Internet Firms To Be Banned From Offering Unbreakable Encryption Under New UK Laws

Retron writes: Despite statements from the minister for internet safety and security Baroness Shields last week that the UK government would not require software developers to build backdoors into their products, the Telegraph is reporting that the UK Government is going to ban companies from offering 'unbreakable' encryption, effectively requiring a backdoor in products from the likes of Google and Apple. The reasons given are that they don't want the likes of terrorists and paedophiles to communicate in places the Police can't reach. A Home Office spokesman said: “The Government is clear we need to find a way to work with industry as technology develops to ensure that, with clear oversight and a robust legal framework, the police and intelligence agencies can access the content of communications of terrorists and criminals in order to resolve police investigations and prevent criminal acts."

Sigh

[MPBoulton]

Is this the sort of thing that the EU could override?

Re:Sigh

It's the sort of thing that both the commons and the lords could override because contrary to the sensationalist Slashdot headline it's not actually a law, it's a proposed law, and that means it has to both be debated and pass in both houses. That wont happen because the Lords are out for blood right now and the Conservatives don't have a majority there.

I'm actually willing to bet money that this clause will never make it into the final bill that is signed into law and as much as Slashdot babies will piss, cry and moan "ORWELL CCTV OMG FASCIST UK" they'll be missing the actual point - that's exactly what the likes of Theresa May want. Propose something really bad that will never pass, and watch the less bad (but still not wanted) stuff slide through under the radar because all the civil liberties activists and people like Slashtards were too focussed on the thing that was never going to make it through anyway whilst the MPs play the heroes for "compromising" in giving way to us on something they were always going to have give way to us on anyway.

Luckily May has the likes of The Torygraph making it easier for her by stirring up the fears because if it's in a newspaper then it must be true that this will become law right?

Re:Sigh

[Zocalo]

While you are right on the voting demographic and media bias/propaganda, I think there's possibly a major wrinkle in the debate coming that's going to seriously upset the applecart for the exit campaign. The Scottish are collectively much more pro-EU than the south of England, and the Scottish National Party are in the process of putting together a set of criteria that will trigger another referendum on their own independence from England. I'm fully expecting to see "UK voting to leave the EU" being right at the top of that list of criteria when it's announced, and if there's one thing that is likely to upset the anti-EU crowd more than remaining in the EU it's the very likely prospect of Scotland leaving the UK shortly afterward if they win.

What, you thought the US had the monopoly on turning politics into a car crash TV event?

Re: Sigh

[John+Allsup]

People often overlook the issue of verification. If you take a small structured dictionary which takes in, say, 128 bits, and outputs a nonsense poem using the words of the dictionary and some simple rules, you have a reversible procedure for turning 128 bit hashes into literary nonsense. Reverse the procedure and apply a simple procedure to the original 128 bit hash to see if it contains a message. The simple procedure may include things about the sender. The trouble for crackers here, is that there are many such procedures. A simple software example is to append 'Borg' to a message, hash it with shasum, and see if the first two hex digits are f7, say, else discard. Then using evolutionary programs to find a short procedure which generates indices recursively for words in a video file [ with feedback, so the second index requires having the correct video file on hand ]. Guessing a random 128bit passkey is bad enough, but guessing a random procedure is far worse. Having everybody just [ just! ] using aes128 will seem like paradise compared to the output of the computational arms race the UK government is inadvertently about to kick off.

I have fond memories of the old msdos program insults.exe. it has not escaped my attention that one can take a 128 bit number [ possibly the output of a sugared hash ] and use bits from it as indices into tables to generate phrases. There is much fun to be had, and so many variations. The paper from wayback about chaffing and winnowing will perhaps have more attention payed to it.

Re:Sigh

[AmiMoJo]

It might contravene EU rules on free trade. For example, I use a Swedish VPN service to prevent my internet browsing history and other activity records (metadata) being recorded by my ISP. If this law is to be effective, it would have to make using such services illegal. Otherwise there is little that they can do to force a foreign company to company with UK law.

Maybe there is an issue with trying to ban foreign services for not complying with UK law. For example, they can't ban foreign services because they don't comply with the UK Data Protection Act, as EU free trade is based on the idea that all member states have broadly equivalent protections for such things. As long as the VPN service provider complies with local data retention laws (of which there are none, they only apply to ISPs) I don't think they can legally ban them.

Re: Sigh

[John+Allsup]

Put another way, one limiting factor is the availability of a computational means to verify a correct guess. If the false positive rate is too high, as happens with a OTP, you have problems. Then using encoding schemes rather than just encoding textual data is not hard. If, for example, you only need 2000 different words for your messages, you could start with a basic forth and work thus:

( assume 'append' appends to a word list, and 'say' outputs and clears the word list )
: wHelp S" help" ;
: wThe S" the" ;
: wHomeless S" homeless" ;
: mHelpThe wHelp wThe ;
: mA mHelpThe wHomeless ;
: s1 mA say ;

Now we can map these definitions to 16 bit tokens, padding with random definitions, and store random definitions where the words go to get a non funtioning decode vector. Then to decode, we need a list of words and locations to insert them. One vector of 64k forth words could be used in many ways depending on which words are overwritten and what is put there. The 64k vector need not even contain the api, since we need only overwrite say v[435] with 'say', v[2789] with 'append', put 'S" help"' etc. in the right place and know that v[6789] is a correct code for mA. The secret code is in the modifications necessary, and without both pieces you have nothing. Just the vector and you have a random assortment of words defined in terms of other words.

