Dear Mr. Straw

Stand.org.uk has taken issue with the UK's proposed new e-commerce bill in a novel fashion. The Bill includes an assortment of new powers for law enforcement to combat the spread of that dread menace, cryptography. Police can demand that you decrypt and provide the keys for any encrypted communications in your possession - with a penalty of two years in jail. But what if you don't have the key? An excellent letter and even more excellent photo-essay. -- michael

Well Said.

[Amphigory]

That's what I love about the British -- on average, they are much better spoken and written than those of us on the western side of the Atlantic. They also have a gift for poetic understatement that is probably one of the funniest things on the planet.

But I wouldn't want to live there. In the US, I could challenge such a bill on a number of constitutional grounds. I could claim that it violated due process, unreasonable search and ceisure, freedom of speech, and unnenumerated rights such as privacy. It wouldn't last six months (much like the late CDA did not). However, my understanding is that in Britain their are no such consitutional protections -- don't I remember hearing that they don't even have a formal consitution?

On /., a lot of people criticize the US. And that's a good thing: there are many areas where the US deserves to be criticized. But let's not forget that in some areas at least we are far ahead of the competition.

What are the implications for ISPs?

[aphrael]

Depending on how "possession" is defined, it would seem that this bill essentially requires providers of hosting space for web pages to have access to the private keys of any encrypted data that they are hosting.

Not a good thing for the relationship between web hosting companies and their customers, I would imagine.

Re:Deniable encryption

[brad.hill]

You could probably look it up in the library. I found some abstracts on AltaVista by Ran Canetti, Cynthia Dwork, Moni Naor and Rafi Ostrovsky.

There was also a short piece on it in 2600 a few issues back, I think in enough detail to implement it if you know basic crypto programming. I think it mentioned some prototypical crypto-stego filesystems already available that use this idea.

IIRC, you divide the cyphertext into blocks, which are either chaff or real data. You use the key to scan along, decoding blocks until you get a decrypt that checks out, and then that block has some of the data and the key to the next valid block. Thus, depending on what key you start with, you can pull out any one of many embedded plaintexts. You can set the ratio of chaffing to be whatever you want, but it generally needs to be pretty high for it to be truly effective. I think, for example, that if you wanted a secure 2 GB filesystem, you'd want an 8 GB disk, with 2 GB of filesystem, 2 GB of alternate plaintext and 4 GB of random chaff. Not very effective or fast, but when you need to be secure...

Deniable encryption

[brad.hill]

There are systems out there that use "deniable encryption". They chaff the data to a high degree, and allow you to encrypt multiple messages within the same cyphertext using multiple keys.

So if Mr. Fed demands a key, you give him one, and it pulls a couple of porn pictures and some old issues of Phrack out of the cyphertext. You gave him a key, it produced plaintext from a cypertext- get out of jail free.

That there's another key that decrypts entirely other information from the file is impossible to prove, due to the chaffing.

Any sensible criminal would just use this type of encryption.

Civil Rights in the UK

[coaxial]

First off, I'm an American, so I don't know jack about the civil rights one has in the UK. I do know this, they're not enumerated and can be withdrawn by an act of parlament. (Just one of the many grievences that led to the American Revolution.)

Since I've already admitted that I'm not qualified to speak about British law, let's suppose that this law was passed in the United States. (Which isn't unlikely.) This law would be perfectly legal. When the government suppeanas information from you via a search warrant, you have to give it.

Turning over a crypto-key is no different than turning over the key to you shed where you stashed the dismembered corpses of your wife and children. (Claiming privacy for stashing a body doesn't cut it, and it doesn't for encrypting a document either.) It doesn't violate the 5th amendment (Freedom from self-incrimination, for all our non-American friends) because it's evidence gathering, not testamony.

Imprisonment for not retrieving the key is where American and UK law start to diverge. INAL, but I belive the governement can still imprison you under some sort of conspiracy law, but I'm not sure. (I really don't know alot about conspiracy law, except that they only have to prove intent, which has a very low threshhold. Also they don't need physical evidence, (thus the "Conspiracty to ______" charge rather than for "_______ing".)

I understand law enforcement's predicament when it comes to crypto, but it's no different than any other civil-rights vs. law-enforcement issue. Basically the crypto-issue reduces down to Search. Sure having cops rabndomly raid someone's home will prevent crime, but is it to much of a price to pay? Sure key-escrow/recovery will allow the cops to evesdrop on you and the criminals, but is it too much of a price to pay?

It's a classic predicament, and there isn't an easy answer. A long time ago, society decided "No, you can't let the cops barge in and search. They need warrant to do that." Later society decided, "No, you can't just let the cops evesdrop on phone conversations, they need a warrant to do that." Sure the cops should be able to gather evidence, but they should have a warrant first. (The easy of getting a warrant is another issue, that deals with judical oversight (or lack there of).)

Personally I have no problem with the cops forcing me to decrypt a message. I don't like it, but it's no different than forcing me to unlock a safe. (However. I would kind of like to see the FBI crack the crypto.) I also feel the US crypto-export laws should be repealed, because they're completly ineffective against curbing the spread of strong crypto, and only serves to hold back the software industry and e-commerce.

--
The following was just random line noise.

Work-arounds

[PigleT]

There are several interesting clauses in it, to my eyes, to be found at http://www.dti.gov.uk/cii/el ec/ecbill_part_III.htm onwards.
In particular, I notice sections 10 (2) where (a) and (b) might give grounds for defence / opting-out, but "require" towards the end stamps on our freedom & privacy.
(3) (b) seems to allow for any means the requirer sees fit - I wonder what happens if they choose PGP-signed mail?

(11)(2) and (3) appear to leave a loop-hole; if you're required to release information believed to be held under a key system, might you only have to release "useful information" ('in an intelligible form'), not necessarily the *actual* information you've encrypted.

Big deal? Why've I gone to the trouble of looking all this up?
Because while it will only apply if the police demand it, which will probably only happen if they suspect you of something, the problem is that if we don't *exert* the basic human right to *privacy*, then someone will trample all over it later and you'll wake up powerless to fix things.

Canada Crypto Policy

[DanaL]

Time and time again, I get to think, "Yay, I live in Canada". Here is an excerpt from John Manley (Canada's Industry Minister) outlining his governments crypto policy:


The policy allows Canadians to develop, import and use whatever cryptography
products they wish and does not impose mandatory key recovery requirements or
a licensing regime. "This policy is good for the Canadian economy," said Minister
Manley. "It supports the increased use of electronic commerce products and
services in Canada, as well as the export of Canadian information technologies to
other countries."


Wow! A consumer/industry friendly approach! The full article is here

Dana