UK Government Wants a Backdoor Into Windows 598
REBloomfield writes "The BBC is reporting that the British Government is working with Microsoft in order to gain backdoor access to hard drives encrypted by the forthcoming Windows Vista file system. Professor Anderson, professor of security engineering at Cambridge University, urged the Government to contact Microsoft over fears that evidence could be lost by suspects claiming to have forgotten their encryption key."
China & PGP (Score:5, Informative)
Oh, and there are a few people who also consider encryption a matter of freedom of speech [wikipedia.org].
Funny the U.S. government targets Phil Zimmermann [philzimmermann.com] for three years but hardly raises so much as an eye when an encryption enabled OS is distributed. From Mr. Zimmermann's homepage: I think that his "criminal activity" was creating an encryption tool that allowed messages to be encrypted beyond what the United States government was capable of deciphering in a timely manner. Does anyone know if this is still enforced? Does anyone know what the max key length is now if it is? I think it was something like 128 bits (that the government could crack) around the time of PGP.
Truecrypt (Score:5, Informative)
We have alternatives.
http://www.truecrypt.org/ [truecrypt.org]
What's the point when you have RIP? (Score:5, Informative)
The government has the RIP Act [wikipedia.org] (Regulation of Investigatory Powers Act 2000) which allows them to detain you, with a press gagging order if you refuse to hand over the encryption key they need to decrypt your data. If you refuse or claim you have forgotton and they don't believe you, then it's two years in gaol for you sonny jim.
They only really got this into law because most people don't understand it. Oh and don't forget that since this government came to power the amount of time they can hold you, uncharged, under the terrorism act has gone from 7 to 28 days... and the police want 90! Yes ninety days, 3 months, 2160 hours!
"Forgetting" your key is an offense (Score:3, Informative)
Re:China & PGP (Score:3, Informative)
Where will it end? (Score:4, Informative)
I recall some years ago, someone found supposedly secret NSA backdoor keys buried in Windows98. I don't recall if it was actually proven, but I would not be surprised if the NSA already has backdoor keys in 98/ME/XP and now Vista. Now the British Government wants their turn. Where will it end? Once MS bows to the British, surely other governments will also demand backdoor keys. Who decides which of those governments get it?
Sooner or later, other organisations (like the RIAA and the MPAA) will also want their keys too (if they don't already have them thanks to their DRM chips). Where will MS draw the line? I highly doubt MS would be very open about how many different governments or other organisations really have backdoor keys.
It is easy for us to say that we'll never use it, or that there are other options out there, but I'm more worried for less computer savvy members of the public who think they are buying a secure system. I know most of those users will never use encryption, but this will set another precident that will further erode all of our rights.
Re:China & PGP (Score:5, Informative)
Not anymore, they have at last relaxed their restrictions, but they still did for a while - remember Debian nonus mirrors? The weak SSL in versions of IE4 shipped outside the US? OpenSSH having to be developed in Europe? The fact that you still have to download a separate file to get unlimited strength crypto in Java? And officially speaking you still have to notify the US government you're distributing strong encryption.
I think that his "criminal activity" was creating an encryption tool that allowed messages to be encrypted beyond what the United States government was capable of deciphering in a timely manner.
He was charged with exporting the munition - the problem wasn't so much that he'd created said encryption tool as that he'd put it on an ftp where $NASTY_REGIME could get it.
Does anyone know if this is still enforced?
As I said, officially speaking you have to notify the US government if you are exporting strong crypto from the US, and I think you're not allowed to directly export to anyone on their list of bad guys. In practice I don't think they care any more, crypto is so widely available.
Does anyone know what the max key length is now if it is? I think it was something like 128 bits (that the government could crack) around the time of PGP.
You weren't allowed to export more than 40, and AFAIK that hasn't changed.
Re: Anybody know of a system that works like that? (Score:3, Informative)
Marutukku [wikipedia.org], pronounced rubberhose. [wiretapped.net]. (or is it rubberhose, pronounced maru tukku? I forget...)
Any politically active programmers out there want to take a crack at maintaining it?
Re:Why? (Score:3, Informative)
Nothing, but in the UK it is an offence to refuse to pass encryption keys to the Police if you are requested to do so.
This TCP idea doesn't give users access to the keys, so it falls outside of the Regulation of Investigatory Powers Act - hence the supposed need for a backdoor into the encryption system.
