
Canada's Quiet Weakening of Communications Encryption - fraqed
https://citizenlab.org/2015/08/canadas-quiet-history-of-weakening-communications-encryption/
======
tptacek
_As a result, DUAL EC DRBG has been incorporated into a range of products,
including those from security company RSA, in operating systems such as
Microsoft Windows,and in a version of OpenSSL (a tool commonly used to
facilitate website encryption). The integration of the standard with operating
systems was significant because, by changing the default method by which the
operating system encrypted communications traffic, an intelligence agency
could decrypt data now encrypted using DUAL EC DRBG._

Dual_EC was never the default in Microsoft Windows, and you'd have to put
effort into building a version of OpenSSL that used it. The article is
overstating its case here.

Dual_EC was famously the default for some versions of RSA BSAFE, and RSA BSAFE
seems to have acknowledged accepting money from the USG to set that default.
But BSAFE's licensors used it primarily to mollify RSA's patents, which
expired over a decade ago. Lots of vendors that license BSAFE don't use it for
anything meaningful. OpenSSL is much, much more popular in closed-source
enterprise tools than BSAFE is.

~~~
kevin_nisbet
I believe it also overstates or miss-represents the way the wireless
telecommunications networks operate.

While I'm honestly not familiar with the SGES or all the rules the article is
alluding to about decryption, I think this article also miss-represents the
way wireless telecommunications networks work. The encryption used by networks
such as UMTS and LTE are international standards specified by the 3GPP, and to
my limited knowledge do not draw on DUAL EC DRBG in any way. However, my
experience in this portion of the encryption is extremely limited.

Anyways, the encryption used by UMTS and LTE networks as specified by the
3GPP, are international standards, and are used to authenticate users SIM
cards, and to protect the air interface for integrity and confidentiality. As
such, the telephone communications should be difficult to intercept on the
radio interface only, but when it enters the network the need for encryption
is no longer needed.

To maybe draw a parallel to a web service, many load balancers offer SSL
termination. SSL between the browser and the web server, is important to
protect the connection between the client and any intermediate networks.
However, once it get's to the load balancer, many services will just pass the
traffic internally without encryption. Many systems like connections to a
database will may also not be encrypted. Once you're within your own network,
you don't keep everything encrypted at every step. The cellular network can be
thought of in a similar way, the encryption is used to bring the service into
the network in locations where it can be intercepted from outside the network.

Now if you think of something like say Internet traffic, for you to visit
hacker news. You phone or tablet, will activate a cellular connection, and
will send packets to the cellular network. The radio connection will be
encrypted, but it will be decrypted by the network, because Hacker News
doesn't know or understand the cellular encryption protocols, there are no
end-to-end guarantee's provided. Also, the cellular network will eventually
turn into an IP network, and the IP routing headers will be needed for regular
Internet routing. When it leaves the cellular network, it will just be IP
traffic like any other Internet traffic. What you are protected from, is that
someone following you around with a special radio, can't listen in on your
conversations, messages, etc __.

In the case of Hacker News though, SSL is used, so that regular Internet
traffic is also encrypted at a layer above TCP/IP, and the contents will be
unknown.

Anyways, I hope that made sense. The article may have a lot of merit about
what's going on, but in my experience it miss-represents how the mobile
network operates.

 __To be fair, and what may be relevant, is the 3GPP did cripple cellular
encryption technologies at one point, for use in countries with export
restrictions if I remember correctly. __Also, at least the older encryption
algorithms have known flaws. And there are also documentation of other flaws,
such as being able to trick certain phones into using null encryption for
example and then intercepting the radio traffic. Or getting the UE to trust a
network that it shouldn 't be able to.

Now for the mandatory disclaimer, the information provided are my own views,
and in no way represent my employer. I do work in the wireless
telecommunications sector in Canada, and all the information I provided is
available to the public if you know where to look.

------
somberi
A side read, but somewhat related. By NY times "The closing of the Canadian
Mind".

[http://www.nytimes.com/2015/08/16/opinion/sunday/the-
closing...](http://www.nytimes.com/2015/08/16/opinion/sunday/the-closing-of-
the-canadian-mind.html?_r=0)

~~~
samBergeron
This was a great read. As a Canadian, I get the feeling that (most) people get
Harper is bad news, but don't quite get all the details. I'll be sharing this
one.

------
white-flame
This article doesn't mention warrants at all. Are those even a consideration
of these laws?

Can a Canadian government agency simply say "Gimme this info" to Canadian
businesses with no oversight or accountability?

Also, the C-13 provisions regarding a crime under foreign law reeks of US
involvement. However, it's also a restriction on Canadian sovereignty, making
the nation beholden to any crazy law anywhere in the world. (or simply
broadening the ability for selective enforcement to pull in any reason they
can think up)

------
decasteve
Speaking of weakening wireless communication, what ever happened to the
Gemalto sim card revelations? This was big news 6 months ago then it just
disappeared.

As far as I know, no recall ever happened. So we are all still using the
compromised sim cards?

~~~
throwaway7767
> Speaking of weakening wireless communication, what ever happened to the
> Gemalto sim card revelations? This was big news 6 months ago then it just
> disappeared. > As far as I know, no recall ever happened. So we are all
> still using the compromised sim cards?

A local company was specifically named in leaked documents about the gemalto
SIM compromise. When contacted by the news media, they asked Gemalto about it
and were told an internal investigation had not revealed any evidence of
breach. They proceeded to do nothing, and all those SIM cards are still in
circulation.

I can't speak for what other carriers did, but certainly some of them are
still out there, and I would hazard a guess that it would be most of them.

------
supergetting
If it were the case that the telecom company is providing the government
decrypted information, wouldn't they be giving the government an already-
encrypted information if I were to use a VPN app like expressVPN on my
smartphone?

------
doctorshady
So I'm not familiar with Canadian law. Does royal assent mean it passed?

~~~
Spooky23
Yes.

The queen of the UK has a nominal right to veto led passed by parliaments. The
Governor General of Canada provides that assent in Canada.

~~~
steve19
The Queen of _Canada_ must provide royal assent for legislation to pass.

The Governor General of Canada is her appointed representative who acts on her
behalf.

The Queen of Canada also happens to be the Queen of the United Kingdom.

Canada could, if they wanted to, pass a new Succession to the Throne Act which
could change who inherits the crown.

If Canadian laws surrounding the order of succession were different to the UK,
the monarchs of the two countries could diverge. Canada's Canada Act 1982
prevents the UK parliament legislating for Canada, which since then means if
the UK changes succession to the throne laws, Canada has to mirror it in their
legislation, or they will potentially have different monarch. Canada had to do
this a couple of years back when the UK changed the how the crown was
inherited (made the oldest child of the monarch inherit it, regardless of sex
... I think)

~~~
Spooky23
Thanks for the clarification! This stuff has always been confusing to me :)

