Slashdot Mirror

← Back to Stories (view on slashdot.org)

First Use of RIPA to Demand Encryption Keys

Posted by samzenpus on from the tell-us-everything dept.

kylehase writes "The Regulation of Investigatory Powers Act (RIPA) is being used for the first time to force an animal activist to reveal encryption keys for encrypted files she claims to have no knowledge of. According to the article, she could face up to two years if she doesn't comply."

18 of 645 comments (clear)

  1. solution by User+956 · · Score: 4, Informative

    The Regulation of Investigatory Powers Act (RIPA) is being used for the first time to force an animal activist to reveal encryption keys for encrypted files she claims to have no knowledge of.

    That's why you use an encrypted file system with a duress key. In the event of coercion, you give them a key that *oops* results in the destruction of the data.

    --
    The theory of relativity doesn't work right in Arkansas.
    1. Re:solution by PhrostyMcByte · · Score: 5, Informative

      any forensic team with an ounce of competence will copy the original HDD and work off the copy, so that just won't work.

    2. Re:solution by mlts · · Score: 5, Informative

      Having a known self destruct switch may cause a person to end up even worse trouble. This is a discussion that occurs periodically on a number of cryptography forums.

      Almost all police departments will image the drive, then present the person with the image to decrypt. If the image gets stung by a self destruct Trojan, then the police will know that its not a forgotten password, and then proceed to use rubber hose decryption to obtain the contents of the drive.

    3. Re:solution by Anonymous Coward · · Score: 3, Informative

      Yep, I'm pretty sure TrueCrypt (the only program I'm familiar with) does this.

      Just dump some plausibly-incriminating stuff on it (e.g. kinky porn, ABBA songs) and they'll never realise there was anything else there to look for.

    4. Re:solution by Bonker · · Score: 4, Informative

      Yeah. Truecrypt does this.

      http://www.truecrypt.org/hiddenvolume.php

      Truecrypt is pretty nifty all around.

      --
      The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
    5. Re:solution by tehmorph · · Score: 4, Informative

      Correct- TrueCrypt has support for hidden and public volumes, both of which can use entirely seperate keys/keyfiles.

      --
      Could not open .sig for reading- sanity error
    6. Re:solution by Carnildo · · Score: 3, Informative

      If you provide the passwords for both containers when mounting the outer container, TrueCrypt will prevent writes to the outer container from over-writing the inner container. Otherwise, it will quite happily over-write the inner container if too much data is written to the outer container.

      --
      "They redundantly repeated themselves over and over again incessantly without end ad infinitum" -- ibid.
    7. Re:solution by gweihir · · Score: 4, Informative

      Very easy: Assume your swap is on /dev/sda2:

          cryptsetup --key-file=/dev/random create c1 /dev/sda2
          mkswap /dev/mapper/c1
          swapon /dev/mapper/c1

      This reads a cryptogtaphically very good key from /dev/random, that has a lot of true randomness in it in addition.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  2. Re:enryption keys = keys? by ucblockhead · · Score: 3, Informative

    It doesn't. The courts have decided that an encryption key is analogous to a physical key. That's why the fifth amendment doesn't apply to encryption keys.

    --
    The cake is a pie
  3. Re:Better solution by LurkerXXX · · Score: 5, Informative

    Filesize arithmetic?

    You never used Truecrypt eh? It's not a zip file. It acts as a virtual hard drive partition that can be mounted as a drive.

    When you create the volume it generates random bits throughout the virtual partition. You can copy whatever files you want onto the virtual partition, the rest of it is random noise. You may or may not choose to have additional hidden encrypted partitions within that noise. Adding up the size of know files tells you nothing about what may or may not lurk in the rest of the space on the virtual partition.

  4. don't be so quick by m2943 · · Score: 3, Informative

    In the United States, you could never be compelled to turn over an encryption key as that is a violation of the 5th amendment

    I wouldn't be so sure. The 5th amendment only protects against self-incrimination, but the search may be for evidence against a third party, in which case you may be compelled to comply.

    It's also not clear that giving up your encryption keys would be considered "testimonial", so it might not be protected under the 5th amendment according to US courts. See here (somewhat outdated in other aspects, but an accurate reflection of US policy on the legal hair splitting):

    http://www.cybercrime.gov/cryptfaq.htm

  5. TrueCrypt is the best for Windows and Linux. by Futurepower(R) · · Score: 5, Informative

    TrueCrypt allows hidden volumes, indistinguishable from one volume. The file size is constant.

