Australian Attorney General Wants To Make It A Criminal Offense To Not Turn Over Private Encryption Keys
from the a-disaster-waiting-to-happen dept
The Attorney-General's department in Australia is apparently pushing for new laws down under that would force anyone who's asked to hand over their private encryption keys -- and that covers both end users and service providers. Buried in the middle of a submission concerning revising Australia's wiretapping laws, the AG's office notes:The Department is also advised that sophisticated criminals and terrorists are exploiting encryption and related counter-interception techniques to frustrate law enforcement and security investigations, either by taking advantage of default-encrypted communications services or by adopting advanced encryption solutions.The Orwellian nature of "intelligibility assistance notices" is fairly striking. Basically, this says if you don't make encrypted communication "intelligible" upon request, you would have violated criminal law. It's kind of funny how it claims this doesn't require anyone to hand over communication in an intelligible form... because it just asks for the encrypted content and the key to decrypt them. Which, you know, is basically the same damn thing.
The Department’s current view is that law enforcement, anti-corruption and national security agencies should be permitted to apply to an independent issuing authority for a warrant authorising the agency to issue ‘intelligibility assistance notices’ to service providers or other persons. The issuing authority should be permitted to impose conditions or restrictions on the scope of this authority.
[....]
Under this approach, the person receiving a notice would be required to provide ‘information or assistance’ to place information obtained under the warrant into an intelligible form. The person would not be required to hand over copies of the communication in an intelligible form, and, a notice would not compel a person to do something which they are not reasonably capable of doing. Failure to comply with a notice would constitute a criminal offence, consistent with the Crimes Act.
The above approach is consistent with the approach taken by the United Kingdom, which permits officials of law enforcement and national security agencies to, where authorised under a warrant, issue a notice requiring a person to provide assistance in connection with accessing encrypted communications. Similarly, South African law permits agencies to apply to a judicial officer for a direction requiring a person to provide information to the agency to enable the agency to decrypt lawfully intercepted communications.
Meanwhile, at the same time as part of the same discussion over wiretapping laws, there's an effort under way in Australia to force service providers into a big data retention scheme, forcing them to hold onto all sorts of data for law enforcement purposes. Incredibly, Australian officials seem to be using the NSA/Snowden leaks as the impetus for this.
Intelligence agency ASIO is using the Snowden leaks to bolster its case for laws forcing Australian telecommunications companies to store certain types of customers' internet and telephone data for a period of what some law enforcement agencies would like to be two years.ASIO also, like the AG's office, seems quite concerned about you damn kids and all your encrypting:
"Since the Snowden leaks, public reporting suggests the level of encryption on the internet has increased substantially," ASIO said.So, even if everything's getting encrypted, certain law enforcement interests seem hell-bent on having everything collected and easy (forced) availability of private keys. If you happen to live in Australia, you might want to speak up about what's about to happen to what you thought were your private communications and browsing activity.
"In direct response to these leaks, the technology industry is driving the development of new internet standards with the goal of having all web activity encrypted, which will make the challenges of traditional telecommunications interception for necessary national security purposes far more complex."
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: asio, attorney general, australia, data retention, encryption, privacy, wiretapping
Reader Comments
Subscribe: RSS
View by: Time | Thread
Here in America...
O wait... I keep forgetting, we HAD a constitution but it got flushed after someone took a shit.
[ link to this | view in chronology ]
Re: Here in America...
[ link to this | view in chronology ]
Re: Re: Here in America...
[ link to this | view in chronology ]
Re: Re: Re: Here in America...
[ link to this | view in chronology ]
Re: Here in America...
Let them call me a criminal for daring to indulge the thought of not following their laws, while i point out that they are already ignoring ours
The natural law vs Manufactured laws
[ link to this | view in chronology ]
Re: Here in America...
try that for democracy...
[ link to this | view in chronology ]
Ephemeral keys
It's no surprise that there has been a stronger focus on increasing the use of ephemeral key schemes.
[ link to this | view in chronology ]
Re: Ephemeral keys
I often wonder if most people would be better with a very strong log on password and no encryption. Some would need to encrypt selected files such as lawyer-client communications. Given the technical competence of most police departments, a strong password would stop them could. It would never occur to them to use a Linux live CD/DVD to view the files.
