Investigatory Powers Act - Government mandated backdoors
lists at internetpolicyagency.com
Mon Dec 5 07:54:26 GMT 2016
In article <ecf10e6b-4863-a5bd-1beb-9c32615683dd at zen.co.uk>, Peter
Fairbrother <zenadsl6186 at zen.co.uk> writes
>> And as for new (or existing) services needing a backdoor, that's not
>> what Act is asking for.
>> B) "Because a backdoor implies a 'key' being given to a third party
>> such law enforcement to do its own decryption, whereas the Bill
>> just asks for CSPs to use their existing key to the front door
>> to produce the plain text, if they are able to."
>The Bill also permits the SoS to require "relevant operators" to
>maintain or perhaps generate the ability to produce the plain text.
>Probably the most important example is Forward Secrecy in eg TLS
>suites. In order to maintain the ability to produce the plain text,
>relevant operators can effectively be required to modify their systems
>to retain the keys used rather than discarding them.
As with the A5/1 SM encryption it would be far easier to simply
intercept the plain text *after* it has emerged from the TLS 'decoder'
at the operator's premises.
>Some may consider that a required backdoor, but as the relevant
>operator keeps the keys, and they are not available to Plod etc without
>a warrant, I don't know whether it really counts. Maybe 1/2 a required
Remember, this is about intercepting transmissions happening *now*, not
decrypting historic transmissions where for some reason they have been
stored while still encrypted by the carrier's internal encryption
>Of course there is a small problem for the SoS and/or Plod here - if an
>effect of the modification to the system, eg removing the deletion of
>keys, makes any of the content available to a person other than the
>sender or recipient then it would be interception, and unlawful.
Only if you don't have a relevant warrant to hand.
More information about the ukcrypto