The issue for GCHQ is not unbreakability, but that the above could be implemented in a few lines of Perl or PHP, and if it becomes widespread by some social media like a computational Twitter on acid, the effort required to search would be prohibitive given the potential for false positives and that most messages are for fun.

The Indiana Pi Law did not get passed, but many equivalently stupid laws have, and this will be yet another. You cannot pass a law requiring that maths magically become easy. Trying to causes collateral damage for no gain. But I guess politicians live in a different universe.

Re: Sigh

I have thought about this many times over the years. Evolutionary strategies could lead to some really obscure and bizarre cryptography schemes. Especially if you use real cryptographic algorithms at each layer. Even if not, this is utterly ridiculous. Your example of a poem highlights the greatest injustice of banning encryption - poems can mask layers of meaning even from the author, sometimes for years. It's time to end this whole charade IMHO.

Re:Sigh

[Yoda222]

As you send more and more messages with the same pad, or if the pads follow any kind of predictable pattern, or god forbid, one of your pads is discovered through other means, the encryption is severely weakened.

Basically you are saying that you can break one-time pad if the system used is not one-time pad.

Re:Bye-bye, UK

[RockDoctor]

Does that mean. if you're a foreigner, you cannot bring your phone or laptop with you whenever you travel to UK?

Regardless of whether you're a foreigner or a Briton, the (encrypted) device in question would be contraband if you attempted to import it into the UK. This is exactly the same as if you were to buy something legal in the country you buy it in (a lock-knife; a gun; or an encrypted telephone) and attempt to import it into the UK, then you are committing an offence. As such you'd be liable to arrest and or deportation (at your own cost).

It doesn't matter if you're a Briton, or a foreigner, and whether or not the device belongs to you, your boss, or a "friend", if it is in your possession [*], and it is contraband [**], then it is your responsibility.

Notes : [*] this includes shipping agents for people like DHL I was working with one such last month. this is why they can seem like picky fuckers about the paperwork for shipping something.

[**] The Police, Border Force, and ultimately the courts will determine if something is contraband. It is your responsibility as an importer (personal, or through working for DHL or whoever) to find out what currently is or isn't contraband and to abide by that. (For example (see above) in many mainland Europe countries it is legal to possess a bladed tool or weapon with a folding blade which is held in the open position by a catch - a "lock knife" - which in Britain it is not legal to own or carry. If you don't know this, then you have a problem if you bring one in, either in your baggage or a pocket. Even if you come in by boat or train, or private plane and don't go through the normal security theatre.)

The law is written to be simple to enforce, not simple to comply with or to defend yourself against.

I smell a false flag

Call me a paranoid if you want, but this 'new law banning unbreakable crypto thing smells rotten

1. The very mention of unbreakable crypto might give people some false sense of security to think that they still have something that can stop NSA / GCHQ from prying into their files

2. The very word 'unbreakable' is misleading - as nothing, absolutely nothing - is unbreakable, in the tech scene

3. The entire thing could be an attempt by some one high up (even higher than the politicians) to instill the impression that the Western governments (including their respective spy agencies) are weak, useless and clueless - which we already know, is not the case

Re:I smell a false flag

[mark-t]

An encryption is considered unbreakable if it requires a copy of the original key to decode into the original message, and there is absolutely no way to ever tell whether any key you might try to use to decrypt it actually gives you the original message unless you knew in advance what the original message was.

Interesting philosophical dilemma

[swillden]

I work for Google. I build strong encryption in Android. The possibility of laws mandating back doors creates an interesting dilemma for me. Supposing such a law were to exist, and were effectively enforced so there's no possibility of sneaking in a non-backdoored system, what would I do?

I see three options.

1. I could run away from the problem, changing jobs to let someone else deal with it.
2. I could accede, trying to build the tightest, narrowest, best-controlled backdoor possible, doing my best to ensure that only authorized government agencies could use it.
3. I could refuse to build strong security systems at all, making it clear to everyone that their data is unprotected.

What's the right thing to do? #1 is out, unless I have some reason to believe that someone else could make better decisions. #3 has some nose-thumbing appeal, but it means that everyone's data is accessible not only to government agencies, but to thieves, family members, spouses, etc. Also, this may be equivalent to #1, in that I'll be shuffled to another job and replaced by someone willing to build back doors.

So, frankly, it's actually not much of a dilemma at all. I would do #2 (choice of number was not accidental). Well, and I'd probably also contribute to open source, possibly underground strong crypto implementations in my free time, because I strongly believe that the ability of people to keep secrets is critical to individual freedom and to societal progress. But such systems would only be used by a handful, seriously reducing their value.

It's really, really important that we fight this sort of thing in the public, though. I've never been asked to build in back doors, and I never want to be.

Oh, and by the way: Those of you out there who complain that you don't want full device encryption because it's slow? The slowness may be annoying, but it's well worth it. Not so much to you, now, but to everyone, in the future. Have a little patience with it. It will get faster over time as hardware gets faster and perhaps dedicated encryption hardware is added, but if we don't get it in now, setting the precedent that it's normal to encrypt everything, all the time, with the strongest crypto we can find and no back doors, there's a much greater risk that we may not be allowed to do it later.