Encryption Passphrase Protected by the 5th Amendment

Takichi writes "A federal judge in Vermont has ruled that prosecutors can't force the defendant to divulge his PGP passphrase. The ruling was given on the basis that the passphrase is protected under the 5th amendment to the United States Constitution (protection against self-incrimination)." The question comes down to, is your password the contents of your brain, or the keys to a safe.

But but but!

[skulgnome]

Terrorists!

If not anything else...

[Bones3D_mac]

"I forgot."

Re:Interesting development

[mastershake_phd]

So.... this tells me two things... first, that the government cannot force you to give up your PGP passphrase.... but possibly more important, the government (currently) cannot break PGP encryptopn.

Hmmm....

Well the government of Vermont can't at least.

Re:If not anything else...

[Smallpond]

That worked for Gonzales. Maybe waterboarding could make you remember, tho.

Re:If not anything else...

[ubrgeek]

"You're in contempt of court."

Re:I was wondering...

[snarkh]

By giving the government his password, the judge held, that the defendant was incriminating himself by opening up all of his files that weren't pertinent to the investigation.

Quite the opposite. By giving the password the defendant may incriminate himself by opening files containing incriminating (and pertinent) information, but unknown to the government prior to that.

Re:Interesting development

[tomz16]

O... the government can break it. It's just that the DOJ doesn't have access to the computers required to do so. Nor does it want to spend the money on buying a multi-billion dollar computer if it doesn't need to.

? What leads you to this conclusion? There's absolutely NOTHING to indicate that strong encryption can be defeated by ANYONE on the planet at this moment.

Re:Sad state.

[Kelz]

Cute sentiment, but still a bit off-topic. I find this a good ruling for me personally, though honestly the ruling could have gone either way. What I find intriguing about it is how confused the judicial system seems about how to apply pre-internet laws to crimes. Should a cyber-crime be treated like a robbery? Should encrypted data be treated like a safe holding potential evidence?

Re:I was wondering...

[cayenne8]

"Quite the opposite. By giving the password the defendant may incriminate himself by opening files containing incriminating (and pertinent) information, but unknown to the government prior to that."

Thank God...FINALLY, a score for US privacy rights...and upholding our Constitutional rights!!!

You just don't see that much any more.....

Re:Interesting development

[Tumbleweed]

>So.... this tells me two things... first, that the government cannot force you to give up your PGP passphrase.... but possibly more important, the government (currently) cannot break PGP encryptopn.

Hmmm....

Well the government of Vermont can't at least.

It was a Federal judge.

It was also probably not worth bothering the NSA with. I wouldn't take this to mean much of anything about how quickly the Feds can crack PGP.

Re:and the pedophiles rejoice

[LiquidCoooled]

No they don't.
Just like any other serious crime the police should be investigating it correctly and building a case without needing to look around the suspects' house first.

Re:I was wondering...

[Anonymous Coward]

Yes, and it's perfectly legal for those investigators to try to decrypt your files themselves. What they CAN'T do is say, "Tell us where the incriminating evidence in your house is, or we'll put you in jail," or "Give us an itemized list of every single thing in your house so we can decide what is incriminating, or we'll put you in jail." Neither can they say, "Give us your encryption password or we'll put you in jail."

This is so painfully obvious that I'm somewhat concerned that it took so long for a judge to rule in this manner. On the other hand I am relieved it has finally happened.

Re:I was wondering...

[Tim C]

I think you two are talking at cross purposes. The post you're replying to says "(and pertinent)" - ie files that *do* relate to the case.

You're saying "he can't be made to release incriminating files that are nothing to do with the case", while the poster you're replying to is saying "he can't be made to release incriminating files even if they are related to the case".

Re:This ruling is both good and bad...

[X0563511]

Yes, it will protect them, as it should. They are not terrorists until PROVEN so, not because we suspect them to be - just like you are not necessarily a selfish jerk, even though I suspect you are.

Re:I was wondering...

[pboulang]

Well, maybe because a better analogy is "I have a warrant to search your whole house. You need to give me the key to the locked room in the back." I'm not sure it is "painfully obvious" but this is the correct decision in the end.