Now we just have to wait for the media companies, that lobbied for TCP in the first place, to demand access to the back door so that they can check machines for illegal movies.
Re:Why? (Score:3, Informative)
Even if the password is recoverable they will still have to go through a considerably more complex forensic exercise.
I am saying if, because TPM can allow any OS (be it Vista, be it Linux with TPM) to lock down access to any data (and even booting) based on a combination of machine keys and credentials. I can bet that this will be used massively in corporate rollouts to prevent data theft and unauthorised access.
Many of these features are available even now. What scares the police is not the encryption, it is the fact that it all can be locked up and encrypted without user concent on the average machine of John Smith. Automagically...
Re:Interesting Points (Score:3, Informative)
Read about it here: http://www.openbsd.org/crypto.html [openbsd.org]
From the link:
"The cryptographic software components which we use currently were written in Argentina, Australia, Canada, Germany, Greece, Norway, and Sweden."
"When we create OpenBSD releases or snapshots we build our release binaries in free countries to assure that the sources and binaries we provide to users are free of tainting."
And a summary of Canada's export controls on cryptographic software here: http://www.efc.ca/pages/doc/crypto-export.html [www.efc.ca]
I don't trust the MS Encryption anyways (Score:3, Informative)
Re:China & PGP (Score:3, Informative)
Re:Private Disk (Score:3, Informative)
It sounds like you haven't done that much research on Truecrypt. It uses industry standard algorithms like Blowfish, Twofish and AES.
For relying that a piece of software does what it says, you have to rely on Peer review.
I understand what your saying and how for business use you want to have some certified but if you do your homework you may find that your're able to place just as much trust if not more in OSS project than you can with closed source commercial projects.
ANyway that's my 2 cents.
Re:Plausible deniability ... nice! not really! (Score:3, Informative)
The algorithm does in fact provide plausible deniability.
Only irreversible hash of password is stored (Score:1, Informative)
Lotus Notes was 'compromised' thus long ago (Score:3, Informative)
Re:China & PGP (Score:3, Informative)
This information can be found from the Bureau of Export Administration's regulations [gpo.gov], in particular, the Commerce Control List (CCL), 15 C.F.R. 774 [gpo.gov]. The alphabetical index lists "encryption software" as deisgnation "5D002", and the numerical index places 5D002 under "Information Security - Software". A hop over to that section [gpo.gov] says the following:
Re:Private Disk (Score:1, Informative)
Yes. In closed source software, test vectors are useless. But in open source, test vectors provide results that can be fully trusted.
> I understand the idea, but then, if we follow the same logic - how is open source security real security when it relies on methods chosen by the government?
AES was selected in an open process. Rijndael (the algorithm chosen as the AES) was designed by Europeans. Moreover, TrueCrypt does not use only government-chosen ciphers. It also offers Blowfish, Serpent, and Twofish.
Re:Backdoor code (Score:3, Informative)
"fee fie foe foo" gets your money back from the troll.
Re:Private Disk (Score:3, Informative)
Let's try this one more time, closer to how it actually works:
Lots of people come up with crypto ideas - DES in the US, Rijendael in the EU, GOST in Russia. If this a conspiracy, it's a pretty damn wide one. These are published standards, with reference implementations, test vectors and the works. Crypto analyzers from all over the world are whacking away at them, and if you can find a way to crack them you're doing something what most of the worlds most brilliant theoretical mathematicians can't.
The only software which doesn't use open, well-tested algorithms are what we call "snake-oil". From a reference implementation, You don't need to do more than wrap some simple data passing operations around it - I've made such programs myself. So what could in theory happen?
1. Someone could include a backdoor - this is much more likely to happen on a closed source system
2. You manage to subtly break the algorithm during optimization so it'll pass the test vectors, but possibly spill plaintext data in other cases. The chances of these are slim and none, since changing one bit anywhere in any round should lead to a completely different output - ciphertext is supposed to be pseudorandom. Even in the event you did manage to break it, all you probably did was to produce garbled output that can't be decrypted. Important if you care about availability - not much of a security risk.
3. Your program spills data - for example writes the decryption key to swap or a temp file or some other unsafe practise which lets an attacker do an end-run around the entire brute forcing problem. If you are really paranoid, this may be a reason to get a certified program - but most likely not. I doubt they check that much what you do "outside" the algorithm. You'd be much better of to do your own analysis of the key-passing code - which is pretty much the only one you need to worry about.
Re:Private Disk (Score:2, Informative)