CNET: Feds Put Heat On Web Firms For Master Encryption Keys

First time accepted submitter fsagx writes "The U.S. government has attempted to obtain the master encryption keys that Internet companies use to shield millions of users' private Web communications from eavesdropping. These demands for master encryption keys, which have not been disclosed previously, represent a technological escalation in the clandestine methods that the FBI and the National Security Agency employ when conducting electronic surveillance against Internet users."

Dupe

[rsmith-mac]

I know this is an important issue, but didn't we just do this exact same article yesterday?

http://it.slashdot.org/story/13/07/24/1812227/anonymous-source-claims-feds-demand-private-ssl-keys-from-web-services

Re:Dupe

[TWiTfan]

Maybe we're in a loop like in that movie "Groundhog Day," where every day we wake up and learn the NSA are dicks all over again!

Re:Dupe

[gstoddart]

I think this is being treated as coming from a more reputable source since it's CNET (form your own opinion).

But this shit, is stuff that matters.

They're trying very hard to implement the full-scale Big Brother crap. I don't see this being anything but some very scary shit. There isn't much room for freedom and anonymity when your government can watch everything you do.

Declined to Respond

[nanospook]

From TFA.. "Apple, Yahoo, AOL, Verizon, AT&T, Opera Software's Fastmail.fm, Time Warner Cable, and Comcast declined to respond to queries about whether they would divulge encryption keys to government agencies." Now you know who is coughing up to the NSA..

Re:Declined to Respond

[mmcxii]

Don't think that they're the only ones. Given the current climate I think it is reasonable to assume that you're being monitored regardless of your method of communication.

Unencrypt this

Fuck the NSA.

Re:Unencrypt this

[slashmydots]

You forgot to encrypt it. Okay, it's:
lsdfoj240934ojfwnl;sdaglnkvasd08fvq2ut82js-9dvu8-9WJ34T'PWUD[-G9JWP4YUJ23049JT
And the decryption key is "fuck the NSA" lol.

An interesting quote FTA

[Bearhouse]

"The government's view is that anything we can think of, we can compel you to do."

Seems pretty spot-on. Unless people challenge these illegal activities, they'll just keep on and on.
After all, they have pretty-much unlimited resources compared to most private entities, and no real pressure to justify their usage.
Your tax dollars at work.

Most likely to hide PRISM

If they can get the keys, then they don't need to use PRISM, they can grab the data upstream.

It lets them hide the PRISM surveillance, Google/Yahoo/Facebook/DropBox etc. no longer gets to see the volume of requests, it is hidden. US companies can claim, with some degree of truthiness, that they no longer deliver data to PRISM requests, as if the program has been ended, because they no longer see the requests or get to challenge them. In fact surveillance had been expanded to all https traffic.

They gain 'plausible deniability', and NSA gains 100% surveillance of their https traffic and the ability to man-in-the-middle at will, by simply using their connection upstream. NSA also removes the problem of companies challenging the intercepts.

The fix is to avoid US based services, either their servers are compromised by the NSA, or their keys.

More difficult is if NSA has signing rights from the US certificate authorities. Most of these are built into your browser. I tried deleting them from Firefox but it was not possible. With those compromised NSA can sign *foreign* traffic and man-in-the-middle intercept it even though both ends of the conversation are outside NSA control.

The fix there is to avoid traffic being routed across NSA controlled territories (USA/Canada/UK/NZ/AUS). So if it crosses the UK they record everything and the private keys will let them record all https traffic too. A lot of backbone crosses the US, and a lot of European traffic crosses the UK, so France to Germany might cross the UK, and Germany to Japan might cross the US.

Re:In related news: Domestic spying got the OK

[Archangel+Michael]

"We" collectively have elected these Idiots. However, "I" have not voted for a winner in at least 30 + years. So .... don't blame me. Blame the "vast majority" of people who think we only have two parties. Republicrats and Demicans. Or as I call it, Men who look like pigs and pigs who look like men (see Animal Farm)

Please Also Note

Every telecommunication company that operates within the United States is required by law to provide law enforcement access to communication streams on demand. It's called CALEA and all telecommunications companies are required by law to follow it.

CALEA also requires that encrypted communications be decrypted. This includes services like Skype(specifically). CALEA requires that Microsoft provide law enforcement access to the UNENCRYPTED streams of Skype communications, on demand. This is not new and, in light of the House vote yesterday, is not likely to change.

Re:Please Also Note

[WaffleMonster]

Every telecommunication company that operates within the United States is required by law to provide law enforcement access to communication streams on demand. It's called CALEA and all telecommunications companies are required by law to follow it.

CALEA applies to ISPs not content. Content was explicitly EXCLUDED from CALEA using the "information services" language.

