Slashdot Mirror

← Back to Stories (view on slashdot.org)

UK Gov Says New Home Sec Will Have Powers To Ban End-to-end Encryption (theregister.co.uk)

Posted by msmash on from the embrace-the-future dept.

An anonymous reader writes: During a committee stage debate in the UK's House of Lords yesterday, the government revealed that the Investigatory Powers Bill will provide any Secretary of State with the ability to force communication service providers (CSPs) to remove or disable end-to-end encryption. Earl Howe, a Minister of State for Defence and the British government's Deputy Leader in the House of Lords, gave the first explicit admission that the new legislation would provide the government with the ability to force CSPs to "develop and maintain a technical capability to remove encryption that has been applied to communications or data".

This power, if applied, would be imposed upon domestic CSPs by the new Home Secretary, Amber Rudd, who was formerly the secretary of state for Energy and Climate Change. Rudd is now only the fifth woman to hold one of the great offices of state in the UK. As she was only appointed on Wednesday evening, she has yet to offer her thoughts on the matter.

27 of 282 comments (clear)

  1. 1984 by Anonymous Coward · · Score: 5, Insightful

    Just checked the calendar. It is 1984.

    1. Re:1984 by sTERNKERN · · Score: 3, Insightful

      Wish I had mod points... First I thought of a +1 Funny but on second thought it should be +1 Informative.

    2. Re:1984 by fustakrakich · · Score: 5, Funny

      Just checked the bathroom mirror. No it ain't!

      --
      “He’s not deformed, he’s just drunk!”
  2. no end-to-end no streaming media by Anonymous Coward · · Score: 5, Insightful

    So how will things like netflix work without end to end encryption?
    Does this mean the end of https and secure transactions?

    Looks like, as usual, the politicians do not understand the technology.

    1. Re:no end-to-end no streaming media by gweihir · · Score: 3, Funny

      It would also mean the end of DRM, so the US will probably have to nuke Britain.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    2. Re:no end-to-end no streaming media by Anonymous Coward · · Score: 5, Informative

      Internet security is not an illusion, but if the threat you care about is powerful enough, the CA system is just about the worst possible way to establish a basis of trust. Any CA can sign certs for any domain. If you have a powerful adversary that can co-opt a CA, you have a completely false sense of security. It's really easy to get users to trust rogue certs signed by real CAs, because it happens automatically with no user input!

      Even worse, a less powerful adversary, like a browser maker or computer maker can undermine your system by installing trusted fraudulent root CA certs which should not be trusted to man-in-the-middle your TLS connections. Opera, Lenovo and Dell have all done this to name a few.

      I work at a university, and to connect to the wireless, you need to "trust" a self-signed certificate. In some operating systems, you have to specifically follow some installation instructions for installing a cert manually, but on Windows and OS X, I think you just click "trust this certificate" and it pins the cert. I work in computer security (but in research, not IT). I have to explain this decision to many people who say it's insecure. Actually, it's more secure, because it forces even dumb users to pin a certificate that doesn't chain up to an public CA. Once you install the self-signed cert, it will warn you if it changes (I actually, don't know what the OS would say). This converts the certificate from the CA model to a trust-on-first-use (TOFU) model. Clearly the Uni's IT are no dummies.

      TL;DR: I learned how terrible the CA system actually is in undergrad over 15 years ago. Only recently, however, has it become clear that powerful adversaries are seeming exploiting this weakness. I have no idea why there isn't more interest to actually change it, rather than just a lot of talk.

    3. Re:no end-to-end no streaming media by skids · · Score: 4, Informative

      YMMV. It depends on the application and the implementation.

      Modern Apple and Microsoft dot1x supplicants do pin on first use, but the only consequence of that is if someone spoofs a cert, the user gets a popup, and how they react to that depends on their training.

      Android dot1x supplicants won't, and won't even allow you to pin a particular CA to limit exposure when using a public CA, nor even check the DN, so you are vulnerable to any old stolen key/certificate pair signed by a CA in the base OS trusted list.

      If you set it up by hand, wpa-supplicant for Linux has the ability to pin either a particular cert or a CA/DN. Various GUI config tools may or may not support setting these options.

