

UK law says provide key to encrypted data or go to jail - bougiefever
http://www.itworld.com/security/285992/uk-law-says-provide-key-encrypted-data-or-go-jail

======
wfn
In light of this, here's a fun paper/idea (+implementation) to consider:

"Neuroscience Meets Cryptography: Designing Crypto Primitives Secure Against
Rubber Hose Attacks"

[https://crypto.stanford.edu/~dabo/pubs/abstracts/rubberhose....](https://crypto.stanford.edu/~dabo/pubs/abstracts/rubberhose.html)
(summary; full paper (PDF):
[http://bojinov.org/professional/usenixsec2012-rubberhose.pdf](http://bojinov.org/professional/usenixsec2012-rubberhose.pdf))

Abstract:

"Cryptographic systems often rely on the secrecy of cryptographic keys given
to users. Many schemes, however, cannot resist coercion attacks where the user
is forcibly asked by an attacker to reveal the key. These attacks, known as
rubber hose cryptanalysis, are often the easiest way to defeat cryptography.
We present a defense against coercion attacks using the concept of implicit
learning from cognitive psychology. Implicit learning refers to learning of
patterns without any conscious knowledge of the learned pattern. We use a
carefully crafted computer game to plant a secret password in the
participant's brain without the participant having any conscious knowledge of
the trained password. While the planted secret can be used for authentication,
the participant cannot be coerced into revealing it since he or she has no
conscious knowledge of it. We performed a number of user studies using
Amazon's Mechanical Turk to verify that participants can successfully re-
authenticate over time and that they are unable to reconstruct or even
recognize short fragments of the planted secret."

The scheme/system is bound to be imperfect; but it is a nice angle of
approach, so to speak, and hopefully we'll have more stuff of this kind in the
near future.

 _edit_ / P.S.: from the paper / intro section:

    
    
        Readers who want to play with the system can check out the training game at brainauth.com/testdrive

~~~
jwr
It is interesting, but has little to do with the original article, as the
police will kindly ask the accused to authenticate, instead of asking for the
key.

~~~
wfn
You are right, when you look at it like that, my comment was a bit of a
hijack. The threat model in question assumes that the attackers know that the
person in question has a way to auth / is part of an encrypted / limited
access system, which is a very sensible assumption (and is included in the
police/accused scenario in any case.)

I was probably thinking something along the lines of, [this proposed system] +
a way for the user to discretely convey to the auth/security system the info
that they are being coerced, and the system authenticating them to a bogus
user account / set of sensitive data. But this would be cumbersome and very
difficult to implement given the design in question, probably.

It would have probably been more relevant to mention encryption systems with
plausible deniability - e.g. TrueCrypt's hidden volumes [1] and Rubberhose FS
[2].

[1]:
[http://www.truecrypt.org/hiddenvolume](http://www.truecrypt.org/hiddenvolume)

[2]:
[http://en.wikipedia.org/wiki/Rubberhose_%28file_system%29](http://en.wikipedia.org/wiki/Rubberhose_%28file_system%29)

------
jumblesale

      July 13, 2012
    

A few of us kicked and shouted about this when this was proposed. If you'd
like an example of how this is being abused, El Reg has a good article from
2009:
[http://www.theregister.co.uk/2009/11/24/ripa_jfl/](http://www.theregister.co.uk/2009/11/24/ripa_jfl/)

~~~
mseebach
The case is absolutely awful, but he was jailed for _refusing_ to hand over
the key, which is (according to the article) exactly what he did. The article
is very kind to the suspect here, and nowhere does it even suggest that he had
lost the key or otherwise wasn't able to decrypt the files.

~~~
cmircea
Since when is refusing to incriminate oneself punishable with jail time? Last
time I checked it wasn't.

Refusing to provide encryption keys is the same thing. There might be illegal
data, there might not be. It's the duty of the police to prove it, not the
accused.

