UK Government Can Demand You Hand Over Encryption Keys

iminplaya writes "The UK government can now demand that citizens hand over their data encryption keys - or face jailtime for obstructing justice. The law only applies to data on UK shores, and doesn't cover information transmitted via UK servers across the internet. 'The law also allows authorities to compel individuals targeted in such investigation to keep silent about their role in decrypting data ... The Home Office has steadfastly proclaimed that the law is aimed at catching terrorists, pedophiles, and hardened criminals--all parties which the UK government contends are rather adept at using encryption to cover up their activities.'"

hidden volumes

[kalpol]

I'm curious to see how they handle hidden volumes on encrypted disks. Sure you can give up the first key, but if you don't give up the second (or the x-th, how far can you nest these?) who's to know?

Not exactly news

[TheRaven64]

RIPA has had a lot of negative coverage since the idea was first raised. Someone at the time proposed emailing the Home Secretary with a few MBs of random data and the text 'here is the information on your opium import operation. The key is as we agreed' and then sending a tip to the police. If the Home Secretary does not disclose the key (which he doesn't have) then he is liable for 5 years of jail time. Or, the government could see how silly the act is and repeal it. Since the law just went into force, I expect civil liberties groups will start trying this soon.

Hand the keys over

[DuncanE]

If a judge asked you to hand over the keys to your house.. or your car.. or your safety deposit box.. you are legally required to follow that order....

Are we surprised that digital keys have the same requirement?

And as for all the other (physical) keys you can refuse and let the courts (and a jury) decide.

Meh

[Anonymous Coward]

This is why you need to use something steganographic not just encrypted - just give them the fake key rather than the real one and it'll decrypt to some mockup installation full of boring crap. To my mind, the main risk is evil British intelligence services (I'm Irish, suffice to say my race has reason to call those people evil) wanting to grab your gpg key or similar in order to impersonate you, so planting a dummy key in the fake installation is also smart - if anyone uses the key to sign a message, your cell can know the enemy are on to you.

Re:Been like this for years

[Chrisq]

GnuPG has a --show-session-key command, so that when you are asked to reveal the key for an encrypted message you can comply with the law by revealing the session key that was generated for that specific message rather than your secret key. This complies with the letter of the law, so you can ask for a written order for each individual message. Of course if they are really serious at this point they will smile at your request and get out the rubber hoses....

What if...?

[Opportunist]

What if I don't have the keys but only store the data (i.e. I'm a backup service provider who stores data for people he doesn't even know by name or anything but IP address, which is fleeting at best)? What if I simply cannot remember the keys or, in case of keydisk/keyfile systems, have lost either (or destroyed because the archives are old backups no longer needed)? What if I don't remember which version of which cypher program was used to encrypt the keys (I tend to have that problem, actually, with a few archives...)?

I don't have a problem handing the keys to the authorities provided they can give me a good reason they need them (I really don't enjoy handing out trade secrets, you know...), but what if I just simply and plainly cannot?

Dead-mans handle saves

[samjam]

Have an off-shore cron job to revoke your keys if you don't touch them often enough.

When you are asked for the keys, refuse until you are arrested and unable to save the keys from being revoked.

The revocation is the trigger that you have been asked.

Sam

How to screw someone

[linuxwrangler]

1. Place files full of random data on their machines

2. Tip off the authorities to their "terrorist plans"

3. Watch them get five years for "refusing" to decrypt the "data"

Troll. So easy to threadjack.

[Corwn of Amber]

The Home Office has steadfastly proclaimed that the law is aimed at catching terrorists, pedophiles, and hardened criminals--all parties which the UK government contends are rather adept at using encryption to cover up their activities.

Yay! The Four Horsemen! But they forgot the Money-Launderers.

This reminds me, some guys had sent a PGP-encrypted email to the (Autstralian?) Prime Minister, then reported him to the police. His house was searched for the crypto keys; the next day the law project was put under the rug.

What are you UKsians waiting for?

Variant

[jbeaupre]

Keep your encryption keys offshore.

You have the password to unencrypt your offshore keys. This password cannot be demanded of you (jurisdiction). But when you want to use your encryption keys, your application asks for the password, retrieves the key, and performs your data decryption (locally or remote?).

Decidedly more trouble than it's worth, but an interesting thought exercise.

What if your password incriminates yourself?

[Bender0x7D1]

I was wondering how the court would rule if your password contained information that would incriminate you in a different crime.

For example, if your password was: "my_murder_victim_is_buried_under_my_patio" or "I_embezzeled_20million_into_account_123456789", wouldn't revealing the password violate your right against self-incrimination (at least in the US)?