[ link to this | view in chronology ]
Re: Re: Ephemeral keys
No, they wouldn't. It might (but likely wouldn't) stop spies from logging on, but it will do nothing to protect you against the more prevalent threat of having your communications eavesdropped on.
[ link to this | view in chronology ]
Re: Re: Re: Ephemeral keys
u might as well leave your mobile/laptop on the street for anyone to look at. I've given.up on privacy. my phones hacked constantly daily ....
[ link to this | view in chronology ]
Re: Re: Ephemeral keys
There is no need to reread communications. Once it arrives at its destination, its key can be discarded without issue. By their nature, communications are ephemeral, which is why ephemeral keys work well.
Yes, once at the destination, you should re-encrypt whatever you received with a permanent key, if you want to keep a copy. Or the sender could have already encrypted it for you with a permanent key, while still protecting it with an outer ephemeral key. There are other bad laws that force you to reveal your permanent key, but again this is not what this article is about; and you might have the option of not saving the message, thus avoiding these laws.
[ link to this | view in chronology ]
Re: Re: Ephemeral keys
Encryption is the way forward and if you have anything you need to protect, regardless of the content you should always use a strong encryption. Why do you think TrueCrypt has ceased development? It's likely because it is reliable in most cases.
[ link to this | view in chronology ]
In lieu of encryption
[ link to this | view in chronology ]
Still better than the US
[ link to this | view in chronology ]
...
Under this approach, the person receiving a notice would be required to provide ‘information or assistance’ to place information obtained under the warrant into an intelligible form.
The people's current view is that citizens should be permitted to apply to an independent issuing authority for a warrant authorising the citizen to issue 'intelligence assistance notices' to political representatives or other government officials. The issuing authority should be permitted to impose conditions or restrictions on the scope of this authority.
...
Under this approach, the person receiving a notice would be required to provide ‘evidence of their intelligence’ to explain the incredibly bad ideas they have proposed in an intelligible form.
[ link to this | view in chronology ]
Why do you think...
[ link to this | view in chronology ]
Keys
[ link to this | view in chronology ]
Re: Keys
- NSA
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
The AG is a member of parliament (i.e. voted into the legislature's upper or lower house in a general election) appointed by the Governor General upon advice of the Prime Minister.
So the AG's position is not directly voted on, but the AG must be appointed out of the pool of people voted into the legislature in a general (or by-) election.
[ link to this | view in chronology ]
Re: Re:
In this instance the AG is Senator George Brandis QC who is an elected senator for the State of Queensland and has been a lawyer (Solicitor then Barrister then Queens Counsel) since 1985.
George is actually a very well known and brilliant lawyer though he has negligible experience with criminal law since his practice was entirely devoted to civil. Which realistically doesn't mean squat as the AG since he has a multitude of minions working for the Department who really do all the work and he just spews forth their IDIOTIC recommendations.
As for this recommendation, it's idiotic, bypasses all procedural fairness (especially since it's NOT using a court to issue warrants but an external 'independent' -HA FUCKING HA - issuing authority) and is unworkable with so many chilling effects. If it gets passed the High Court case and subsequent hammering of the unconstitutionality of the thing will be highly enjoyable to watch.
[ link to this | view in chronology ]
Re: Re: Re: Lawyers and Technology generally don't mix
One has to remember that the vast majority of lawyers think that the only solution to any problem is making a new law. It's the old adage about only having a hammer and everything looking like a nail.
Lastly, Senator Brandis being a QC essentially means that you do not want to have anything to do with him. The general rule of thumb for any business that provides services of any kind is to avoid doing any business with lawyers, especially barristers and QC, as you won't get paid for your efforts or if you do, it will have cost you many times more the amount paid.
Lawyers (especially barristers and QC's) here have a basic reputation that is worst than used car salesmen for may people.
[ link to this | view in chronology ]
Re: Re: Re: Re: Lawyers and Technology generally don't mix
Sadly the above policy is NOT the only idiotic submission that has been put forth due to the actual Senate inquiry into the TIA (Telecommunications Interception & Access Act) put forth by the Greens with an emphasis on internet surveillance. The other stupidities are:
* data retention provisions (that were rejected by parliament already) to be part of a new TIA .WTF!!!!!!!!