Innocent until proven guilty? Not in the UK.

~~~
rayiner
This is the UK not the US. They don't have a 5th amendment.

In the US courts are split on the issue. Some say giving an encryption key is
testifying, an act of the mind, and you can't force someone to testify against
themselves under the 5th. Others say its like handing over a regular key,
which you can be forced to do, because the 5th covers testimony, not
everything incriminating. It was intended to prevent forced confessions.

Once you're in front of a court you don't get to keep secrets, with the
exception of some narrow protections. This has always been the case in the
Anglo-American system.

~~~
IsThisObvious
The debate is partly this: forcing you to produce an encryption key /also/
testifies that the drive belongs to you (or you had access to it).

You are not necessarily obligated to testify to that fact for the police, and
unless they can demonstrate that the drive belonged to you (or you had access)
through some other means, the production of an encryption key is tantamount to
forcing that confession.

It's much like if there were a lock on a gun they found on the street: if they
can't link the gun to you already, they can't demand you turn over the
combination for the lock, because knowing such a combination would be a tacit
admission to knowing about the gun.

------
tommorris
It gets more interesting than that though. Under the Regulation of
Investigatory Powers Act, if you decide to comply and hand over your
encryption keys, or to, say, decrypt an email, you are legally obliged to not
tell anyone that you have done so.

But there is nothing in the law stopping you from saying up front "the only
reason I would revoke my encryption key without explanation is if I'm legally
obliged to by the cops under the Regulation of Investigatory Powers Act". And
when you do so, anyone with a brain can draw the relevant inference...

------
kintamanimatt
It's tempting to think of this as UK-specific issue, but countries like the UK
serve as role models.

It might be prudent to start campaigning against the most egregious provisions
of RIPA.

------
outworlder
This is... interesting.

Considering how close UK and US are, it could go like this: raise public
awareness about PRISM and the like, prompting people to encrypt their stuff.
Now, imprison everyone who has encrypted files.

It's like adding a fluorescent agent in a medium to highlight bacteria.

~~~
zalew
You don't imprison everyone, you imprison a few unlucky citizens and the rest
is shitting their pants "it could be me". Fighting a population would
escalate, targeting single individuals spreads fear as they are just a few
people whose case can be manipulated so the public opinion is divided. A
difference between how regimes and 'democratic' countries operate.

~~~
cLeEOGPw
Exactly. Regimes use direct oppression, while democracies use terrorism
against people.

------
CmdrKrool
> Regulation of Investigatory Powers Act 2000

Incidentally this is the same law that is also being used to legally justify
GCHQ's Tempora operation (the UK's PRISM), according to this Guardian
article[1] and discussed on HN previously.

[1] [http://www.guardian.co.uk/uk/2013/jun/21/gchq-cables-
secret-...](http://www.guardian.co.uk/uk/2013/jun/21/gchq-cables-secret-world-
communications-nsa)

------
hahainternet
I think it's quite frustrating that apparently nobody in this comment thread
bothered to read the relevant laws.

It is a sufficient defence in law to state that you do not have access to the
key file. The only requirements being that you can show some backing and that
the prosecution cannot prove beyond a reasonable doubt that you do have access
to it.

~~~
darkarmani
> It is a sufficient defence in law to state that you do not have access to
> the key file. The only requirements being that you can show some backing and
> that the prosecution cannot prove beyond a reasonable doubt that you do have
> access to it.

How do you prove you don't have access to a key to data that isn't actually
encrypted? Do you need to keep sets of fake keys for sensor data that you
lose, so you have a defense?

~~~
hahainternet
If the data isn't actually encrypted or it is otherwise not protected
information then you wouldn't need to provide a specific defence.

~~~
marcosdumay
Sensor data is indistinguishible from encrypted data. How can some law aplly
to one and not be used to the other?

~~~
hahainternet
Probable cause. If there's no evidence of any kind that the data is actually
encrypted data vs random sensor data then there is no way for this law to be
invoked.

~~~
baxter001
Specifically there has to be evidence that the data had a prior 'intelligible
form' before encryption, in the case of a file of white noise there can be no
such evidence.

------
Raphmedia
Out of the 100+ files and archives I have encrypted, I remember the passwords
of about 25 of them.

I would so go to jail.