Wanna bet?

[Joce640k]

Me? I'll bet there are new laws being drawn up as I write this to make witholding a password illegal.

Any takers...?

write up at Volokh, by guys who are lawyers

[oliphaunt]

The blog post is here. [volokh.com]

This case is a very interesting overlap between 4th Amendment "right to privacy" cases and 5th Amendment "right not to self-incriminate" cases. I personally think that if the government can't break the encryption to "prove" what is hidden from them, they have no right to force the owner to do their work for them. People have a right to keep stuff private, and if they've hidden it effectively, then tough shit for the cops.

I acknowledge that child porn is inherently harmful to the children involved, and that laws targeting possession of child porn are therefore valid so far as they aim to protect children by destroying the market for the exploitative and harmful material. And there is no first-amendment protection for child porn. But the cops still can't break into your house without a warrant just because they they think you have pictures of naked kids inside, and they can't wiretap your internet connection without a court order (heh, they can't LEGALLY, even though it's probably going on right now OMGHI2NSA). Those are 4th amendment rights. But the 5th amendment kicks in to say that even with a court order and a valid warrant, the cops in your house can't force you to tell them which floorboard is the loose one with the bloody knife hidden under it. If you refuse to tell them, they have to find it on their own-- and if they can't find it, they can't use it as evidence against you. That's exactly how the 5th amendment is supposed to work.

A police force with the power to compel self-incriminating testimony becomes the enemy of any citizen who wishes to lawfully express dissent with any policy of government. The 5th Amendment is the most powerful safeguard citizens have against confessions extracted via torture finding purchase in US courts.

From the decision itself (lifted from that post at Volokh Conspiracy), bolded emphasis is mine:

Entering a password into the computer implicitly communicates facts. By entering the password Boucher would be disclosing the fact that he knows the password and has control over the files on drive Z. The procedure is equivalent to asking Boucher, "Do you know the password to the laptop?" If Boucher does know the password, he would be faced with the forbidden trilemma; incriminate himself, lie under oath, or find himself in contempt of court. Id . at 212.
The Supreme Court has held some acts of production are unprivileged such as providing fingerprints, blood samples, or voice recordings. Id. at 210. Production of such evidence gives no indication of a person's thoughts or knowledge because it is undeniable that a person possesses his own fingerprints, blood, and voice. Id. at 210-11. Unlike the unprivileged production of such samples, it is not without question that Boucher possesses the password or has access to the files.
In distinguishing testimonial from non-testimonial acts, the Supreme Court has compared revealing the combination to a wall safe to surrendering the key to a strongbox. See id. at 210, n. 9; see also United States v. Hubbell, 530 U.S. 27, 43 (2000). The combination conveys the contents of one's mind; the key does not and is therefore not testimonial. Doe II, 487 U.S. at 210, n. 9. A password, like a combination, is in the suspect's mind, and is therefore testimonial and beyond the reach of the grand jury subpoena.
The government has offered to restrict the entering of the password so that no one views or records the password. While this would prevent the government from knowing what the password is, it would not change the testimonial significance of the act of entering the password. Boucher would still be implicitly indicating that he knows the password and that he has access to the files. The contents of Boucher's mind would still be displayed, and therefore the testimonial nature does not change merely because no one else will disc

The spirit of the 5th amendment

[Orestesx]

I always thought the 5th amendment served two main purposes:

1. Prevent the government from compelling individuals to confess (through torture, or other means).
2. Give weight to confessions by ensuring that they were not obtained through torture.

Perhaps it will be illustrative to take the computer out of it, since we tend to get distracted by the technology. To me it seems pretty clear that if someone is arrested carrying a letter that was encoded with a cipher with information that may or may not be relevant to the case, that the person could not be compelled under law to explain how to decrypt the letter, whether to law enforcement or in court. Of course that couldn't stop the officials from attempting to break the cipher. But just because modern encryption is more difficult to crack than a hand cipher, I don't believe that changes the nature of the situation.

Re:Wanna bet?

