Drobe :: The archives
About Drobe | Contact | RSS | Twitter | Tech docs | Downloads | BBC Micro

ROS app could scupper encryption law

By Chris Williams. Published: 21st May 2006, 17:54:00 | Permalink | Printable

We're not going to mention the T word

RISC OS securityCivil liberty defending RISC OS users believe they can continue to protect their encrypted data despite the government's desire to force individuals to hand over their encryption keys. The Home Office is hoping to activate the controversial part three of the Regulation of Investigatory Powers Act, which until now has remained dormant after it caused outrage from privacy advocates.

The section in question gives the police the power to demand encryption keys or decrypted data from people and organisations - the penalty for refusing to comply is up to five years' imprisonment.

However, Birmingham University's Dr Nat Queen said: "This attack on personal privacy can be defeated by programs that provide plausible deniability. I for one will never hand over encryption keys or encrypted data which I don't want anyone else to see."

Dr Queen believes his Stealth software renders the legislation ineffective because his application can hide multiple encrypted documents in a larger innocent file, with no way of finding out how many files are hidden.

Each document in the 'container' file can be protected with an individual pass-phrase using a process called steganography; if a person is forced to reveal the encrypted contents, they can simply unlock one or more dummy files while keeping the sensitive information protected.

In a mailing list post, he said: "The user can reveal a few insignificant files under duress, but the secret police can never prove whether or not any more exist. Even torturing the user is pointless, because the victim has no way to prove that no more exist when all the passphrases have been revealed. The source code is public, and the secret police will know this."

A program equivalent to Stealth exists for Linux, and Dr Queen said he was not aware of any other similar programs for other platforms.

It gets political
The government said it is holding a consultation, and will review the results of this process before deciding on how to press ahead with enabling part three of the RIP Act.

In parliament last week, Home Office minister Liam Byrne said: "The use of encryption is proliferating. Encryption products are more widely available and are integrated as security features in standard operating systems, so the Government has concluded that it is now right to implement the provisions of part three of RIPA, which is not presently in force."

Encryption expert Peter Fairbrother said: "It is, as ever, almost impossible to prove 'beyond a reasonable doubt' that some random-looking data is in fact ciphertext, and then prove that the accused actually has the key for it, and that he has refused a proper order to divulge it."

Speaking to ZD Net, Richard Clayton, a security expert at Cambridge University, added: "The police can say 'We think he's a terrorist' or 'We think he's trading in kiddie porn', and the suspect can say, 'No, they're love letters, sorry, I've lost the key'.

"How much evidence do you need [to convict]? If you can't decrypt the data, then by definition you don't know what it is."

Links


Dr Queen's software ZD Net: Government to force handover of encryption keys

Previous: RISC OS 3 caught running on Amiga hardware
Next: Microdigital boss turns makeover gardener

Discussion

Viewing threaded comments | View comments unthreaded, listed by date | Skip to the end

It isn't necessarily necessary to decrypt the data. A judge can direct a jury to draw an inference from the existence of undecryptable data based on the circumstances in which the data are found.

 is a RISC OS UserWill! on 21/5/06 7:22PM
[ Reply | Permalink | Report ]

"A program equivalent to Stealth exists for Linux, and Dr Queen said he was not aware of any other similar programs for other platforms."

This seems to suggest that steganography is only possible on RISC OS and Linux. There can't be many things left in the world where RISC OS is definitively in the lead! Maybe I've mis-read it?

Adam

 is a RISC OS Useradamr on 21/5/06 7:42PM
[ Reply | Permalink | Report ]

Lets see how long it is before another piece of ill thought out goverment legislation crashes head long in to the equally ill conceived subscription to the Human Rights Act. In this case article 8 governing the right to privacy in private and family life.

 is a RISC OS Userdruck on 21/5/06 9:07PM
[ Reply | Permalink | Report ]

druck:

The HRA doesn't prohibit intrusion into an indivdual's privacy if a warrant granting permission to do so has been issued by a judge as part of a criminal investigation.

 is a RISC OS UserWill! on 21/5/06 10:16PM
[ Reply | Permalink | Report ]

Best hope Big Brother doesn't screw up his records of who you are, then, and confuse you with a criminal.

 is a RISC OS UserVinceH on 21/5/06 11:47PM
[ Reply | Permalink | Report ]

adamr: The Stealth program is more than just steganography, which is indeed a well-known technique implemented across many platforms. I think what the article is referring to as unique are the arbitrary 'containers' Dr Queen talks about, which can only be detected by supplying the valid decryption key for each one, thus allowing other private 'containers' to remain undiscovered as, without the key, you can't prove they even exist.

