UK Court Rejects Encryption Key Disclosure Defense 708
truthsearch writes "Defendants can't deny police an encryption key because of fears the data it unlocks will incriminate them, a British appeals court has ruled. The case marked an interesting challenge to the UK's Regulation of Investigatory Powers Act (RIPA), which in part compels someone served under the act to divulge an encryption key used to scramble data on a PC's hard drive. The appeals court heard a case in which two suspects refused to give up encryption keys, arguing that disclosure was incompatible with the privilege against self incrimination. In its ruling, the appeals court said an encryption key is no different than a physical key and exists separately from a person's will."
Re:Huh? (Score:5, Informative)
I wonder if it's illegal now to just forget. "I'd love to help you officer, but I guess I just forgot it!"
IIRC, that's been the case since the RIPA was first proposed. If the police come knocking and say "Give us the key", the burden of proof is on you to be able to show that you can't. (How on Earth you're meant to prove that you can't give them something like that is your problem).
Failure to give them the key can lead to 3 years in prison. There was also talk of a proposal whereby if you discuss the order to hand over the key with anyone, you can get 5 years in prison.
(All of this is based on several-year-old memories from articles in The Register, YMMV, IANAL, OMGWTFBBQ).
Re:So anyone want to do this.... (Score:3, Informative)
Re:I wish the US Supreme Court was that smart. (Score:3, Informative)
I hadn't noticed this in the artical when I made the last post but
"The woman, who claims to have not used encryption"
Bio scanning a US import (Score:5, Informative)
I read a while back about mandatory biometric scanning of tourists
I'm really hoping you aren't a US citizen as getting into the US now requires the scanning of all your fingers and of course the answering of the 7 stupidest questions in the history of questioning.
The bio-scanning stuff is a pain in the arse, but its unfortunately not a UK invention, it started in the US for "Security" reasons. You also now have to have a printed out copy of your itinerary (like that would be hard to fake) as an electronic copy on a PDA or laptop just isn't good enough.
Re:So anyone want to do this.... (Score:4, Informative)
Re:So anyone want to do this.... (Score:4, Informative)
Yes and no. :-)
The "duress" key cannot possibly guarantee to erase the encrypted data - after all someone can make a copy of the encrypted data before entering the duress key.
However, OTP has a "duress" key (actually it has many). The real key decrypts the data to whatever you stored. But the duress key decrypts the same data to war and peace (or whatever you think appropriate). The duress key has to be regenerated every time the real data is changed.
One problem is that the two keys are each as large as the original data. So the fundamental problem becomes keeping the two keys secure and being able to supply the duress key without revealing the real key.
If you managed it sufficiently well, OTP is unconditionally secure in this way. Truecrypt attempts to do the same without the key management problem. As a result it's usable but there are possibly hints that will show that there is another key.
There are some other possible defenses - for example consider a disk encrypted with a key. If you shut down the computer correctly, the key is written to the disk (or a usb stick etc) before shutdown. If the computer is shutdown inappropriately then the key is lost. When the computer starts up again it reads the key but then generates a new one and proceeds to reencrypt the entire disk with the new key.
Of course, you're a bit screwed if the power fails.
I've actually considered trying to implement something like this using fr1 and network block devices to have a RAID1 setup on two computers. That way you're protected if one computer crashes for any reason. Put them on a UPS and you can decide whether you want to auto-shutdown when the battery gets low or whether you will require a special action otherwise the data is lost.
AIUI, in the UK when the police do a raid they're allowed to move the mouse to wake up the screen in case there's anything on it but after that the first thing they do is pull the power. So a UPS solution would be ok.
It's all a rather academic interest for me. I do have a small encrypted partition where I keep a record of usernames/passwords/secret information etc including banking information. I have a cron job that unmounts the encrypted partition every hour, so I don't forget and leave it mounted. But while it would be an enormous pain for me to have to disclose the key it's not something I need plausible deniability of knowing the key. (The partition is only 10Mb - initially at least I might try to withhold the key by arguing that whatever they were looking for could not possibly be just 10Mb but I'd not go to jail over it)
More concerning is that I've played with gpg, encrypted partitions etc and I've got stuff scattered around that is encrypted that I've no idea what the key is or was. Mostly I try and delete experiments like that but I do a nightly backup and I can go back several years so some of these experiments will be on backups somewhere. Unless the key is something like test, test1234, hello, fred then I'm never going to be able to decrypt it. (Of course, the emails I've encrypted have always just had the text "test", "test1234" etc so they're going to be a big disappointment to whoever manages to decrypt them :-)
Tim.
Re:Disclosing a key is disclosing knowledge (Score:2, Informative)
I just downloaded truecrypt-6.0a-opensuse-x64.tar.gz without problems to my PC sitting within 500 metres of St Paul's cathedral. A file failing to download is hardly unknown. A conspiracy theory should be the explanation of last resort, not the first.
Re:I wish the US Supreme Court was that smart. (Score:1, Informative)
Britain has got a 'Bill of Rights':
it's called the 'Bill of Rights' and is the first to have had that name - predating the US Bill of Rights by a hundred years.
