Forgot your password?
typodupeerror
This discussion has been archived. No new comments can be posted.

Australian Law Enforcement Pushes Against Encryption, Advocates Data Retention

Comments Filter:
  • by DrYak (748999) on Thursday April 24, 2014 @05:50AM (#46831119) Homepage

    Add this as reason #2'175 on the long list of why one should definitely use end-to-end encryption.

    If you use a well designed end-to-end encryption, that has been validated by cryptologist (think OTR [cypherpunks.ca] for chat, ZRTP [wikipedia.org] for voice), I doesn't matter what the quality of the underlying link is or if telcos are helping breaking the link.

    Best part? These technology can work over your already existing systems (though ZRTP can't work over Skype's voice and video. It only works over SIP or XMPP/Jingle - i.e.: the standards that the whole rest of the internet is using).
    So you can OTR encrypt your chats over your Google Talk's XMPP session.

    And there are clients supporting them either out-of-the-box (jitsi [jitsi.org], adium [adium.im]) or with a plugin (pidgin [pidgin.im]), over your existing accounts (XMPP like Google Talk, or any random SIP provider).

  • Jail and keys (Score:5, Informative)

    by DrYak (748999) on Thursday April 24, 2014 @07:06AM (#46831355) Homepage

    If I know Tony Abbot and co, there are government law drafters who have been given the task of taking the UK RIP act (the one that lets them send you to jail for refusing to hand over encryption keys) and invent a similar law that fits the Australian system.

    To be "jailed for refusing to reveal keys" requires that there ARE EXISTING keys in the first place.

    Modern encryption like OTR and similar are based around "perfect forward secrecy [wikipedia.org]". They DO NOT use stable cryptographic key on purpose, instead they rely on "ephemeral keys" (in the case of OTR, that's DHE [wikipedia.org]).
    There's no real key to be handed over.
    (Also because there's no real key to be handed over, DHE needs to be paired with something else to authenticate guarantee against MITM attacks.
    The web use public keys for that (RSA is a popular thing). In the case of OTR, instead of keys they use "Socialist Millionaire [wikipedia.org], it doesn't rely on any actual key)

    (That's part of the discussion around Lavabit, had they used PFS, they would be able to simply handle their key and switch to newer. The NSA wouldn't be able to decrypt anything with the old keys (if DHE or ECDHE was used instead) and they wouldn't be able to further impersonate Lavabit if the revealed keys was revoked/updated. Saddly Lavabit used classical public key crypto and all communication would have been retro-actively hosed by revealing the key.
    It's also part of the discussion around Heartbleed. If heartbleed has been used to retrieve keys, sites using classical PK would be more compromised than sites using DHE/ECDHE : the former had all they communication retro-actively hosed, the latter can only be impersonated in the future until they leak is discovered and the key revoked/changed)

    Of course, as mentioned by the parent-poster, this is all shiny and nice in the math/crypto world, but...

    it works right up to the moment when it is a crime if you use non-government approved encryption methods.

    The Australian government could make a future law making mandatory to use special forms of crypto, that DO use keys (say bye-bye to DHE/ECDHE or at least ECDHE with a secure elliptic curve) and that require the key to be deposited in a government-accessible escrow (like requiring the password to be transmitted crypted with a government-own public key, or requiring ECDHE with government-compromised curve).

The best way to avoid responsibility is to say, "I've got responsibilities."

Working...