A US appeals court has upheld a contempt of court ruling against Lavabit, a supposedly secure email service, which was reported to be used by the world’s most famous whistleblower, Edward Snowden.
Just how secure was Lavabit’s encryption mechanism? Are there any better alternatives that could actually prevent eavesdropping in light of the NSA scandal?
The Snowden saga
Lavabit received media attention in July 2013 when it was revealed that Edward Snowden was using the encrypted email service with the firstname.lastname@example.org address to invite the media, human rights lawyers and activists to his press conference when he was stuck at Sheremetyevo airport in Moscow for 39 days.
The day after Snowden had revealed his identity as the whistleblower to the world, the US government served a court order demanding information on a “customer that was unnamed” under the 1994 amendment, 18 U.S. Code Chapter 121
2703(d) of the Stored Communications Act.
Lavabit’s owner, Ladar Levison, was found in contempt of court after he refused to comply with authorities to hand over encryption keys in an investigation to this unnamed customer, who is thought to be none other than Snowden himself. Levison closed down its service on August 8, 2013.
Contempt of court
Mr. Levison told the news website Ars Technica: "I haven't read the court's opinion, nor sought advice from lawyers on any possible legal strategy, so that is still pending.” Levison could also
appeal this latest decision in a higher court.
The contempt ruling was initially issued because the government told Lavabit to hand over the private SSL keys in typical industry standard electronic format within three days. Levison complied but handed over 11 printed pages listing keys that were in a tiny font, which were practically unreadable.
Afterwards, Levison was given a new deadline of three days to provide the keys in an acceptable industry standard electronic format, to which he also complied but appealed the contempt of court charge.
Back in January, Levison stated that he was working on a new secure email service:
"I just feel that the ability for individual law-abiding citizens to communicate privately without a fear of government surveillance is so important, and the courts and the politicians so naive, that the only way to ensure that we retain this ability to communicate privately is to come up with a long-term technical solution,” he said.
Was Lavabit really secure?
Interestingly enough, some cryptographic experts have debated
whether the Lavabit service was secure at all. For example, Moxie Marlinspike, a well-known expert in the world of cryptography, argues that Lavabit’s security was a facade and published a critique
of Lavabit's architecture on his personal blog.
“The system relied on SSL for security in transit between the user and server, but once at the server the email and password were in the clear. The cryptography was nothing more than a lot of overhead and some shorthand for a promise not to peek. Even though they advertised that they 'can't' read your email, what they meant was that they would choose not to.”
Marlinspike also shed light to why the feds wanted Levison to hand over the private SSL keys:
“The NSA had probably already collected the encrypted traffic from the site and needed the keys to decrypt it after the fact. If this is true, then they would still be interested in the keys even if the site were shut down. I haven't heard that Levison surrendered the keys (except once as an unreadable printout in a tiny font), so something there still doesn't add up.”
To sum up, the ciphertext, keys, and passwords are stored on a server that is completely controlled by it without the client having the ability to verify them. Hence, there is no possible way of proving or disproving that the information was being encrypted, although that might not even matter at this point.
Paging Mr. Snowden
Perhaps it is unfortunate for Edward Snowden that no one told him about Bitmessage
- a peer-to-peer messaging platform, which was launched back in November of 2012. Bitmessage is a decentralized, encrypted, P2P, trustless communications protocol that can be used by one person to send encrypted messages to another person, or to multiple subscribers.
It is possible that Bitmessage could have served Mr. Snowden better than the questionable Lavabit since it strongly encrypts each user’s inbox and replicates it inside its P2P network mixing it with other users’ inboxes to conceal the identity of the given user.
This makes it virtually impossible for anyone to tap into the info and protects the network from any attempts to overtake it. It also hides metadata form wiretapping systems and avoids sender-spoofing with its strong authentication mechanism.
Still, it is better to be skeptical in light of Lavabit’s questionable security and any computer expert will tell you that no system is hack-proof as Bitmessage’s website currently reads:
“Bitmessage is in need of an independent audit to verify its security. If you are a researcher capable of reviewing the source code, please email the lead developer. You will be helping to create a great privacy option for people everywhere!”
Cryptography vs. Surveillance
It certainly seems like there is a cat and mouse game going on between the crypto-space and various governments that are scrambling to retain their control over the flow of not only information but funds as well since the advent of cryptocurrencies such as Bitcoin.
Ironically, the advancement of cryptographic technology appears to bring out “police-state behavior” of governments across the globe from Russia
to the US
. It will be interesting to see how this tug-o-war will play out especially in terms of whistleblower protection, online anonymity, and the funding of dissident activities in general.Expert commentary
Daniel Krawisz: "People will tend to provide more services that are secure by design rather than by policy. That means a court order can't compromise the service. This could be with something like bitmessage, but pgp over tor would also be good too and anything encrypted would be a huge improvement. Email is just one step in the process but eventually all the communication over the internet will be more secure and more commerce will use bitcoin. The black market will become normalized as more people use it. Government will be unable to stop it."