Life without public key cryptography

[Anonymous Coward]

Yeah. The U.K. (along with most countries) has always impressed me as a country designed by the bureaucrats, of the bureaucrats, and for the bureaucrats. Unfortunately the U.S. has been heading the same way for a while.

People forget that the U.S. Senate came close to outlawing Public Key Crypto back in September of 1991. This is why there was a rush to release PGP back in the summer of that year. It negated anything the Senate could do.

One has to wonder what life would be like without public key crypto today, or the interest in it which the prosecution of Phil Z. spurred.

Two things which come to mind are Bill Clinton's Clipper chip, and a lot weaker Web-based business. And certainly not the ability to keep things private via PGP or TrueCrypt.

Re:Solution?

[Deagol]

I'm too busy to track down a good link, but google "salt lake city winter olympics propane teddy bear". I don't know if the guy was ever found to have a nefarious purpose for the purchase, but the government can and does correlate innocuous things together to form suspicions about people. Still, it's pretty scary that stuff like this happens (the correlation of people's behavior, not the purchase of teddy bears, that is).

Re:Its very important that we all do this.

[networkBoy]

My keyring is stored in a TC volume on a few (4) USB keys.
I have the key for the TC volume in my head and nowhere else.
Should I be compelled to divulge my keys I can honestly say I don't know them and that they are stored in a secure volume.
Should I be compelled to divulge the "one key to rule them all" then I can either:
a) divulge the main volume key, thus granting access to what I deem to be low risk keys.
b) serve jailtime for "forgetting" the keys.
there is no option c) as I deny all knowledge of using the hidden volume feature of TC.

-nB

Re:Its very important that we all do this.

[arkhan_jg]

That's the problem - forgetting the password is not a defence. Failing to hand it over when asked carries up to a 5 year jail sentence, as it's assumed whatever you're 'hiding' would cause you to be imprisoned. The basic premise, if you use encryption, is that you are guilty of something and it's up to *you* to prove otherwise by letting the police rifle through *all* your data looking for something incriminating. Failure to do so is evidence itself of guilt!

This law was passed 7 years ago, and the home office has been quietly waiting for the original outrage to die down to see if they could get away with actually using the powers they were granted before 9/11 or 7/7. Of *course* they'll only use it against terrorists and pedophiles. Nothing to fear citizen, sleep soundly in your bed, safe in the knowledge we're only imprisoning bad men. After all, only bad men use encryption then forget the password...

Of course, if you're a pedophile you're far better off taking the 2 years for failure to hand over your encrypted data, than to take the potentially decades in jail if you have incriminating photos and a sex offender offence that might well get you killed there. I don't think it'll be too long before the maximum sentence gets raised to be in line with the worst crime you might be assumed to have committed and hiding via encryption...

Old news; US can do the same thing, but not to me

[OSPolicy]

Federal Rules of Civil Procedure 26-36 are perfectly clear - the US can demand your crypto keys as part of discovery in litigation, end of story. Fed. R. Civ. P. 37 spells out what happens if you don't comply, and the basic idea is that you get the choice that Steve James offers the unnamed punching bag in The Soldier: "Duck or bleed." If you get served with a subpoena or ordered to comply with discovery, you can comply (duck) or resist (bleed).

Having said that, I'm immune. I have numerous files and directories on my computer that are encrypted with strong crypto and to which I do not have the password. I created them, assigned them random passwords that I never knew, filled them with random garbage that I never saw, and there they sit. I do not need to produce decrypted versions of those files or directories in court or anywhere else because they are not under my control.

So far, so good, but who cares about files with no useful information? I do. Ordinarily, the fact that there's a decrypted file on my computer establishes a ludicrously-hard-to-rebut presumption that I have "possession, custody, or control" of the data therein. (Fed. R. Civ. P. 34(a)(1)) However, because I can establish that I have many files and directories that are not in my possession, custody, or control (for decryption purposes), that presumption does not apply to me. The party seeking disclosure must establish, file by file, that I can decrypt the file. And that's damned hard to do.

A few notes: if you do this to circumvent judicial process, you're not going to get away with it. The judge is just going to allow the other party to draw the worst reasonable inferences about the contents of the file and force you to rebut. I, however, am not doing this to circumvent the law; I am doing it to make it hard for hackers who break into my system to figure out what they have to crack to get my important business data. The fact that the net result is that it has the potential to make discovery harder is only a side-effect for which I cannot be sanctioned.

Second, if someone can establish that you should be able to produce something, this system isn't going to protect you. Crypto is just a high-tech shovel and a hard drive is just a high-tech back yard. Saying that you aren't going to produce an encrypted document is no different than saying that you aren't going to tell someone where in the back yard you buried that document. The court is not without tools to deal with uncooperative parties.

