Investigatory Powers Act - Government mandated backdoors

Roland Perry lists at internetpolicyagency.com
Mon Dec 19 11:17:18 GMT 2016 

In article <e7d0ee3b-6153-172a-e7a9-15f6a1491eb4 at zen.co.uk>, Peter 
Fairbrother <zenadsl6186 at zen.co.uk> writes
>On 05/12/16 07:54, Roland Perry wrote:
>> In article <ecf10e6b-4863-a5bd-1beb-9c32615683dd at zen.co.uk>, Peter
>> Fairbrother <zenadsl6186 at zen.co.uk> writes
>[...]
>>> Probably the most important example is Forward Secrecy in eg TLS
>>> suites. In order to maintain the ability to produce the plain text,
>>> relevant operators can effectively be required to modify their systems
>>> to retain the keys used rather than discarding them.
>>
>> As with the A5/1 SM encryption it would be far easier to simply
>> intercept the plain text *after* it has emerged from the TLS 'decoder'
>> at the operator's premises.
>>
>>> Some may consider that a required backdoor, but as the relevant
>>> operator keeps the keys, and they are not available to Plod etc
>>> without a warrant, I don't know whether it really counts. Maybe 1/2 a
>>> required backdoor.
>>
>> Remember, this is about intercepting transmissions happening *now*, not
>> decrypting historic transmissions where for some reason they have been
>> stored while still encrypted by the carrier's internal encryption scheme.
>
>(an ISP would not usually use TLS, it's more for websites)
>
>I was thinking more - Plod intercepts an IP (with a warrant) - gets 
>ciphertext - asks a relevant operator, eg Googlemail, to decrypt.
>
>RO says "no I can't, I used forward secrecy and both the keys and 
>plaintext are gone".
>
>HO says "you must maintain the capability" (under s. 254, with the 
>relevant authorisation in Ss.254(1)(a) being a putative but not extant 
>S.16(1)(a) warrant). See [2] below.

I'm not going to check the sections quoted with a fine toothed comb, but 
in principle the Act can attempt to place such a duty on a carrier to 
help provide the plaintext of *future* transmissions, if all the normal 
conditions of practicality etc are met. The fun will start when 
jurisdictional issues arise.

>>> Of course there is a small problem for the SoS and/or Plod here - if
>>> an effect of the modification to the system, eg removing the deletion
>>> of keys, makes any of the content available to a person other than the
>>> sender or recipient then it would be interception, and unlawful.
>>
>> Only if you don't have a relevant warrant to hand.
>
>[2] aiui, the relevant authorisation in Ss.254(1)(a) in regard to which 
>HO can issue a technical capability order is any relevant authorisation 
>of the types in Ss.254(1)(a) which might reasonably come along in 
>future.
>
>There doesn't have to be, indeed there cannot reasonably be expected to 
>be, any specific authorisation covering everything the order might 
>involve at the actual time the order is served.
>
>However as there is no actual authorisation in existence for everything 
>the technical capability order might cover, if the behaviour the order 
>requires involves interception then it would be unlawful.

Interception requires making the material available to someone, simply 
making one's equipment intercept-ready is not interception.

When a target uses the system, *and* there's a relevant warrant in 
force, *then* handing over the product is a *legal* interception.

>I suppose HO or FO might, by some chicanery, have a bulk warrant to 
>hand - but I don't think they could have a targeted warrant at the time 
>they served the capability order, which covers much more than any 
>targeted warrant could.

As the process of negotiating a successfully served capability order is 
complex and involves appeals, it's unlikely to be helpful to start that 
process *after* you have a specific targeted warrant in your hand. 
Unless you are chasing someone like Bin Laden and expect to be on the 
case for several years.

>Roland, do you have any historical view on the meaning of 262 (11) 
>“Telecommunications service” means any service that consists in the 
>provision of access to, and of facilities for making use of, any 
>telecommunication system [...]?

It's 261(11)

>There seem to be two separate requirements, firstly the provision of 
>access, and secondly the [provision of] facilities for making use of - 
>but I cannot make any sense of that.

Perhaps the it you left out can assist us:

  "(whether or not one provided by the person providing the service)"

and noting that a telecommunications system is:

  " a system ... for the purpose of facilitating the transmission of
    communications"

I think it becomes clear that we are talking about connectivity (transit 
from the user to the destination server) and an invisible "hence" after 
the "and".

eg. A worked example: Vodafone provides a service which provides access
     via GSM and backhaul to the PSTN and hence to BT's network which is
     a system for contacting BT's phone subscribers.
-- 
Roland Perry

More information about the ukcrypto mailing list