CALEA also requires that encrypted communications be decrypted. This includes

It does no such thing. It requires ISP to hand over encryption keys it possesses to decrypt but there is no obligation if the ISP does not possess the key. Further CALEA applies to Access not Content. The FBI and others have been pushing to change that but such legislation is currently dead.

services like Skype(specifically). CALEA requires that Microsoft provide law enforcement access to the UNENCRYPTED streams of Skype communications, on demand.

Skype != website. A web site operator is providing an "information service" which is exempt from CALEA.

This is not new and, in light of the House vote yesterday, is not likely to change.

Except what the NSA is doing is blatently illegal even under the goddamn patriot act and government is currently being sued for it.

Collecting everyones information everywhere cannot possibly be relevant to an "authorized investigation". That would be like the police having reson to search everyones home without cause simply because based on only on global crime statistics statistically there is some probability the owner may in possession of illegal or stolen goods.

Re:Please Also Note

[Sloppy]

CALEA also requires that encrypted communications be decrypted.

True, within limited context. CALEA requires that the communication providers and equipment decrypt. If you can communicate with general-purpose equipment and networks (e.g. PCs and the Internet) where your software handles things, there currently isn't any law in the US which require it be decrypted. That is why the government wants a "CALEA II," to make it illegal for people to write or use secure software, such as ssh or gpg.

The reason Skype isn't legally allowed to be secure, is that Skype software completely relies on the Skype service, and the dedicated service both falls under CALEA and and has a single point of pressure (currently: Microsoft). If the service were something generic (e.g. use any XMPP server) and replaceable, and if the client software handled the security, then CALEA wouldn't apply. Beyond CALEA itself, governments and other powerful entities can use force against software makers, so just make sure: 1) your software is not single-source; effectively this means it needs to be Free Software 2) it uses generic networks, and the software secures things at the endpoints rather than relying on the service to magically apply security (which is hilarious when you think about it).

Skype's security problems reminds me a lot of some basic strategies for computer freedom in general. While Free Software and standardized services are usually preferred because they're most likely to not work against the user' interests (and if they do, it's almost never deliberate), there actually do exist situations where a proprietary service or application may be fairly safe. The trick is to never, ever use a proprietary application with a proprietary service, combined. As long as one or the other can be replaced, you have a means of keeping the overall system "honest" and responsible to the user.

So while, for example, the iTunes application may be a rather shittier-than-average media player, it's actually fairly safe to use it as a player. Just don't use it with the iTunes store or you're risking getting into a single-source trap. Or if the iTunes store were to opens its protocols so that other applications could transact with it, it would be just fine -- just don't use the iTunes application with it. Similarly, nearly all websites are effectively proprietary (e.g. they're not running GPL3 code) but that's totally not a problem, because your Firefox or Chromium or Konqueror lack special code to screw you over, by for example, locking you into any of these websites (or, say, by leaking session keys to third parties).

The problem with Skype is that you can't use it without the Skype network. And you can't use the network without their app. Together, it adds up to an application and network which are nearly useless, because you'll never be able to trust them. CALEA is almost the very embodiment of the general problem, written into law (!) and limited to the domain of communications. You can see echos (but they're not quite as clear) of the same user-screwing idea written into other laws applying to other domains. e.g. DMCA, which is used to tie proprietary content to proprietary players, keeping users from being able to legally do things the right way (i.e. retain the capacity to "fire" their player or provider).

Self signed certs

[sl4shd0rk]

Seem like the better option now. At least you know what the CA has done with the master key.

Re:Self signed certs

[1s44c]

The whole SSL CA setup was broken from the start. The trusted people at the top never were even remotely trustworthy.

Self signed certs are a pain, what we need is something peer2peer based.

Re:Self signed certs

[PPH]

And for all those people using it ... when I want your data ... I'l just start beating the ever living fuck out of you with a pipe wrench rather than trying to decrypt it. I promise you that you'll turn your keys over fairly quickly.

But that interferes with the NSA's desire to conduct covert surveillance. When I've been beaten for my keys, I'll know something's up.

The NSA isn't interested in catching terrorists or criminals. In this case, obtain a warrant (or beat them for their keys) while you hold them on suspicion. Decrypt the stored message traffic and you've got your evidence. When you are conducting ongoing political or economic espionage, you need your target to continue business as usual after breaking their secure communications.

Re:Self signed certs

[IamTheRealMike]

Common misconception - certificate authorities do not have private keys. Your private key never leaves your own computers. That's why the NSA would have to force companies to cough them up (or steal them).

Also, for normal SSL having the private key lets you passively eavesdrop and decrypt. For souped up SSL with forward secrecy it doesn't, it only lets you MITM the connections, which results in the server and client having a different view of things - that's detectable, whereas a leaked SSL key isn't.