      For IPSEC VPN, Windows supplicants cannot pin a CA/DN unless you use EAP-PEAP-MSCHAPv2 either for L2TP/IKEv1 or as the auth protocol in IKEv2, and it must be pinned manually or through a setup/install script. If you use EAP-MSCHAPv2/IKEv2 there is a check that DNS matches the DN, but that's not much extra security if your OS store includes a compromised CA, and Windows also cannot support DH groups higher than modp2048 in a RAS dialer, only in the decidedly user-unfriendly firewall policy feature set. Some 3rd-party VPN clients improve things slightly but often still play it loose with the store/validation. If installed through a mobileconfig, OSX and IOS do support locking things down, I think... that's next on my list of things to kick the tires on. Strongswan on linux pretty much kicks ass, once you've patched it up past the oopsie they had with the EAP state machine, but again, not an end-user-friendly animal so you are at the mercy of GUI tools to not be setting things up wrong.

      The whole crypto landscape is a bit of a mess on the client side... the above doesn't really scratch the surface.

      --
      Someone had to do it.
  3. Idioits by ITRambo · · Score: 5, Informative

    Again, idiots in government finds new ways to turn law abiding citizens into criminals, or even terrorists.

  4. My illusions have been shattered by wcrowe · · Score: 5, Funny

    This is so disappointing for an American. We Americans have always been a little insecure about our accents, our education level, etc, and we look at the British, with their smart-sounding accents, and their large vocabularies, and we just intrinsically KNOW that they are smarter than us. And then something like this happens that shatters our illusions, and tells us that British people can be just as dumb as anyone else.

    --
    Proverbs 21:19
    1. Re:My illusions have been shattered by 110010001000 · · Score: 4, Informative

      Any American who has actually been to the UK (or outside of the US) isn't surprised at all. Travel is good. It teaches you there are morons everywhere.

    2. Re:My illusions have been shattered by 110010001000 · · Score: 5, Insightful

      Stop blaming racism for every decision that voters make you don't like. Idiots.

  5. That's not how end-to-end encryption works by Software · · Score: 4, Interesting

    Are they going to force Google, Microsoft, and Mozilla to add in British-government-controlled certificate authorities to their browsers distributed in the UK? Or force hardware vendors to provide access to decrypted data on end-users' machines? I don't think they've thought through how little control over the process CSPs have.

    I'm also wondering - does the financial sector get a pass from these directives? If not, good luck keeping London as the de-facto headquarters for the financial sector in Europe. If so, I wonder how they plan to restrict encryption to only the financial center?

    1. Re:That's not how end-to-end encryption works by I4ko · · Score: 3, Informative

      Eurasia and Oceania now have the same legislation like so

    2. Re:That's not how end-to-end encryption works by bhetrick · · Score: 3, Informative

      No. Read up on how the Great Firewall of China works. If the client requests a secure connection, and doesn't accept a certificate signed by the State MITM Attacker (claiming to be the connection target, if necessary generated on the fly) the connection goes no further. It's actually quite simple.

      It can be worked around by letting the State MITM the connection with a proxy, then using real security for the connection through the proxy. Don't get discovered, though: doing this is terrorism. And proxies as they are discovered turn into honeypots leading to more terrorists. Your continued freedom depends on the operational security of everyone using the proxy, and on luck besides.

  6. Not possible by SmilingBoy · · Score: 5, Insightful

    If someone like an ISP can remove an encryption, it is not end-to-end encryption in the first place.

    1. Re:Not possible by bluefoxlucid · · Score: 3, Insightful

      TLS has unique challenges in this regard.

      In theory, a hostile Government can pressure the CA to provide a signature for a MITM certificate, although this is transparent (it's easily discovered if that certificate is ever revoked, and identifiable if the old certificate is known).

      A hostile Government can pressure the end provider (e.g. Google) to submit their Private key, thus breaking TLS: the Client asks the Server for its Certificate, then uses that Certificate to dictate a session key (and client certificate) to the Server. A passive eavesdropper with the server's Private Key can decrypt this exchange.