In case anyone starts spouting the rubbish about "those with nothing to hide" etc. etc., some people on this platform genuinely do need to use programs like GnuPG and Stealth as a matter of utmost importance, for example I have a friend whose family is based in a country with a repressive government, and they sometimes need to hide their day-to-day communications or risk persecution.

VinceH: it's ok, they'd release you after a few weeks by mistake and forget where they left you ;)

 is a RISC OS Usertamias on 22/5/06 12:06AM
[ Reply | Permalink | Report ]

Even if these laws can be enforced, I doubt the police are going to get far into it, they have enough on their hands already, with very few resources to dedicate to it. Too busy chasing mistakenly released illegal immigrants...

 is a RISC OS Usersascott on 22/5/06 10:17AM
[ Reply | Permalink | Report ]

The Act is in fact the ideal tool to frame the innocent with. The problem is that having any file which can't be explained is sufficient for a hefty prison sentence. They don't have to prove that it does contain encrypted data. I fear having any tools like this on your computer will merely 'prove' your guilt in their eyes - even if they can't find a file which looks immediately suspicious, they could still claim you must have hidden something somewhere, and demand its details. Even if you have a protected file and reveal your innocuous data, they can still calculate the file's theoretical capacity, and claim that there is more. It is not up to them to prove you guilty, it is up to you to prove yourself innocent - and if you have any random junk then that will be impossible.

 is a RISC OS UserLoris on 22/5/06 5:47PM
[ Reply | Permalink | Report ]

Its already happened in the US. Although not the primary evidence in the case, the mere precence of an encryption program was used to show intent and assumed guilt.

[link]

It isn't a case that the authourities wont know which of your files contain stenographically hidden data, but if you have such an encyption program in your possesion, you will have to prove that every single file doesn't or face 2 years in prison.

Another case of New Labour law; guilty until proved innocent.

 is a RISC OS Userdruck on 23/5/06 9:19AM
[ Reply | Permalink | Report ]

Perhaps the encryption tools need to be disguised as something else - they need to perform another primary function, with an undocumented command line switch to allow encryption. Steganography programs could, perhaps, be programs to generate pretty little patterned tiles, unless the -HideMyConfidentialFileFromThePryingEyesOfBigBrotherAndHisEvilMinions switch is used.

Of course, the problem then becomes how does anyone know that's what they do in order to use them? 8-)

 is a RISC OS UserVinceH on 23/5/06 9:49AM
[ Reply | Permalink | Report ]

But you sould always have the source to any encryption program you use, otherwise how do you know it isn't as much use as a chockolate tea pot. There are quite a few expensive closed source products, and for all you know "UltraMegaSecurity 5.0" might just be ROT13ing it. On the other hand it might also be running with the default option of -EmailMyKiddiePornCollectionToTheFBI

 is a RISC OS Userdruck on 23/5/06 10:10AM
[ Reply | Permalink | Report ]

Those of us *without* a kiddy porn collection will not find that default a problem.

 is a RISC OS Userarenaman on 23/5/06 10:17AM
[ Reply | Permalink | Report ]

Unless, of course, the program installs a library of porn as default.

Vince, I think you may be on to something there. You'd need a useful app everybody could install, but with a function which could incidentally be used for undetectable steganographic encryption.

 is a RISC OS UserLoris on 23/5/06 3:08PM
[ Reply | Permalink | Report ]

Files containing stenographically encrypted data are not undectable, the technique has been around for some time, and agencies involved in cryptoanalysis certainly know what to look for, and the resources to crack them. But its an entirely different proposition if you are accused of having such files, and you have to prove that they don't contain hidden data.

