FW - ripa effectiveness letter

[Peter Fairbrother]

With this consultation the Home Office seek to implement a law which will
allow the Police access to everybody's encrypted secrets, data which people
have tried to keep secure on their computers by encrypting it.

The Home Office may believe that they, or their servants the Police, have a
right to see everybody's secrets - but a natural right to privacy, legal
precedent (eg Entick v. Carrington, 1756), and the proper limitation of
Government powers suggest that they should have no enforced access to
private data.=20

Silence should be a right. It should never be punishable. Forcing people to
incriminate themselves by providing decryptions or keys under threat of
imprisonment is akin to, if not actual, torture.

More, the huge (one British Chambers of Commerce estimate is =A346 billion
over 5 years) financial cost in both expense and damage to industry of
implementing this particular and particularly ill-conceived and ill-written
Act is disproportionate to the stated goals, and vastly in excess of any
possible benefit Police access to protected data might have.

Perhaps most important, modern cryptographic technology says that demands
for access cannot be successfully implemented.

As a cryptologist I can best address the last point. If implemented this
proposal might allow a few prosecutions on existing evidence - but people
can and will make small adjustments to the encryption technology they use
which will make the law ineffective in future cases. It can be as simple as
choosing the right program.



For data in transit session keys can be used, keys which are erased as soon
as they are used, making intercepted data impossible to decrypt, even by th=
e
people who sent it. This already happens when you use a https:// secure
internet page to shop, and it is not too difficult to extend the technique
to email, or to internet telephony. Skype in particular is said to be
already secured that way.

For stored data several techniques are available. Steganographic filing
systems like TrueCrypt or Rubberhose can hide data so it cannot be found,
they make it impossible to identify "protected information". You may have a
disk full of what looks like encrypted data - but it is impossible to tell
whether it actually is, or how full it is.

Actually all modern encrypted data is indistinguishable from random data,
indistinguishability has been a requirement of secure cipher design since a=
t
least 1984 when Goldwasser and Micali proved that indistinguishability is
mathematically equivalent to semantic security. The only thing that may
sometimes tell you that some "flat" data is protected information is
unencrypted directory entries and the like referring to it - but encrypt
those as well, and all becomes obscure.

If this becomes law I expect criminals and businesses, especially businesse=
s
with trade secrets, will implement gak-resistance (government access to
keys) first, with the rest of the population following on in due course.

These are just some of the techniques which are available in commercial
products today and, if the experience of the passing of the bill six years
ago is anything to go by, where it is not yet implemented commercial
cryptographers are already planning how to incorporate gak-resistance into
all the major cryptographic suites. Eventually I expect all deployed
encryption programs will be gak-resistant.

Other techniques are available to the cryptographer. For instance, data can
be stored under a requirement that access be authorised by an electronic
signature, akin to a safety deposit box in a Bank - but a Bank which can
conveniently be in any jurisdiction. The Act protects electronic signatures
against enforced disclosure to some extent, although on this issue where th=
e
legal line lies is at best unclear.




At bottom, we can have either secure electronic signatures or effective
Police access to protected data - but we cannot have both.

The government do not seem to realise that, for some apparently-inexplicabl=
e
reason - wishful thinking? They have all of GCHQ to ask for advice, so why
don't they?



More, we cannot have secure e-commerce or even secure commercial computer
systems and effective Police demands for protected data or keys, they are
incompatible.=20

The Government appear to have conceded this point, as they are not proposin=
g
demands for ssl/https session keys - besides, they couldn't get them anyway=
,
they don't exist any more, and no-one has ever seen them.

Yes, you too can use use ssl/https to send data, secure in the knowledge
that it can't be decrypted, or keys demanded. All it takes is a little
computer skill - and that will be mechanised pretty soon, and available to
everyone.



Last, it is easy to hide secrets so that they cannot be proved to exist, at
least to the standard of proof normally used in criminal matters. We cannot
retain "beyond reasonable doubt" and have effective Police or Government
access to secret data and/or encryption keys.

This technology already exists, but is not widely used. I predict that if
this becomes law a lot of people will start using it!



Modern encryption technology simply does not permit effective demands for
decryptions or keys to exist along with any of these - electronic
signatures, secure ecommerce, or just enforcement.



--=20
Peter Fairbrother