UK cyber-spy law takes Snowden's revelations of mass surveillance – and sets them in stone The encryption bothering parts of the UK's Investigatory Powers Bill have left IT security experts flabbergasted. Introducing the draft internet surveillance law in the House of Commons on Wednesday, Home Secretary Theresa May presented it as consolidating and updating existing investigatory powers. She spun it as a break from …
> The UK government wants to promote the use of good crypto to further its established goal of making the UK the best place in the world to do e-commerce. Alongside this, GCHQ and MI5 still want to be able to decrypt communications and identify suspects in terrorist plots, child abuse, and other serious crimes.
So basically the government are saying 'come and do your online business in the UK, we're very secure (but make sure you give us the keys just in case we need to hack you)'
And how long will it be before some careless plod or council official loses a laptop or some such device with a load of snooped data on it?
This post has been deleted by its author
This post has been deleted by its author
"I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will.
Our commitment to protecting your privacy comes from a deep respect for our customers. We know that your trust doesn’t come easy. That’s why we have and always will work as hard as we can to earn and keep it."
Imagine how annoyed Theresa May is going to be when he tells her to take a flying fuck at a doughnut.
You seem to be forgetting that US companies that co-operate are imdemnified by the US Govt, can lie to their customers and are protected from being sued by their clients when it turns out they were lying all along. The more a company shouts about it's non-coperation and independance, the more you can assume they are fully co-operative with Govt agencies. Please don't be so naive.
Where they changed their design for iOS so that it is IMPOSSIBLE for them to give up a user's key, since they never have access to it. Previously they kept a copy, so they could be support-friendly if someone forgets the password or the next of kin wants access or whatever and be able to remotely unlock it. That left open the possibility that the government could coerce them via secret laws with secret penalties for the company or its execs, so they protected themselves by changing the design so Apple never has the key. Too bad for forgetful people who forget their password, but it makes things easy for Apple if the NSA comes knocking. "Sorry, we couldn't help you even if we wanted to".
There's another negative effect that if an actual terrorist, pedophile or other Bad Person had some data on their iPhone the government wants to access, with a valid court order and so forth, Apple can't help them and neither can data recovery companies - even if it would be the only means of saving lives. That's too bad for prosecutors and the general public, but the government brought it upon themselves through their actions of thinking they are entitled to ask tech companies for data without a warrant.
Where am I ?
In the Village.
What do you want ?
Information.
Whose side are you on ?
That would be telling. We want information… information… in formation.
You won't get it.
By hook or by crook, we will.
Who are you ?
The new Number Two.
Who is Number One ?
You are Number Six.
I am not a number, I am a free man !
Perhaps it's time to make this old power themes 90 prisoner remix no 1 in protest:
Business as fucking usual. It does make me laugh when they roll out the tired "protect the kids" line though. Why? Well mi5 were filming kids being abused for over a decade at dolphin square and did nothing. Blackmail I think it's called, and remember that dossier that was lost? Or the witness testimony "accidently" deleted.
Mark my words, they won't stop. Not until they have you tagged and tracked from birth to death.
This doesn't try to uninvent incryption as the sub title suggests. It just says that CSPs have to
".. maintain the ability to remove any encryption applied by the CSP to whom the notice relates.." so if TalkTalk encrypt your account details before storing them (which I guess they will soon be doing) they have to decrypt them when GCHQ ask. That's fine, you never knew whether they were encrypted in the first place and you certainly didn't have an expectation that those details were a secret from TalkTalk.
However, if you send an encrypted email then the encryption was applied by you, not the CSP so they don't have any responsibility to decrypt it.
That would be terrible if that were the case, for those of us that run vpns then. Gosh its all deeply upsetting.
Especially the paradox of "we want good strong encryption which is to keep our citizens safe but we must be able to unlock it with a skeleton key".
"However, if you send an encrypted email then the encryption was applied by you, not the CSP so they don't have any responsibility to decrypt it."
When did they repeal the law that said if you refused to provide them with the key you were guilty of an offence with very severe punishments?
"That means investigation to establish evidence of a crime being committed.
IE Real police work"
It requires only that a suitably senior police officer (Superintendant - or is it Chief inspector, I can't remember) state that it is it is necessary and proportionate to require the key - maybe also evidence that a crime has been (really "may have been") committed. But does any connection between the crime and the decryption need to be established by evidence other that the police officer's opinion? I don't remember seeing any such requirement in any (UK) legislation.
Three words:
One .... Time ... Pad
To explain to the apparently hard of hearing (i.e. those in government): If people REALLY want to encrypt, they can, and NOBODY can even tell it is an encrypted message, not just a load of digitized line noise. Hide the line noise in a cat video and only those who know which one it is, and what pad to use can decrypt. GCHQ knows this, the NSA knows this.
One time pad... Sure, works wonderfully and is the only provably secure crypto system known to man. The problem with it of course, is storing or generating all the damn keys, and making sure they get generated in a provably random way, which is actually a lot harder than it sounds when you need to make a million keys - just the article we're discussing has 8529 characters in it which would require hundreds of keys to encrypt.
