SAN FRANCISCO--When Apple decided earlier this year to store the encryption keys for Chinese iCloud customers in a data center in China rather than in the United States, it drew sharp criticism from security and privacy experts who were concerned about how easy it would be for Chinese authorities to access users’ data. But there may be some other risks associated with that move, as well.
Apple officials made the decision to keep the encryption keys in China in order to comply with a Chinese mandate that cloud service providers that do business in the country must also keep user data in China. The move, made in February, has a lot of implications, not the least of which is that Chinese law enforcement and other agencies will be able to access stored data without having to go through the courts in the United States. And with access to the encryption keys, authorities can then get to users’ stored iCloud data, which can include email, texts, and other information.
That’s a serious concern for users in China, but it could also be an issue for Chinese authorities.
“The leadership in China is in for a surprise when that data gets hacked. We don’t know how to design systems that let the good guys in but keep the bad guys out,” Paul Kocher, a cryptographer and security researcher, said during a talk at the RSA Conference here this week.
Databases of sensitive information are prime targets for many types of attackers, from those on the bottom of the food chain all the way up to the apex predators such as state actors. Data like iCloud users’ text and mail histories would be of particular interest to many of those classes of attackers, and the more people and organizations who have their hands on that data, the more at risk it could be. In the U.S. access to such data is limited by the requirement for search warrants or other orders, but that process is quite different in China.
“Once everyone has access to it, it’s no longer exceptional,” said Adi Shamir, a professor at the Weizmann Institute in Israel, and one of the creators of the RSA encryption algorithm.
In the face of increased threats to user privacy, companies such as Apple, Google, and others have moved to encrypt more and more channels, and have made their phones and other devices encrypted by default. This has led to conflicts with law enforcement in the last couple of years, but the move to more encrypted communications and devices likely is going to increase, not decrease. And that will lead to more conflicts, especially with companies that don’t hold the encryption keys for their users’ data.
“Saying I can’t is always easier than saying I won’t,” said Moxie Marlinspike, a cryptographer and co-creator of the Signal encrypted messaging protocol.