governed by machines and digital information all of which is malleable.

Specialized hardware can permit one to appear as a machine with a completely different physical signature, for-hire “gateway” proxy machines can be logged into to route communication via distant geographical locations, and multi-layer encrypted hotspots can pool multiple communication lines under a single machine thereby enabling plausible deniability.

The same “pooling” principle is utilized for disfiguring money trails as well by what are known as “tumblers”, single party monetary gateways that contain multiple inputs and outputs all of which are indiscernible and cannot be confidently associated.

Although not called as such, this is the same principle behind Tornado Cash; a zero-knowledge-proof-based solution that disassociates its inputs with its outputs thus ascertaining a good level of privacy. These schemes are as resilient as their adoption with Tornado Cash being the most commonly utilized on Ethereum.

In the past, it was simple for law enforcement agencies to set up honey pot tumblers where criminals would deposit their funds and be immediately detected. With the advent of blockchain technology and in particular decentralized execution of programs, however, it would be impossible to hide code-based backdoors on such implementations.

Conclusion

Factoring all the above into account, an effort to actually block cryptography “once and for all” would be close to if not impossible. In my opinion, the narrative for banning cryptography is curated towards attracting positive attention from non-technical people and is a red herring.

If governments truly wish to act for the benefit of their citizens, they should instead evaluate how they can embrace cryptography as a fact rather than attempt to obliterate it and propose more mature and of course restrictive legal frameworks around the matter, such as responsible disclosure of cryptographic keys in case of whistle-blowing, etc.

This article should in no shape or form be considered an opposition or support of any entity or government and is simply meant to express my personal opinions on a widely debated matter.

A Solidity security auditor keen to share his knowledge.