[Anonymous Coward]

New laws wouldn't matter. Here, we're dealing with a Constitutionally protected right, which supercedes all other law in the land. The Constitution would have to be amended--i.e. 5th: Protection from self incrimination, except when encryption is involved.

Re:Horrible case law

[Anonymous Coward]

This is horrible case law. I get search warrants for the data on the machine. Therefore it should be held under the same rules as getting access to a safe or a house.

Using a warrant, They can still access the data on the machine, but at what point is the accused required to help Them interpret the data?

If They have a warrant, search my house, and find a notebook filled with writing that is obviously using some form of cipher, can I be compelled to decipher it for Them?

People who actually forget their passwords

[Rick17JJ]

What if someone actually did forged their long, complicated pass phrase? In that case, prosecutors would be trying to force someone to divulge a passphase that they don't even know.

On several occasions, I have briefly played around with encryption programs and made an extra copy of unimportant stuff and then encrypted it. Since it was usually just for practice, I did not always bother writing the passphrase down on the sheet of paper which lists all my passwords and passphrases. I may have not always got around to deleting those encrypted practice files and they may still exist somewhere on one of my old hard disks or on a USB key or somewhere or in the box of CDs that I have burned. I would have no idea what the password or passphrase was for those old practice encryption files.

I could easily imagine some prosecutor putting me in jail for not being able to come up with a passphrase to some old encrypted practice file. Then eventually, after getting out of jail, perhaps I would eventually find the passphrase on some old scrap of paper and they would discover that it was just an encrypted folder full of dozens of free 80 year old Gutenberg.net ebooks.

A person, such as myself, who has have never actually bothered to use encryption on a routine daily basis, would someone who is most likely to forget their passphrase. Perhaps I should dispose of all my old hard disks or wipe all the data with Darik's Boot and Nuke [sourceforge.net] Of course, if there were indications that someone has recently used their encrypted partition, folders or files recently, that would be different. A recent time stamp on the file or folder would be one such clue.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Wanna bet?

[sumdumass]

That is assuming a higher court doesn't reverse this decision in some manor.

Re:I was wondering...

[snarkh]

What is hard to understand here? A person cannot be compelled to give self-incriminating testimony.
Seems like a fair law to me.

Re:I was wondering...

[iminplaya]

Because, due to abuse of authority widely practiced by the government, far too many "criminal investigations" are actually witch hunts designed to root out "subversives". Maybe your government doesn't do that, but the vast majority of them do. And we need to protect ourselves from tyrants. Not that we are doing very well in that department. I hope that helps to clear things up a bit.

Re:A good ruling but...

[Anonymous Coward]

It isn't the location of the body that is incriminating, it is the body.

Re:Better use of a botnet?

[Orange Crush]

In reality, you have a fair chance of getting it within half the time, and it's still cost effective to go for a 33% chance.

So, only 500 years instead of 1500.

(Also, even if the NSA did have a quantum computer--as I understand it, it would need as many Qubits as the key it's trying to crack. We're not anywhere close to breaking strong encryption from any published experiments. There's little reason to believe the government could actually do it.

Re:I was wondering...

[snarkh]

So if they can be compelled to testify against themselves, what methods
are appropriate for that? Nothing life-threatening, surely, but perhaps a bit
of waterboarding is in order?

Re:Better use of a botnet?

[garbletext]

True, but you're missing the whole point of the parent's illustration about exponential growth. By the time you get to 256-bit encryption, even given all the resources in the world, exploring 0.0001% of the keyspace is infeasible, let alone 33%. Even for large governments, brute forcing PGP is more unlikely than winning every major lottery simultaneously.

Re:Interesting development

[tomz16]

Statements such as these are often made by paranoid conspiracy nuts and dutifully repeated by people that have no absolutely no clue about how science works. There are some things money just can't buy today... A quantum computer entails decades worth of research in physics, chemistry, materials research, etc. etc. It's not really a task possible by a secret group of people working separately from the main academic community.

If there is anything that you should have learned from reading all of those articles about quantum computing, is that it's friggin HARD. Any quantum device complicated enough to even be remotely useful in breaking encryption is many decades away. This is because it will take centuries of man hours and armies of graduate students in multiple fields to crack this nut. There still need to be tens of thousands of PhD's written on related topics before you can even dream of starting construction.