The advantage of stenography was that there is plausable deniability for anyone handling the seemingly innoculous files, unless were caught red handed de-crypting them. However this law is so vague and wide reaching, that you can be procescuted for having data in any form which can't be shown to be uncyrpted or rendered in plain text on request. And under RIPA as the fact that you have read this article may be stored for up to 7 years and used against you, you can't even deny that you are aware of techniques such as stenography.

 is a RISC OS Userdruck on 23/5/06 4:10PM
[ Reply | Permalink | Report ]

druck: Which of course relies on you understanding, believing, and remembering everything you read, although such little matters as that are hardly going to make any difference if it comes to court.

 is a RISC OS UserSimonC on 23/5/06 4:45PM
[ Reply | Permalink | Report ]

For a Linux implementation of a filesystem with plausible deniability features, see: [link]

 is a RISC OS Userguestx on 23/5/06 6:08PM
[ Reply | Permalink | Report ]

I thought that the UK, as opposed to US, legislation demanded only that encryption keys be handed over. The possession of encrypted files would not be an offence, only the refusal to decrypt them. Nonetheless, this is hugely prone to problems (I'm just hosting the files for my friend whose hard drive is full...).

We should also remember that many (most) RO users also possess encryption software. An example that's easy to forget is David Pilling's SparkFS that can encrypt as well as compress. And why might that be useful? Suppose one has information of commercial value on a computer (say, the source code of a commercial program) and that computer is used by some else, or used at a computer show, or returned to a dealer for repair/upgrade - would it not be a good idea to encrypt that data if it was impractical to remove it?

Or those photos of your ex- that have sentimental value but that you wouldn't want your current partner to see because they would upset him/her? Now that would be a good one to explain: "They're photos but I don't want you to see them and I don't want to tell you why...". Good law has little choice but to assume innocence until proven otherwise.

 is a RISC OS UserTonyStill on 23/5/06 10:10PM
[ Reply | Permalink | Report ]

TonyStill, that is the problem! The law is essentially guilty until proven innocent. (This is why it isn't a good law.) The file may not even be encrypted - it may be random garbage, such as you might get, say, after a disk recovery. They can pick a file and demand that you decrypt it - if you can't, you are guilty, unless you can prove that it doesn't contain encrypted data. Good luck with that.

Regarding 'undetectability' - OK, some may be detectable. If you have two pictures, one with and one without your message, that is a giveaway, for example. If you've ever edited a JPEG in some non-obvious manner they might pick this up as a false-positive. IIRC a Register article described an analysis which suggested that 25% of pictures on the internet may contain steganographic data. Doesn't reassure me.

 is a RISC OS UserLoris on 2/6/06 7:25PM
[ Reply | Permalink | Report ]

Please login before posting a comment. Use the form on the right to do so or create a free account.

Search the archives

Today's featured article

  • Running RISC OS Programs on Linux
    Peter Naulls contemplates the possibilities
     17 comments, latest by drjones69 on 6/6/05 11:17AM. Published: 31 Mar 2005

  • Random article

  • KinoAmp 0.26: Behind the scenes
    Author Peter Everett and his MPEG video app [Updated 15:00 3/4/2003] Cineroma progress
     4 comments, latest by Spriteman on 4/4/03 9:38AM. Published: 3 Apr 2003

  • Useful links

    News and media:
    IconbarMyRISCOSArcSiteRISCOScodeANSC.S.A.AnnounceArchiveQercusRiscWorldDrag'n'DropGAG-News

    Top developers:
    RISCOS LtdRISC OS OpenMW SoftwareR-CompAdvantage SixVirtualAcorn

    Dealers:
    CJE MicrosAPDLCastlea4X-AmpleLiquid SiliconWebmonster

    Usergroups:
    WROCCRONENKACCIRUGSASAUGROUGOLRONWUGMUGWAUGGAGRISCOS.be

    Useful:
    RISCOS.org.ukRISCOS.orgRISCOS.infoFilebaseChris Why's Acorn/RISC OS collectionNetSurf

    Non-RISC OS:
    The RegisterThe InquirerApple InsiderBBC NewsSky NewsGoogle Newsxkcddiodesign


    © 1999-2009 The Drobe Team. Some rights reserved, click here for more information
    Powered by MiniDrobeCMS, based on J4U | Statistics
    "Unless and until you are willing to produce the evidence to back up your assertions, please cease and desist making these allegations"
    Page generated in 0.1543 seconds.