Forward secret SSL is new, and not that easy to do. At the end of 2011 Google employees did the necessary upgrades to OpenSSL, but most other sites haven't deployed it (yet). Enabling forward secret SSL is the best and easiest step forward to beat the NSA/GCHQ right now, because if they HAVE obtained your private key, it forces them to start actively intercepting connections which is expensive and detectable.

Clipper and TIA, echoes of the past

[bsandersen]

It seems bad ideas never die; they just get recycled. The US Government fighting encryption in the 1990's offered "key escrow" (where the Government had a backdoor into the encryption "just in case") as a way to allow citizens and business to protect their data and secure their privacy while allowing law enforcement a chance to use these transactions should it become necessary. It was wildly unpopular and eventually the idea was shelved. Now the government just comes and demands your keys.

Total Information Awareness, championed by Admiral John Poindexter, former United States National Security Advisor to President Ronald Reagan, a one time felon over Iran-Contra (overturned on appeal), wanted to do much of what the NSA is doing today. When the details of TIA became public there was an outrage and the plans for it had to be scrapped. Or were they?

The point is this: the public (voters) say "no" to these things... and they just sneak around our backs and do it anyway. Saying "no" once is not sufficient. If, as a citizen, voter, and patriot you believe that these ideas are bad you need to say "no" repeatedly, early, and often. Once whole bureaucracies are constructed to serve a bad aim it is difficult, and perhaps impossible, to stop them.

As U.S. Supreme Court Justice Louis Brandeis once said, "Sunlight is the best disinfectant." With all due respect to Justice Brandeis, if some of these bad ideas do survive, though, it might be more because of public exhaustion than of public acceptance. Or, more simply, perhaps once a secret bureaucracy gets big enough in the darkness there is no way to kill it once it comes into the light. Even sunlight has its limits.

Forward Secrecy

[Agent+ME]

The good news is that if the web servers use forward secrecy in the SSL encryption ( https://community.qualys.com/blogs/securitylabs/2013/06/25/ssl-labs-deploying-forward-secrecy ), then an attacker who has the private key is not able to decrypt a connection he has passively eavesdropped on. An active man-in-the-middle attack is required in order to listen in on the connection.

What I wish, and what is reality.

[Lumpy]

What I wish....
FED, "Give us your encryption keys"
CORP: "EAD, DIAF!"

Reality....
FED: "Give us your encryption keys"
CORP: "Why?"
FED: "To fight terrorisim, you are not harboring terrorists are you?"
CORP:" Here's the keys, would you also like the keys to the bathrooms and the filing cabinets?"

Master key == FAIL

[mbone]

If you are relying on a service with a master key for security, you have no security. This is true regardless of whether the government has access to those keys.

those poor bastards

[Thud457]

you've managed to make me feel sorry for the poor saps that have to spy all day on us

Re:those poor bastards

[GameboyRMH]

Hey there could be terrorists in there communicating using a code composed entirely of slurs and death threats. It would actually make more sense that way...

Re:Best available advice?

[Thud457]

Talk to a lawyer

great, now he has two problems.

Two parties my ass.

[ulatekh]

Our two party system only works were the two parties are not the same.

I've said it before, and I'll say it again...the left-leaning half of the Ruling Party is no more, or less, virtuous than the right-leaning half of the Ruling Party.
The only real difference between them is how they want to kill us. The left want to smother us in a stifling nanny-state bureaucracy that'll collapse under its own weight, and the right want to abandon us to fend for ourselves. The latter is more sustainable, but either way we die a miserable death.

Re:Two parties my ass.

[causality]

Wow. It must be nice to live your black and white world. Mine is so many confusing shades of gray that I find that I am just unable to put suitable labels on most people and things.

The point was that the world is a great many shades of grey, and is therefore not suitably represented by our black-and-white two-party system.

Reading comprehension is gravely on the decline. It's been replaced by an insatiable need to be right at someone else's expense, even if you have to put words in their mouths to do it.

Spoofing the major issue?

[Captain_Chaos]

All the commentary I'm reading about this just talks about using it to decrypt captured traffic. One aspect I've not seen anyone address yet is this: wouldn't this allow them to spoof the services in question, and just capture any data they want directly? If you have someone's server certificate (which the server will give you freely), and the corresponding private key, you can set up a server which looks exactly like the real, say, gmail.com, legit certificate signed by a trusted CA and all, and capture unencrypted data to your heart's content.

Maybe that's what the government wants those private keys for? It would completely sidestep the issue of forward secrecy. To me that's even more scary than the possibility that they may be capturing encrypted traffic and using these keys to decrypt it...