Last, if you get involved with subpoenas or discovery, seek advice from something stronger than this posting.

Re:Been like this for years

[internewt]

In a past discussion like this one, here on slashdot, I saw talk of a system that might potentially bypass this kind of law.

You have 2 computers, A and B. The HDD's in both are encrypted, the two systems network boot off each other, with the encryption key stored on the other machine. i.e. A's key is on B, and B's key is on A. You'd obviously need a third computer whilst building this system, but once built, as long as A and B aren't powered off at the same time you would have 2 fully encrypted servers without direct access to the keys. You could have a panic button too, to cut the power to both, essentially bricking the computers and making it impossible for law enforcement to acquire evidence. If the police got a warrant and removed the computers, well, they'd probably power them all down to move them, destroying any evidence themselves.

Can anyone remember anything else about this? Or have seen it done, or have done similar themselves?

Flashback

[Anonymous Coward]

I remember when this was first up in front of parliament in 1999/2000, but I didn't know they had passed the thing.

There was considerable concern in the banking industry at the time (noted in the article) about whether they'd have to release their keys. The original proposal said that the authorities could:-

a.) approach anyone with access to the keys and demand that they release them (including secretaries for example) on penalty of gaol,

b.) silence that person from discussing the approach or forced release with their employer (ie. the real owner), again on penalty of gaol.

Another slight concern was the role of SSL where there is an exchange of keys and whether this could open a backdoor to a class-break by keys forcing out of multiple customers, while keeping those people silent.

Does anyone know if the legislation actually enacted does that stuff?

Re:Life without public key cryptography

[Rei]

Weren't the British planning to pass something like this years ago? I remember reading about it at the time. This law seems like it'd be either unenforcable (if the person can argue that they don't have or forgot the key), or asking for people to be set up (if they can't). Perhaps a less obvious version of the following:

From: Anonymous Stranger (someone@outsidetheuk.com)
To: Patsy (someone-else@inside.co.uk)
CC: Law Enforcement HQ (help@police.co.uk)
Subject: Confession

Dear Patsy,

I was just approached by an acquaintance who says he committed a crime for you. Not believing it, I asked for proof. He showed me this picture:

(insert photo of apparent crime in progress)

I was horribly disturbed when I saw this. Apparently, according to him, it's just a screenshot from a video of the crime and him talking about all of the details of it for you. When I asked why he felt safe keeping a video around, he said it's encrypted and that only you and he have the keys. I managed to swipe his USB memory stick, and sure enough, there's some big encrypted file on it. I'm attaching it below for you. Since the police will certainly be interested in what it shows, I'd advise that you hand over your encryption key to them immediately.

Provable deniability

[gweihir]

I use the followinf procedure to securely erase HDDs:

1. Setup fil disk encryption with a random password (Linux dm-crypt)
2. Overwrite mounted encrypted volume with random data (not cryptogtaphically strong)

The result cannot be distinguished from an ordinary encrypted disk, and that can be mathematically demonstrated. Also there is no way I can prove there is really no data there. Again mathematically proovable that I cannot demonstrate this.

May other secure deletion utilities produce results much like this, i.e. not distinguishable from encrypted files or whole disks.

So, everybody that does secure deletion of this type now goes to prison? I don't think so. What I think is that it requires a conclusive explanation of this impossibility to get this law restricted to cases were the authorities first can proove the presence of encrypted data. This will be the cases where the users do not understand crypto. All eth others will szucessfully evade this exceedingly incompetent law.

Re:Zeitgeist says it is rich people wanting contro

[TheLink]

Truecrypt's plausible deniability is worthless or even dangerous.

If you have Truecrypt installed it just means you're going to rot in jail till you can either:
1) Convince the police that some random file you have that they are interested in is not encrypted.
2) Decrypt the file somehow (even if it wasn't encrypted in the first place ;) ).

You'd be better off downloading some legal porn (or something similarly frowned on but legal) and encrypt sets of them (without truecrypt) and write down the keys somewhere so you never forget or lose it. Then if the Gov says "hand over the keys" you hand over the keys, rather than say "I have no keys".

A Gov like that is going to presume you're guilty of something.

Laws Against Self-Incrimination

[Blue Stone]

As far as I can see, and I'm not a lawyer, this new section of RIPA breaches the right to silence and against self-incrimination - which have been judged in the courts to be intrinsic aspects of a 'fair trial'. This is in addition to reversing the burden of proof.

It seems to me that anyone banged up for 'forgetting' their pass phrase would have excellent grounds for appeal, and overturning the law. And let's face it, this morally corrupt, authoritarian Labour government has had it's nefarious laws overturned before.