A security researcher has said software developed by the UK intelligence agency GCHQ contains weaknesses making it possible to eavesdrop on phone calls.
The security protocol is used to encrypt Voice Over Internet Protocol (Voip) calls.
In a blog, University College London researcher Steven Murdoch said the encryption process was vulnerable.
GCHQ said it was “totally wrong” to suggest there was a “backdoor” into conversations.
Dr Murdoch did not say that the vulnerability would give direct access to conversations, but that it would make it possible to undermine the system’s security.
The network operator could listen in to calls, or authorise someone else to, and anyone who hacked the system would be able to eavesdrop, he said.
One of Dr Murdoch’s chief concerns was that the security standard has “key escrow” by design – meaning, for example, that a third party has access to data sent between two people in a conversation.
This, he said, is an example of a backdoor. In this case, it could allow an intelligence agency, or the organisation which is using the standard, to intercept phone calls, Dr Murdoch said.
“I think this comes from a conflict of interest within GCHQ in that they are there to prevent spying but they are also there to spy – so they facilitate spying,”
Dr Murdoch added that he was aware of two products which use the standard, both of which are government certified. “They could be in use inside government,” he said.
The protocol in question is known as Mikey-Sakke (Sakai-Kasahara key encryption in multimedia internet keying).
It works by generating encryption keys that are used to encrypt and decrypt voice conversations. Although it is technically possible to create these keys on two separate computers and only share part of those keys publicly, the Mikey-Sakke protocol does not do this.
Instead, keys are distributed by a third party to the conversation participants – the process known as key escrow – meaning that they are much more vulnerable to interception.
It was up to GCHQ, he said, to make the scope of the protocol clear.
“If you don’t explain how you’re going to use it, what systems it’s going to be used in, what the scope and limit of the escrow facility is, then you’re going to get bad publicity,” he said.
A spokesman for GCHQ said: “We do not recognise the claims made in this paper.
“The Mikey-Sakke protocol enables development of secure, scalable, enterprise grade products.”
In a statement, GCHQ added: “Organisations using Mikey-Sakke do not share a common Key Management Server, so it is totally wrong to suggest there is a secret master key or ‘backdoor’ that would allow GCHQ or any other third party to access real time or historic conversations.