> How would that work? A basic principle of encryption systems is that only relevant parties have access to the secret information.
Well, the government is now one of the relevant parties. It doesn't change anything fundamental about the encryption. It just adds the government as a party. I get that you think that is bad (and I do too), that you don't trust the government. But it doesn't break the encryption, that keeps working perfectly, just like it did before. Just more parties have access.
The problem here is so many people are going around arguing against this by saying it "breaks" or "backdoors" encryption. And all those people are being completely ignored because the government is getting perfectly reasonable advice that says that it isn't breaking anything.
> Well, the government is now one of the relevant parties. It doesn't change anything fundamental about the encryption.
It does change something fundamental: now you have three parties instead of two. Take for instance the most popular key agreement protocol, Diffie–Hellman, and suppose Alice wants to use it to send a message to Bob. When the only parties are Alice and Bob, she can do some calculations with her public key and Bob's public key, and then she has the shared key to be used to encrypt and authenticate the message; these calculations can be done fully offline. If you try to add a third party (George), not only are the calculations more complex, but also they need to be online (all parties have to exchange messages before any party knows the shared key), which makes important use cases harder or impossible.
And note that I said above "encrypt and authenticate": possession of the shared key allows one to also forge messages. When there are only two parties, this works fine (Bob knows he hasn't forged anything, so the message can only have come from Alice); with more than two parties, that is no longer the case.
That is: the design of a three-party protocol is very different from and much more complex than a two-party protocol. And it gets even more complicated once you want one of the parties to be able to decrypt and validate but not forge messages.
Why can't the government use the powers it already has to compel one of the original parties to reveal the message? And punish harshly those that refuse, or destroy the ability to do so, another power it already has? Is seeking a warrant and due process that much of a burden?
Or is this really about seeking a means for dragnet surveillance?
Which government is now a party? All of them? In the entire world?
In any case, I don't know how to explain this without getting into a lot of technical details, but introducing an extra party who can read everything like that does fundamentally change the nature of the system. If you want a system where data is encrypted such that two independent parties can each decrypt it using only their own secrets, how do you think key exchange, encryption and decryption would work?
Well, the government is now one of the relevant parties. It doesn't change anything fundamental about the encryption. It just adds the government as a party. I get that you think that is bad (and I do too), that you don't trust the government. But it doesn't break the encryption, that keeps working perfectly, just like it did before. Just more parties have access.
The problem here is so many people are going around arguing against this by saying it "breaks" or "backdoors" encryption. And all those people are being completely ignored because the government is getting perfectly reasonable advice that says that it isn't breaking anything.