| But that's a bit of a different argument that the hand-waving Keybase were using. Saying "it's not possible to build a secure backdoor" is a cop-out. The truth is, we can build systems so that your data can be decrypted with either your key, or a master key. And we can build systems where the master key requires multiple coordinated parties. Such systems can be used to implement secure backdoors, but only if we can trust those parties with the master keys to do their job properly. That requires: - Proper key security so their keys don't get exposed - Proper access controls so that the keys are only used for the purpose for which they're intended. The problem is that we know with complete confidence that all of the parties involved in that process will fail at one or both of those hurdles. This isn't a technical problem. "Secure golden keys" are technically feasible, and not even particularly hard. It's simply an issue that there is no one that you ought to trust with such a key. |
Your alternative is basically saying "it's theoretically possible, but in practice impossible". If so, the theory is incomplete: it fails to account for the human factor.