Investigatory Powers Act - Government mandated backdoors

[Roland Perry]

In article <ecf10e6b-4863-a5bd-1beb-9c32615683dd at zen.co.uk>, Peter 
Fairbrother <zenadsl6186 at zen.co.uk> writes
>> And as for new (or existing) services needing a backdoor, that's not
>> what Act is asking for.
>>
>> B)      "Because a backdoor implies a 'key' being given to a third party
>>         such law enforcement to do its own decryption, whereas the Bill
>>         just asks for CSPs to use their existing key to the front door
>>         to produce the plain text, if they are able to."
>
>The Bill also permits the SoS to require "relevant operators" to 
>maintain or perhaps generate the ability to produce the plain text.
>
>Probably the most important example is Forward Secrecy in eg TLS 
>suites. In order to maintain the ability to produce the plain text, 
>relevant operators can effectively be required to modify their systems 
>to retain the keys used rather than discarding them.

As with the A5/1 SM encryption it would be far easier to simply 
intercept the plain text *after* it has emerged from the TLS 'decoder' 
at the operator's premises.

>Some may consider that a required backdoor, but as the relevant 
>operator keeps the keys, and they are not available to Plod etc without 
>a warrant, I don't know whether it really counts. Maybe 1/2 a required 
>backdoor.

Remember, this is about intercepting transmissions happening *now*, not 
decrypting historic transmissions where for some reason they have been 
stored while still encrypted by the carrier's internal encryption 
scheme.

>Of course there is a small problem for the SoS and/or Plod here - if an 
>effect of the modification to the system, eg removing the deletion of 
>keys, makes any of the content available to a person other than the 
>sender or recipient then it would be interception, and unlawful.

Only if you don't have a relevant warrant to hand.
-- 
Roland Perry