British intelligence agency called in to break BlackBerry encryption
Peter Fairbrother
zenadsl6186 at zen.co.uk
Mon Aug 29 11:18:42 BST 2011
http://www.zdnet.com/blog/igeneration/british-spy-agency-called-in-to-crack-blackberry-encryption/12281
"British intelligence service, MI5 has been drafted in to assist its
sister service, GCHQ in cracking the BlackBerry encryption code"
Now GCHQ are the code boys and MI5 are supercops, and maybe Zdnet just
got it the wrong way round.
Or maybe GCHQ are asking MI5 for help in collecting plaintext/ciphertext
pairs in order to attempt a crack - MI5 get the plaintexts by seizing
Blackberries (or more likely getting the ordinary cops to seize them)
and reading the messages on them, and GCHQ gets the cipherexts by
interception.
In order to access the content of messages, whether encrypted or not,
CGHQ needs a warrant under RIPA.
These warrants come in two types, an ordinary warrant and a certificated
warrant for when the communication is sent or received from abroad.
Ordinary warrants can only cover one person or one premises per warrant,
but certificated warrants can include "fishing" warrants and cover large
numbers of people and places.
The number of warrants issued is reported to Parliament annually, it's
been about 1,500 - 2,000 or so for the last few years. It is unknown how
many of them are certificated RIPA s.8(4) fishing warrants.
Looking at a Blackberry message from Yob Adam in Peckham to Rasta Bob in
Brixton, the message is first encrypted and transmitted from Adam's
Blackberry to RIM's servers in Paris, where it is decrypted. RIM then
re-encrypt it and transmit it to Bob. Only link encryption is used, no
end-to-end encryption.
So the two _transmissions_ are sent to or from Paris, even though the
sender and intended recipient of the _message_ are both in the UK.
Unfortunately RIPA doesn't use the terms "transmission" or "message", it
uses "communication"; and that term isn't well enough defined that
someone couldn't say the transmission is a communication - and thus GCHQ
can intercept it with an external warrant, which can include collection
and examination of all traffic for fishing purposes.
Whether a Court would agree with that interpretation is perhaps unlikely
- but it's not likely that it's ever going to be tested by a Court.
Of course GCHQ may not be relying on that interpretation. I have no
evidence that they are - maybe they consider RIM in Paris to be a single
premises, though again that might be legally dubious.
They may even be collecting Blackberry messages under ordinary warrants,
one per perp, but if so the Home Secretary's fingers will be getting
sore - she has to sign each warrant.
If there are no relevant warrants (and if Zdnet are right and GCHQ are
intercepting en masse) then CGHQ would be behaving illegally. I don't
think that's very likely, they would want some form of warrant even if
it's a bit dubious legally to cover themselves. I'm just curious as to
what that might be.
-- Peter Fairbrother
More information about the ukcrypto
mailing list