In order to have a secret working quantum computer, the US government would have had to have been actively working on the technology since long before traditional silicon computing took hold... hell, long before the idea of quantum computing for decryption even tickled our imaginations. They would have had to independently train a clandestine army of engineers and physicists that far outclassed our brightest minds in academia. These people would have had to replicate ALL of our modern advances decades earlier (which, btw. is not apparent from any other military technology). The resources required for a project like this are simply staggaring, and I estimate that the financial costs would have EASILY been in the trillions of dollars.

We certainly do spend enormous amounts of capital on military R&D in the USA, and there are many important technologies where the military is years ahead of commercial efforts. However from numerous projects that have bee declassified over the years, this advantage usually only involves the effective weaponization / improvement of currently existing/proven technologies. The military is only ahead in the little details of practical implementations, and not the fundamental scientific principles. In short, claiming the existence of some secret quantum computer is akin to claiming the US military had Joint Strike Fighters before the Wright brothers even made their first flight.

Re:I was wondering...

[Anonymous Coward]

The constitution? That's so pre-9/11.

Obvious to an intelligent person perhaps

[HangingChad]

This is so painfully obvious that I'm somewhat concerned that it took so long for a judge to rule in this manner.

Obvious to you and I maybe, but Scalia, Roberts, Alito, and Thomas never met an unreasonable search.

If prosecutors can jail reporters indefinitely until they hand over their sources, how is it that much different for the government to imprison someone for not turning over their encryption keys? The only difference I see is one may incriminate someone else and the other may incriminate you.

Of course, the smart thing would be not to mount the encrypted drive when you're not using it. And for the police not to shut the device off until they've secured enough of the data to obtain a conviction. Otherwise it's hearsay. I could claim I saw the plans for a nuclear bomb on your computer. And if we're admitting hearsay then anyone could claim you had anything on your computer. Would that be compelling enough to make you hand over encryption keys to prove there's nothing incriminating on your computer?

Now we're getting into the territory of having an encrypted partition is probable cause. Just like having a pager or cell phone is probable cause for a vehicle search on a traffic stop. Sadly that's true, or used to be.

Makes the paranoid among us utilize hidden volumes. Some people go three or four layers deep. Keep something mildly incriminating in the normal layer and let them think that's the big prize. Try to take the water boarding for 30 or 40 seconds before you give it up to sell it.

When you put safety and security ahead of freedom there's no bottom to the privacy slide.

Re:Plausible deniability

[zero_offset]

I wonder if the code for a combination lock is legally treated as a key?

Re:I was wondering...

[SmoothTom]

But in getting that "key to the safe" in response to a search warrant there isn't a wide open "fishing expedition" granted.

If the warrant is to gain access to, for example "the twelve pornographic photographs known to be in the safe" that does not allow the investigators to also review the contents of all the accounting books also in the safe.

Since the original officers who looked at the images probably have no idea which files they were, I suspect that they will rifle through EVERYTHING in that drive if they had the opportunity, just to make sure they found the ones he saw.

By doing so they will likely find other things that may pose a problem to the owner of the drive the government now possesses, and US law has always said that one can't be made to incriminate themselves.

Very picky points, but in this case I actually think the judge may be right within very narrow confines.

(If the original investigator can remember the actual file names/paths, I suspect the defense could be asked to product THOSE files, but lacking that...)

--
Tomas

Re:Interesting development

[KDR_11k]

I don't think putting a tag "x years ahead" on things like this makes sense. We're talking about math, right? I don't consider progress there a function of time but of inspiration. The NSA might have gotten lucky and found algorithms decades before the public thought of them or they might not be as lucky and have to use the public release, overall I'd expect the distribution there to be pretty random. A quantum computer is a lot of practical science, I think that does involve much more time than math and isn't as easy to get ahead on.

Re:Horrible case law

[yndrd1984]

This is horrible case law.

No. This is about the most obviously correct court opinion I've ever heard of.