      The best I can come up with is the Client sends the Server a random public key, and the Server sends the Client a session key; then the hostile Government must use a MITM to break it. A passive eavesdropper can be stopped, but an active MITM can't.

      Your endpoints have to be non-hostile for end-to-end encryption to work. If they're infiltrated, it doesn't work.

      --
      Support my political activism on Patreon.
    2. Re:Not possible by bluefoxlucid · · Score: 3, Informative

      If you have the private key, you can listen in on encryption. If you do some monkey business in the protocol, you can make a passive eaves drop impossible even in this situation; in which case, if you have the private key, you can insert yourself in the network path and mediate the conversation, thus accessing the plaintext while posing as the end server in a way the client is 100% incapable of identifying and unable to mitigate.

      Having one end hand over the keys does, in fact, completely remove end-to-end encryption for that eavesdropper.

      --
      Support my political activism on Patreon.
  7. Re:Welp... by Jawnn · · Score: 3, Funny

    ... so much for anybody ever using a British ISP for anything. Aren't "conservatives" supposed to support corporate interests, instead of killing businesses outright?

    Yes, but they're also supposed to be almost completely clueless when it comes to "all that computer stuff", so a little "mixed messaging" is to be expected.

  8. Mindlessly unenforceable by RandCraw · · Score: 3, Insightful

    This law would require dispensations for credit cards, banks, point of sale software, (the government itself), and many more infrastructural e-orgs that cannot function without encryption.

    It would also require makers of cell phones that encrypt, Facebook (soon), and increasinly many e-firms to recognize any device/account as being ENGLISH so that it can selectively stomp all over those peoples' freedoms.

    It will also generate an *ungodfy* large amount of data that will swamp the GCHQ's resources and waste their time sifting through zottabytes of drivel, since BAD GUYS DON"T CHAT ON THE PHONE.

    This policy is so halfass and dumbass that it'll be impossible to enforce.

  9. The power to ban mathematics? by mark-t · · Score: 4, Insightful

    Because truthfully, that us what they are proposing. The banning of any mathematics where the formulas involved are both unknown and cannot trivially be reverse engineered.

    --
    File under 'M' for 'Manic ranting'
  10. No changes wrt. RIPA 2000 by doru · · Score: 5, Informative

    The government also says (on page 39) that the new law provides nothing more than what is already present in the Regulation of Investigatory Powers Act (2000). It specifically refers to "the ability to remove any encryption applied by the CSP to whom the notice relates" (my emphasis), and not to end-to-end encryption.

  11. How about a plug-in architecture by presidenteloco · · Score: 3, Interesting

    Browser makers should just allow encryption plug-ins/extensions (just like they allow other extensions).
    That way the browser maker is not responsible for the encryption and has no backdoor to it.

    --

    Where are we going and why are we in a handbasket?
  12. Re:Good luck with that? by Grishnakh · · Score: 3, Insightful

    What exactly do they think an ISP is going to be able to do if the data is already encrypted when it hits their network?

    Simple: they legislate that the ISP has to decrypt it.

    It's not much different than the US state government which legislated the Pi equals 3.

  13. Re:This won't wash by geek · · Score: 3, Informative

    Let's say I am an ISP and I have a data stream coming through my system. How do I know if the data is encrypted or not? Data is data. Neither IP nor UDP packets have an 'encrypted data' indicator.

    How would we differentiate between an encrypted data stream and a video stream in a new movie format? What's the difference between decrypting vs displaying a movie? Both processes are a conversion operation being performed on a data stream.

    Simple. Packet capture and look for the key exchange. I do this daily.

  14. Re:UK and CHINA by sunderland56 · · Score: 3, Funny

    Is it the same country?

    No. China has decent food.

  15. Truer than you realize .... by whoever57 · · Score: 4, Informative

    The admission follows Theresa May's confession last November that, since the turn of the millennium, secretaries of state have been issuing secret directions under section 94 of the Telecommunications Act 1984, without any judicial authorisation.

    --
    The real "Libtards" are the Libertarians!
  16. ssh? by whitroth · · Score: 3

    So, he's going to order ssh banned from the UK? Really?

    Wonder how their MoD will respond to that. Or *any* large company.....

                  mark