The problem is not that we don't have a bill of right but that successive governments have passed laws that have slowly eroded it.
Re:I wish the US Supreme Court was that smart. (Score:5, Informative)
Them claiming that hey dont need it is exactally why it becomes nothing and the court can step all over it like in this instance.
Where are these British people who claim they don't need a Bill of Rights?
In my experience, British people fall into one of three camps:
I have never heard a British person claim they don't need a Bill of Rights. I lived in Britain for 37 years.
One of the things that upholds the US constitution is its terseness, saneness, and closeness to the chartering of the national government itsself, although certainly its constant defence is the most critical.
[my italics]
I absolutely agree, and despair at the lack of outrage in Britain. If you could compare the justified anger on the Brits behalf here on Slashdot with the deafening silence in Britain you would be amazed.
If the british in this thread and in general dont respond to such a claim then is it any differnt than them not having a Bill of Rights in the first place?
I responded. I think that is one more person than has claimed that Britain doesn't need a Bill of Rights.
Re:So what's worse? (Score:4, Informative)
Because it's not real CP, it's random binary gibberish with a note attached saying 'Here is your encrypted CP'. The police will pick up that email (in other news today, they're going to be monitoring all emails) and go 'Oho, we have caught ourselves a paedophile and will soon look good in the newspapers when we lock him up for ever and always', and come around and arrest you. The they demand you decrypt the file so they can present you along with the CP to the court and get you sent to prison.
No CP exists - no key exists - it's not encrypted data at all, just noise. But you can't prove that. And so you go to jail for failing to provide the key.
Re:So anyone want to do this.... (Score:1, Informative)
You get caught, you give them the top-level keys, etc. There's no way to prove that the second layer exists! And yes, a/c because even telling you about this sort of software is probably illegal now in the UK (think of the children! Stop the terrrrrists! etc!)
<rant>(Curtain-twitching, Daily-Mail-Reading, Noseyfuckingbastards Sheeple)</rant>
Re:I wish the US Supreme Court was that smart. (Score:5, Informative)
Lucky for us Americans, a subpoena can not force you to testify against yourself. It's a Constitutional right written in black ink and cannot be revoked by any mere subpoena.
Re:Disclosing a key is disclosing knowledge (Score:5, Informative)
It's too bad there wasn't an awesome program like True Crypt (http://www.truecrypt.org/) that let you have two separate keys for an encrypted volume so that you could give a "fake" key that shows "fake" data.
Re:I wish the US Supreme Court was that smart. (Score:3, Informative)
Err... to stop that they passed laws dealing with "suspicious amounts of cash". I.e. car dealers, real estate agents and even places like Best Buy are supposed to demand ID and report you if you use cash in amounts greater then a certain amount (I think it is $1000 these days during the War On Terror, thanks to which it has been lowered down from $10,000 during the War On Drugs). So no, cash is not going to get you anywhere unless you also plan to live under the bridge.
Oh, by the way. The law also forbids you from carrying the same amount of cash (as opposed to traceable traveller's cheques) while going abroad. As the original poster indicates, privacy is a distant historical curiosity from 17th century.
Threadjack (Score:2, Informative)
Back on topic... (where I Will Be Read)
I remember some years ago, a hacker group forged an e-mail that seemed to come from the minister who had proposed that very same law. It was ncrypted in RSA-512 or something that level, and then they reported the minister to the police, saying he was in touch with criminals (that word had not been replaced by "terrorists" yet). He evidently could NOT prouce the key, and the law was scrapped.
With politicians having no memory whatsoever, I think someone has to do the very same thing every time... Let's try the judge who ruled this.
Re:Well, there's just this one tiny detail ... (Score:3, Informative)
Actually, no, "progressive" is a term that the politically left socialist/communists identify themselves with. I've never seen a libertarian or more right than that organisation use it.
And the political left, the socialists/communists are screaming for "change".
Re:I wish the US Supreme Court was that smart. (Score:3, Informative)
*cough* doesn't matter (http://en.wikipedia.org/wiki/Abdullah_Al_Muhajir) *cough*
Re:Plausible deniability (Score:3, Informative)
Except that when you mount it with the "safe" password and you don't specify that there is an enclosed hidden container, when you stuff it with files the hidden container is potentially overwritten and corrupted.
To add files to the safe container you have to provide the safe password and the hidden container password so the software can identify the limits of what you can store. Without it, you might as well not have a hidden container at all.
Re:Plausible deniability (Score:2, Informative)
You don't know how TrueCrypt works at all.
If you have a hidden volume, to protect it, you need to enter the password for it. If you don't have the password for the hidden volume (because, for example, you don't know it's there), you can stuff files into the outer volume until you start destroying the hidden volume.
Unless you're using a sparse volume, there's no way to tell if a TruCrypt volume contains a hidden volume, unless "they" take snapshots at different times and guess from the fact that ostensibly "free space" keeps changing, but they still can't really "prove" it.
Re:add Obstruction of Justice to the charges then (Score:2, Informative)
No, you really aren't. Nothing requires you to make it easy for the police to get in.
(Of course, I remind people that booby traps are illegal, regardless of the victim having a legal right to be there or not.)