Letwin wants increased penalties for refusal to decrypt

[Peter Fairbrother]

Nicholas Bohm wrote:


> I wonder: what about steganographic filesystems where it is impossible to
> prove that they contain hidden information to which keys have not been
> provided, so offering plausible deniability?

There is another side to that, that the suspect cannot prove he has given
all the keys, even if he has. SFS's are only useful where there is a
presumption of innocence and a requirement for proof of guilt beyond
reasonable doubt.

There are ways around any law about encryption I can think of, and I've
thought of plenty of possible laws much worse than you might imagine (or
that I'm willing to post).



For stored data the strategy m-o-o-t uses to get around RIPA is first to
make it hard to get the encrypted data. We do this by storing data in
foreign havens, with the option, for the most secret data, of splitting it
so that it is impossible to reconstruct the encrypted data without the
cooperation of all the data havens used. Transfers between the user and the
havens are encrypted using ephemeral keys.

Requests for access to data must be signed, and we hope the "signature-only
key" exemptions in RIPA will protect against compelled access. Breaking this
protection will prevent the use of secure digital signatures as defined by
the EU.

You can use "feed me" or any other techniques you like (that the haven
supports) to prevent unauthorised access, even requiring the physical
presence of the user at the haven's lawyer's office after an emergency
signal before further access is granted, if necessary.

Second, we use SFS's to provide plausible deniability. It's a cross between
a type 1 and type 2 SFS, so you can't tell how many files are in it (type 2
SFS's can fill up so that every file is encrypted data, but doing a full
type 1 SFS is resource-hungry, so we go in between, which actually gives two
layers of protection not one)

Third, if needed, standard stegangraphic techniques can be used to hide
extra data in the files already hidden in the SFS. And lastly, you have to
give up another key in order to decrypt, so you can take the 2-year option
and appeal to the ECtHR.

There are some more techniques that could be used, like plausibly-deniable
encryption, codebooks, and others I won't mention.



For message passing we use ephemeral keys, covertraffic, and perhaps another
as-yet-still-unimplemented technique or three as well.



We get around the main insecurities of a PC by using a
continuously-verified-by-peers CD-based secure OS and applications, with no
need to access the hard drive at all. Switch off, and everything's gone.

We're including all sorts of special effects, like anti-tempest fonts and
mouse driven key entry to defeat hardware keyloggers, plus a few more I hope
to have ready in time.



Sorry to proseletise at such length, the point is to show that there are
ways around RIPA. The simple use of a sfs for storage and ephemeral keys for
email will prevent most demands from being effective. m-o-o-t is better, but
it's not really rocket science (though it feels like it sometimes).


 :)

-- Peter