~~~
shabble
likewise. There's quite a lot of valuable data I have encrypted in various
blobs that I'd love to get back, but have totally forgotten the passphrase. I
keep them around because I hope that one day I'll have an epiphany (or
bruteforcing/JtR becomes practical)

Bit of a liability though, if I ever come under suspicion of anything. I just
can't bear to nuke them though.

------
jschneiderhan
Would the plausible deniability that comes with using a technique like
TrueCrypt's hidden volumes help in a situation like?

~~~
drostie
It might, but to be perfectly honest most people don't keep partitions of
random-looking data, or large files containing what looks like it. Your
plausible deniability would be of the form, "I was getting ready to make a
hidden volume there, filled it with random bits etc., but I never got around
to actually making it."

I'm not actually sure that TrueCrypt lets you separate these two aspects of
creating a hidden drive, but Linux's tools do. With LVM (to create volumes in
volumes) you could create a partition which exists within an encrypted
partition, so that it's full with random data to begin with -- but then you
could plausibly have forgotten to do anything with it after your computer was
up and running.

Large random-looking files are a bit different; if someone were to ask "what's
this 10 gig file of random data doing on your hard drive?" it would seem hard
to answer them. The only thing that I know people use that much random data
for is testing an RNG for its statistical properties.

~~~
Tomdarkness
A normal (i.e non hidden) TrueCrypt volume is also by default filled with
random data. With a hidden volume you first create the normal volume, which as
part of that fills the file with random data, then create the hidden volume
inside the normal volume.

One password decrypts the normal volume and another decrypts the hidden
volume. However, with just the normal volume password you can't determine the
existence of the hidden volume (as long as you take some precautions to
prevent leaking of information about the hidden volume)

~~~
drostie
Ah, yes! Sorry, I'd forgotten that those existed as well.

I never really saw a deep potential for those -- the problem being that you
cannot open the outer drive for _writing_ without providing the password which
enables the inner drive's _reading_ , which means that you're constantly
leaking that information whenever you're using the outer drive (which ideally
would be relatively frequent, so as to justify that it's not masking a hidden
drive. So I'd just totally forgotten that TrueCrypt could do that. My mistake.

~~~
weavejester
Huh? Why do you think that? The normal encrypted partition can be used
independently of the hidden partition. You just need to be careful to ensure
that the free space of the outer partition is enough to contain the hidden,
inner partition.

------
malandrew
Why not just keep all your encrypted files stored on a server that is not in
the UK jurisdiction? Just SSH in to access your files.

------
rorrr2
It's an awesome weapon. Plant an encrypted file on somebody's computer, report
to the police you saw that person was viewing child porn.

~~~
watty
If you're going to do several illegal things to get someone in trouble you
might as well just place child porn on their computer...

~~~
flyinRyan
There are many ways you could legally put an encrypted file on someone else's
computer. But if you use actual KP then you're putting yourself at unnecessary
risk. Better to have something innocent so if you get caught before you finish
your sabotage you can use the key to decrypt the data and show it was
innocent.

------
burgerz
here's what you could do. put an encrypted volume onto somebody's computer.
call the cops, tell them he's got child porn on it. they seize his computer,
he doesn't know the password.

what is the even the fucking point in having a password if the state can just
ask you for it?

~~~
superuser2
There is never under any circumstances in any modern country a situation where
you are allowed to "win" a fight against Constitutional and democratically
created laws. Asking "what is the point in having a password if the state can
just ask you for it" is like asking "what is the point in having a gun if the
state can punish me for killing people with it at will?"

Encryption is there to protect against thieves, hackers, and other unlawful
surveillance. Using encryption isn't ever going to make you impervious to the
legal discovery process.

~~~
burgerz
>"what is the point in having a password if the state can just ask you for it"
is like asking "what is the point in having a gun if the state can punish me
for killing people with it at will?"

no it's not, bad analogy. in the US the state can't put you in jail for not
giving a password (remaining silent).