    TrueCrypt works very, very well. I use it with just one volume to protect passwords and other files.

    When you don't want to encrypt a volume, but just a file, Gnu Privacy Guard is best.

    1. Re:TrueCrypt is the best for Windows and Linux. by StarkRG · · Score: 5, Informative

      The only problem is explaining that if (ok, when) they lose the password, you won't be able to crack it. Ever. Not really. It's quite easy: "That's the whole point!"

      And besides, not entirely true:

      Q: We use TrueCrypt in a corporate environment. Is there a way for an administrator to reset a password when a user forgets it?

      A: There is no "back door" implemented in TrueCrypt. However, there is a way to "reset" a TrueCrypt volume password/keyfile. After you create a volume, backup its header (select Tools -> Backup Volume Header) before you allow a non-admin user to use the volume. Note that the volume header (which is encrypted with a header key derived from a password/keyfile) contains the master key with which the volume is encrypted. Then ask the user to choose a password, and set it for him/her (Volumes -> Change Volume Password); or generate a user keyfile for him/her. Then you can allow the user to use the volume and to change the password/keyfiles without your assistance/permission. In case he/she forgets his/her password or loses his/her keyfile, you can "reset" the volume password/keyfiles to your original admin password/keyfiles by restoring the volume header (Tools -> Restore Volume Header). I actually had someone ask me for something like this at work. Now I have something to tell them. (And something to suggest to our security department, we're currently using various encryptions for the various OSs we support, ugly).
  6. Re:What if she doesn't actually know? by hedwards · · Score: 3, Informative

    I believe that depends whether or not they have a court order for it. In the US the 5th amendment only applies to interrogation and testimony. Basically self incrimination, but there is no protection against lawfully granted warrants. A refusal to hand over evidence when presented with an appropriate order or the destruction of evidence in anticipation of a lawful order is obstruction of justice.

    I would assume that the British have a similar set up at this point. Otherwise, criminals would just say no, I'm not going to allow you to use your valid search warrant to gain entry and so that they could find that massive stash of child porn and Vicodin that I keep around for special occasions.

    But, IANAL so I may be a bit off on this.

  7. Re:Go To Prison Act by Cederic · · Score: 5, Informative


    Several animal rights groups in the UK are officially designated terrorist organisations, because frankly they engage in acts of terror.

  8. Re:What if she doesn't actually know? by aproposofwhat · · Score: 3, Informative
    In the UK, this particular bunch of 'animal rights' activists have been implicated in activities that fit the definition of terrorism - car bombings, arson attacks, physical attacks against Huntingdon Life Sciences personnel, the digging up and removal of the body of the mother of a guinea pig breeder, letter bomb campaigns, etc. etc.

    While I strongly disagree with this law (and would refuse point blank to hand over my passwords), the group that this woman belongs to has passed far beyond the bounds of legitimate protest, and needs to be investigated and disrupted by all legal means.

    Access to financial data, call records etc. is already a key tool in criminal investigations, and is covered by RIPA in it's less draconian sections.

    So long as the provisions of RIPA are adhered to, I see nothing wrong in police officers using such powers proportionately (i.e. only in cases where the seriousness of the offence merits such intrusion into my privacy) - most policemen that I have come across are professional, intelligent men and women who do a good job trying to keep the peace.

    --
    One swallow does not a fellatrix make
  9. Linux? You need a hardware write blocker, period. by tamnir · · Score: 4, Informative

    Linux-based imaging is good only if you are interested in recovery. On the legal side of things, it will not do:

    - Please explain to the court how you made a copy of this piece of evidence...
    - I connected the drive to our forensic machine and...
    - You mean, you connected this hard disk... to your machine?
    - Yes of course, then I...
    - Did you use a hardware write block?
    - Er... I used Linux and mounted the...
    - Please, just answer the question. Did you or did you not use a hardware write blocker device to connect the disk to your machine?
    - I did not, but...
    - Thank you, no further question. I now call for the evidence to be declared tainted and inadmissible in court, since the forensic team failed to use the proper hardware to ensure that no changes would be made to the disk.

    There is a whole range of forensic-specific hardware available: write blockers, hardware disk imagers... Use them, or loose your case.

    --
    I code, therefore I am.
  10. Re:As a Brit... by hairykrishna · · Score: 4, Informative

    I have to disagree with one of your points. Some of the most prolific terrorist groups are animal rights activists - they participate in letter bombing campaigns, arson and direct indimitation/attack of life science workers.

    --
    "Physics is to math as sex is to masturbation." -R. Feynman