* The NT Police (as if they don't have enough problems already) called for EVERYONE'S browsing history to be logged so it can be used in investigations for them (or anyone)
* The AFP and ASIO (+ other acronyms) have asked for hugely expanded data retention and surveillance powers that bypass standard procedural fairness doctrines.
* though ironically all areas of government(s) all state that privacy is IMPORTANT (Though that could be because the new Aust Privacy principles came into effect on 12th March) but only when it doesn't suit there own mandates.
Actually the full list of submissions is fascinating reading as to whom is actually wanting what etc etc. http://www.aph.gov.au/Parliamentary_Business/Committees/Senate/Legal_and_Constitutional_Affairs/Comp rehensive_revision_of_TIA_Act/Submissions
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Lawyers and Technology generally don't mix
In actuality most people think of "The Castle" when they think of QC's. Thankfully I don't practice (though I hold an LLB) so don't have to worry about what people think of me in that area.. I already know I'm an arsehole :)
[ link to this | view in chronology ]
Re: Re:
as a member of parliament (lower house) the group of pollies with the most members elected get to form government, the leader of this group becomes prime minister (the head of government). the prime minister appoints other elected members to government ministries like the Attorney General.
This wanker is both Attorney General & Minister for the Arts, the proposal last week on copyright reeked of conflict of interest.
[ link to this | view in chronology ]
It's Orwellian and disgusting. This is the stuff that makes for violent revolutions. We've had so many revolutions in the world lately, and some leaders still don't want to learn from others' mistakes, and push through with this.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Then, invoke the 5th when it comes to whether that is the legit content, no matter if it is or isn't.
[ link to this | view in chronology ]
Re:
Systems that have more than one password with different contents for each already exist; truecrypt is one of them.
[ link to this | view in chronology ]
Re: Re:
The key is to backup those headers and all your important data from time to time. Otherwise you run the risk of losing it all permanently when you do something dumb.
Oh and always use a password you'll remember even if you don't use it for 6+ months, yet isn't easily guessed either. Learned that the hard way lol.
[ link to this | view in chronology ]
Re:
As for the 'salted earth' password technique... That's an old method and basically creates a new criminal offense anyway. Always has since you are intentionally destroying evidence, unles you can prove that you had no reasonable knowledge that 'password' would do such a thing. Onus is on the informant to prove their non intent.. good luck with that one
[ link to this | view in chronology ]
Subtle as a sledgehammer
[ link to this | view in chronology ]
But but but
Amerika did it so why cant we?
[ link to this | view in chronology ]
Re: But but but
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Not the same damn thing at all
It's not the same damn thing at all. It's worse.
There's a fundamental difference between handing over decrypted content, and handing over encrypted content plus the key. When somebody hands over their key, it allows you to read not only the encrypted content you asked for but also any other encrypted communications you may have intercepted.
This is most notable because the policy is specifically stated to apply to service providers. As an example, a single investigation of a single Facebook user would allow the investigators to grab a copy of Facebook's private SSL certificate. Once they had that certificate, the investigators could read any Facebook traffic sent to or from any user over HTTPS.
This is carefully phrased to the extent that I suspect it's by design. If this were passed into law, it would fundamentally compromise not only SSL, but pretty much all current asymmetric-key cryptography.
[ link to this | view in chronology ]
Re: Not the same damn thing at all
This would only be true if you're using some brain-dead system that shares the same crypto key amongst all communications. If yours does this, you need to change to something better immediately.
[ link to this | view in chronology ]
Re: Re: Not the same damn thing at all
This law would affect anything that uses asymmetric keys. If Alice encrypts her message with your public key, and you're required to hand over her encrypted message plus the means of decrypting it, then they're asking for your private key. Giving them your private key is worse than giving them the decrypted message.
I suspect that what you're trying to say is that most modern crypto systems use key exchange algorithms to generate transient per-session or per-message keys. This is true. But by design, those transient keys are never saved. Even writing those keys to disc means that you're doing it wrong.
