Phil Zimmermann: ‘We Really, Really Don’t Have the Keys’

SAN JUAN, Puerto Rico–Phil Zimmermann has seen more changes in the the threat landscape in his career than he may care to remember. The inventor of the PGP encryption software and one of the key movers in the crypto wars of the early 1990s, Zimmermann is back in the game now with a new mobile crypto system that’s designed to help take the prospect of government eavesdropping and criminal attacks on mobile communications off the table.

SAN JUAN, Puerto Rico–Phil Zimmermann has seen more changes in the the threat landscape in his career than he may care to remember. The inventor of the PGP encryption software and one of the key movers in the crypto wars of the early 1990s, Zimmermann is back in the game now with a new mobile crypto system that’s designed to help take the prospect of government eavesdropping and criminal attacks on mobile communications off the table.

The new venture, Silent Circle, launched last year and was conceived with the idea of giving people in hostile situations a reliably secure communications mechanism, even if they think they may be under active surveillance. Users of the iPhone or Android app can conduct secure, encrypted voice calls with other users. The system relies on an encryption scheme that doesn’t use the public-key infrastructure, something that Zimmermann was adamant about.

“I’m willing to go to great lengths to avoid the public-key infrastructure,” he said in a talk at the Kaspersky Lab Security Analyst Summit here Tuesday. “What could be a more spectacular public failure than that infrastructure?”

Zimmermann said that the recent compromises of certificate authorities such as DigiNotar and Comodo have shown how fragile that infrastructure is, something that many security and cryptography experts have been saying for the better part of a decade. The other thing that Silent Circle doesn’t do is hold any user encryption keys, not even for a second, because the keys never pass through the company’s servers. The crypto operations are done on the client side.

That’s an important point, because it prevents the company from having to deal with any demands from law enforcement agencies looking for encryption keys.

“We really, really don’t have the keys,” he said. “This is for serious people in serious situations. I think probably it’s not a good idea to trust crypto software if they don’t publish the source code. It’s not just [to look for] back doors, but what if they screw up and make a mistake?”

Silent Circle also has secure email and text apps. The company has published the source code for its VOIP app and plans to do the same for its text app next week. Zimmermann said that there is no chance that the company will include any back doors or law-enforcement access mechanisms for its products.

“We’re not going to build in any back doors in our service. I’ve spent my whole career on the principle of no back doors, so I’m not going to start now. One thing we won’t do is cave in.”

Suggested articles