Personally I find it unbelievable that major governments are not already in possession of the private key for at least one of the 150+ root certificates pre-installed on my device.
Having the private key for a root CA does not allow them to decrypt your traffic. They'd have to sign an impostor certificate for the hostnames to which you connect, and actively tamper with (MITM) your traffic using that new key/certificate. This would be trivially detectable (indeed that's what certificate transparency does).
This would be a lot of effort for very little reward.
The problem is that those keys can't be used passively. Just knowing these keys achieves nothing (lay people often assume you could snoop TLS, but, that's not how it works with a CA root even in archaic SSL versions) The only useful thing you can do with those keys is make certificates (the thing the CA gets to do legitimately) but presumably you'd make bogus ones.
But in most of the world's web browsers those certificates don't work unless they come with SCTs, receipts from two or more public certificate transparency logs promising they logged these certificates.
So now as well as obtaining private keys to a trusted root CA, you need to break at least two of the CT logs.
This deliberately and unavoidably creates a paper trail showing what happened. All three entities (the root CA and two logs) have their reputations destroyed and if they're for-profits presumably go bankrupt (or the business unit fails).
And what did you get for this? A forged certificate? Maybe a few dozen if you targeted carefully. Maybe you were able to pull this off for a whole week before alarm bells got too loud to ignore ?
"Cryptographer Bruce Schneier says the attack may have been "either the work of the NSA, or exploited by the NSA."[6] However, this has been disputed, with others saying the NSA had only detected a foreign intelligence service using the fake certificates.[7]"
