Why Mr. Reid might be a terrorist—why you can’t “encounter” what you can’t see—why human intelligence is an optional extra for government
On Good Excuses
With regard to RIPA Part III the government is being either naïve or disingenuous. The legislation will not work as intended for the simple reason that it is predicated on two assumptions, neither of which is valid.
The first is that it assumes that “criminals and terrorists” cannot produce a good excuse as to why they have in their possession encrypted material for which they do not possess the decryption key. For example, what if following the introduction of RIPA Part III we were to encrypt this blog entry using standard PGP encryption, email it to the home address of one Mr. Reid, and then tip-off the anti-terrorist squad that Mr. Reid was a terrorist operative (not an unreasonable assumption given the subversive answers that the same Mr. Reid invariably gives to Radio 4 listeners!) Mr. Reid would doubtless delete our spam email, but it would still be physically present on his computer disk, and accessible by means other than his email program. Should the anti-terrorist squad follow up on this “reliable source”, a basic forensic scan of Mr. Reid’s disk would reveal the telltale PGP headers, indicating that Mr. Reid was indeed in possession of encrypted material. And he would be unable to make the plaintext available. The question is would Her Majesty, and the rest of us, then have the pleasure of seeing Mr. Reid do time with, say, some psychotic, chair-leg wielding, and racially prejudiced cell-mate for two years?
While such a prospect would doubtless bring pleasure to many, it would not be fair, for Mr. Reid, miserable sinner though he may be, is not responsible for the emails people send him, and we could hardly expect a government minister to be possessed of the “intelligence”—be it intra- or extra-cranial—to locate and securely delete emails that his email program already tell him have been deleted. Assuming that Mr. Reid cares to extend a similar courtesy to the population at large, then what is there to prevent the “criminals and terrorists” from using the email storage area as a safe repository for encrypted material? Or, what if Mr. Reid regularly downloads some newsgroup, say “How to smile, and smile, and be a villain.” If some of the posts are encrypted, are we to oblige Mr. Reid to decrypt them? And if not, then might not “criminals and terrorists” avail themselves of this facility.
In short, with the increased use of encryption there are simply too many sources from which the guilty and the innocent may wittingly and unwittingly download encrypted material to their computers.
On “now you see it, now you don’t”
The second assumption is this: “Even though we may not have the keys needed to derive the plaintext from the encrypted material, we will always be able to detect the presence of the encrypted material.”
Paragraph seven of the government’s summary begins with the following sentence, “Over the last two to three years, investigators have begun encountering encrypted and protected data with increasing frequency.” Ay, there's the rub, investigators have begun “encountering” encrypted data. Part III of the Act rests on the singularly risible assumption that “criminals and terrorists” will continue to allow investigators to “encounter” encrypted material.
But this will not be the case. Software programs that are easy to use, that are available on the Internet for free, and that have already been downloaded by millions of people make it possible for data to be encrypted in such a manner that it is undetectable by the analytical techniques available to forensic science. People who use such software will never be caught by the proposed legislation should it be implemented.
Software of this type provides an “aleatory defence” by making encrypted material indistinguishable from random and pseudo-random data. For example, a USB memory stick containing this type of encrypted file system looks exactly like a USB memory stick that has been securely erased. For example, hidden volume filesystems make it impossible to detect whether a hidden volume is, or is not, present in any particular instance, so that investigators can only demand the encryption key to the outer volume.
In the absence of RIPA Part III “criminals and terrorists” have been content to use methods of encryption that shout out loud and clear “encrypted material—come and get it” by the presence of characteristic headers—as is the case with PGP. With RIPA Part III in place these same “criminals and terrorists” will simply move over to non-disclosing software, whose encrypted output investigators will never “encounter”. For more information on non-disclosing software see our blog entry at "No Keys" Campaign.
In summary, short of banning the use of personal computers there are no technical methods available to law enforcement authorities to prevent material from being encrypted in such a manner that it either cannot be discovered or the owner can plausibly deny knowledge of the means to decrypt it.
On Human Intelligence
There is, however, a reliable and well-proven method of tackling the “criminals and terrorists” should the government ever be minded to use it. It’s not glamorous, and it doesn’t lend itself so easily to mendacious “spinnery”. It’s called “human intelligence”. Neither the security services nor the government possess it at present. In the case of the former the deficit might be remedied by additional financial resources; in the case of the latter, we are sad to say that the only word that comes to mind is “irredeemable”.