As I said in my original post, the AG's submission was made using very careful phrasing. I doubt anyone in the AG's office wants a service provider to hand over, say, a raw dump of encrypted TCP/IP packets plus the generated key from a Diffie-Hellman algorithm. What it does sound like, at least to me, is that they're trying to get a legal way to harvest private keys.
[ link to this | view in chronology ]
Re: Re: Re: Not the same damn thing at all
[ link to this | view in chronology ]
Re: Re: Re: Re: Not the same damn thing at all
For almost everybody, the answer would be "no".
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Not the same damn thing at all
If you are using DHE or ECDHE (and you should), that's exactly what you are doing: your certificate is used only to sign a new public/private keypair for each connection.
> If you use a VPN, do you use that VPN for only one kind of traffic with a single recipient?
If it's an IPSEC VPN, the IKEv2 negotiation generates a new public/private keypair every time you open the VPN connection. It's used for all the traffic within the connection, but it's forgotten as soon as the connection ends.
> Do you create a new bitcoin wallet for every transaction?
Christ, do you even know how a bitcoin wallet works? Hint: a bitcoin wallet is not a public/private keypair. It's an ever growing set of public/private keypairs. The reference implementation creates a new keypair for the "change" on every transaction.
That only leaves GPG, where you actually can create a separate subkey for each individual, and keep the master key offline, but it's too much work for most people.
[ link to this | view in chronology ]
Re: Re: Re: Not the same damn thing at all
Of course, that means you know which messages they're reading, so they would probably change the rules pretty promptly after they figure that out.
[ link to this | view in chronology ]
Re: but also any other encrypted communications you may have intercepted.
[ link to this | view in chronology ]
be afraid, very afraid
Since coming into office he has so far:
Authorised a raid on a Lawyers office in clear breach of attorney/client priviledge that was solely designed to intimidate a witness (highly ranked Intelligence officer, whistleblower) who was about to appear in the Hague to testify about illegal spying by our Gov during sensitive negotiations with East Timor. They confiscated the evidence and the passport of the wintess under "National Security" guise. Sound familiar? In reality, the evidence would have seriously embarrassed a number of the AG's colleagues who were in power at the time
Indicated he is looking to make ISP's liable for the actions of their users. Was not to happy with the Supreme Court decision re. iinet (search Techdirt if you want more info) so wants to change laws to suit.
Wants to repeal racial vilification laws to appease Rupert Murdoch's media interests in the name of free speech..... then in the same breath, as our Arts Minister decides that a bunch of artists who exercised their own free speech rights by declining sponsorship for a festival from a company employed by our Gov in the handling of refugees (very controversial topic here) should be forced to accept sponsorship.
This is despite the fact that there are laws in place that quite explicitly state that Arts Minster is not permitted to attempt to interfere with the independent body that handles Arts Funding. He has already stated he is just going to ignore the law and force the body to comply.
This is our AG. If there are laws in place that may inconvenience his party or their rich backers, he just either ignores them or wants to force through changes without following any kind of due process. And this is the man responsible for enforcing our own laws.
Make your own judgement.
[ link to this | view in chronology ]
Re: be afraid, very afraid
[ link to this | view in chronology ]
Re: be afraid, very afraid
[ link to this | view in chronology ]
Re: Re: be afraid, very afraid
Been there, gone through that ambiguous bullshit from both sides of evidence collection under that legislation. Also the subpoena/warrant is authorised by a Court (Local/Magistrate or District normally) and NOT by some other non trier of facts body set up for that express purpose (ie:tribunal) as the AG want in this matter.
Yeppers, we don't even have Freedom of Speech per say here though we definitely have an equivalence to the 4th amendment under Procedural Fairness Doctrines of all courts and other criminal investigative statutory powers of LEO's.
As for the 5th.. well the equivelant of Miranda Warning is all over Australia and you have the ability NOT to answer any questions by Police (other than in very controversial situations that haven't really been tested like terrorism matters) and the best advice any solicitor would give any client is "when in doubt SHUT UP.. If you don't understand that answer SHUTUP.. if you don't shutup then your a problem to yourself"
[ link to this | view in chronology ]