I get search warrants for the data on the machine. Therefore it should be held under the same rules as getting access to a safe or a house.

Right - you can get a warrant for a safe, but if they've moved the safe, you can't force them to tell you where it went.

someday my job wont be possible without good case law forcing defendants to give up encryption keys

Boo-hoo.

Problem is... there is usually a family fight long before law enforcement gets involved. This leaves the subject days to encrypt and clean any evidence he has.

And when someone commits a murder, they usually have time to ditch the gun. You still can't force them to tell you where it is.

We are completely understaffed, under-budgeted, and flooded with horrible crimes.

Yes, police need more money and fewer criminals. Write your representatives, ask for more funding, and tell them that terrorists and baby-rapers are getting away because you're too busy chasing potheads and hookers.

Plus, its not easy to get a search warrant. You need to satisfy probable cause in order for the judge to sign off on your warrant.

Where the hell do you think we live, the Police State of America?!?!? Yes, one government official has to convince another government official that he has a good reason to search or seize your stuff. My God, what a terrible burden - we might as well throw out "innocent until proven guilty", that can be difficult as well!

Re:I was wondering...

[jthill]

I can't understand the USians saying that it's OK for the law to block a criminal investigation

You advocate punishing people for not confessing a crime?

Get a grip.

Re:Interesting development

[TheRaven64]

Do you have even a basic understanding of maths? There are 2^2048 possible 2048-bit keys. If you split it between 2 computers, each has to do 2^2047. If you split it between 256 (2^8) then each has to do 2^2040. Split it between 1024 (2^10)? Each is still doing 2^2038. Maybe you've got over four billion computers. In that case, you only need to do around 2^2006 on each one.

In case you still have no concept of how big this number is, there are estimated to be around 10^80 atoms in the universe, which is around 2^266. That means that each of your four billion computers is having try 2^1740 keys for every atom in the universe.

To put it another way: Let's assume each of your four billion computers is a few orders of magnitude faster than anything I know of and can try four billion keys a second, giving you a total of around 2^64 keys tried per second. This means you can do around 2^76 per day. At this rate (and don't forget that we are assuming that you have almost as many computers that are orders of magnitude faster than anything real as there are people in the world) it will take you 2^1972 days to do an exhaustive search (although on average it will only take you 2^1971 days to find the key). For those following at home, that's around 2^1962 years. For reference, the universe is approximately 13.7 billion years old, which is a shade under 2^34 years.

In summary, if every atom in the universe was a computer that ran orders of magnitude faster than anything we can build today, and it ran for the life of the universe to date, you would not be able to crack a single 2048-bit message. If, however, you have a quantum computer, then you might be able to.

Re:Interesting development

[egypt_jimbob]

Ok, I really don't know if this is possible, but how come you couldn't take all the possible keys in a 2048 key, and split them up amongst enough computers in a cluster (Do I hear Beowulf anyone?) so that the total time to try all possible keys is down to a day or less?

No, it is not possible. The total number of possible keys in a keyspace of 2048 bits is an astronomically large number. 2 raised to the 2048th power, to be exact. On average, you will get lucky and crack it after having gone through only half of the keyspace, or 2**2047 keys.

I don't have any numbers on current top performance for testing keys, but let's assume that the Government has computers capable of trying one million keys per second. That being the case, you would need (2**2047) / (1000000 keys/s * 60 seconds * 60 minutes * 24 hours), or roughly 2**2010 computers to crack the key in one day.

For comparison, there are an estimated 10**80 or around 2**266 atoms in the observable universe.

Re:Horrible case law

[Dark_Gravity]

We are completely understaffed, under-budgeted, and flooded with horrible crimes.

Your budgetary problems are not my concern. You will have to persuade your overlords to divert some of the billions you squander on victimless and consensual crime before I care to indulge your pleas.

Plus, its not easy to get a search warrant. You need to satisfy probable cause in order for the judge to sign off on your warrant.

It's not supposed to be easy to get a warrant. That's the point!

Re:I was wondering...

[1u3hr]

If they're innocent there's nothing to admit to so no problem.

I wish you were being ironic. But I fear you actually mean this.