@LucreLout the article is much longer than any instructions to sleeper agents would need to be. The problem with one time pad is, as with idiot code, the issue of key distribution. The thing about idiot code though, is that it doesn't even look like cipher text: a message saying that your friend is expecting triplets, but is still hoping for a home birth instead of going to a major hospital such as Reading and that the due date is April 23 may mean that you should attend a given meeting site / drop box at 16:23 on Tuesday and pick up some explosives.
One time pad...
Here we go again with the obligatory OTP rubbish.
Sure, works wonderfully and is the only provably secure crypto system known to man.
"only provably secure crypto system known to man" is either wrong or tautological, depending on how specific your definition of the OTP is. The security proof for OTP rests on the fact that all plaintexts of appropriate length are equally likely for a given ciphertext, if the OTP conditions are met. That's a limited proof; it doesn't account for side channels, traffic analysis, etc.
OTP as traditionally described provides only confidentiality; you can use a bit-flipping attack to change the ciphertext and then the recovered plaintext. You have to add a message integrity mechanism to detect alteration. So the OTP "provably secure" claim doesn't cover attack categories outside confidentiality.
Further, if the definition of OTP you're using isn't sufficiently general, then you aren't including some OTP constructs. For example, most people describe OTP using XOR, but EQV works just as well. And an OTP cryptosystem can be decorated in various ways without violating the OTP confidentiality proof, so your definition has to cover those too if you want that "only provably secure" claim to hold up.
And if you're definition's broad enough to cover all the cases, then it covers anything that has the equally-probable plaintext attribute. And so all you're saying then is "all provably perfectly confidential [which is what you meant by 'secure', a meaningless term in this context] cryptosystems are isomorphic to an OTP". So "only" in the sense of "equivalent to all". And that's not a very interesting observation.
Of course all of this is largely irrelevant because the suggestion to use the OTP as a general cryptosystem is stupid. OTP requires a separate secure channel A that's as large as the secure channel B it provides, in order to distribute its key material. So you've just deferred your secure-communications problem, and created a less-secure channel which is open to attack and weakens the theoretical strength of the OTP.
"Of course all of this is largely irrelevant because the suggestion to use the OTP as a general cryptosystem is stupid. "
I don't think anyone was attempting to claim that OTP should be used as a general encryption system, though. The OP was pointing out that terrorists/paedos/whatever can just use a manual OTP if they want to secure their communications, and so generate an uncrackable code. Thus, it's a mathematical impossibility for the government to achieve the ability to read everything; the genuine threats can simply use unbreakable methods inserted in such a way as to make it impossible to even detect that communication is happening, let alone decode it.
I was think similar but slightly less dastardly. Store all the data in an air-gapped bit barn and when spooks or cops want the data you tell them where it is and explain that someone will meet them there. I'm sure the intention of the proposed bill is that cops/spooks will be able to log in and run a search, but like the DPAs lack of explicitly requiring encryption, this bill doesn't explicitly say how access should be provided, merely that assistance and access should be provided.
An added bonus would be to store the data in a dark cellar with a broken lightbulb and a Beware of the Leopard sign on the door..
"Take yesterday's logfiles, encrypt them, burn them to a DVD (write verification off), don't label it, swing by your dark cellar, and toss the disc randomly on the pile."
I wasn't thinking we'd be able to swing by the cellar. After all, cellars are much cheaper in Ulan Bator then London right now. We'll just mail the unlabeled disks out there every couple of weeks.
Unfortunately you cannot trust software that you cannot read the source and build a bitwise identical version of. All that it takes is the NSA to give Apple/MicroSoft/... a National Security Letter telling them to insert some malicious code into a program or library/.DLL/.so and they will have to do it and not be allowed to tell anyone.
So people needing security will have to use Open Source software; maybe on a proprietary platform, although it will be easier to validate everything it what you run is Open Source top to bottom.
Most people will not bother, but clever crooks, terrorists, paedophiles will do so - they will have the motivation. So those being spooked will be everyone other than the ones that we are being told that this is supposed to catch.
Stupid or a different agenda ?
Most people will not bother, but clever crooks, terrorists, paedophiles will do so - they will have the motivation
History rather suggests otherwise.
And I suspect that the number of supervillains with the resources and knowledge to vet open-source cryptography implementations, much less the inclination, is very small indeed. Pretty much it appears to be limited to major state actors.
That's not to say I'm in favor of government snooping, but I don't think this particular line of argument carries any weight.
With regard to the para that references RIPA:
"RIPA requires CSPs to provide communications data when served with a notice, to assist in giving effect to interception warrants, and to maintain permanent interception capabilities, including maintaining the ability to remove any encryption applied by the CSP to whom the notice relates."
Am I missing something, but in relation to the web communications data, how can the CSP remove encryption to anything other than it's own websites?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
