SoylentNews is people
SoylentNews
An Anonymous Coward has submitted the following:
The UK government will tomorrow publish draft legislation to regulate the use of encryption and require ISPs to log which websites their customers visit for a year. The government has previously expressed irritation at the idea of some communications being out of government reach. There is an (inevitably toothless) petition.
The silver lining is perhaps that the government still cannot comprehend that not all secure communications involve a communications provider. The government appears to be using the door in the face technique, making the bill as over the top as possible so they can appear to compromise later.
This discussion has been archived.
No new comments can be posted.
UK Wants to Ban Unbreakable Encryption, Log which Websites You Visit
|
Log In/Create an Account
| Top
| 22 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
There will be big changes for you but you will be happy.
(Score: 4, Insightful) by Absolutely.Geek on Wednesday November 04 2015, @07:38AM
It seems that they just don't get that privacy is a basic human right; or that it is completely possible to have unbreakable encription that there is no "service provider" or "tech company" involved at all.
But then again maybe they do and if you use self signed keys to encrypt stuff then you will be arrested..
Glad I am not living in the UK....I hope NZ is very far behind the curve on this one.
Don't trust the police or the government - Shihad: My mind's sedate.
(Score: 2, Informative) by Anonymous Coward on Wednesday November 04 2015, @10:04AM
In the UK you are required to provide your keys or face 2 years jail: https://en.wikipedia.org/wiki/Key_disclosure_law#United_Kingdom [wikipedia.org]
As for NZ where you presumably are: http://www.stuff.co.nz/technology/digital-living/67449940/customs-downplays-password-plan [stuff.co.nz]
Popular Linux distros should allow filesystem encryption AND whether you enable it or not they should also create an encrypted container: https://bugs.launchpad.net/ubuntu/+bug/148440 [launchpad.net]
If millions of people don't actually use that encrypted container nor have the key to decrypt it then you're more believable when you go "What key?" ;).
Otherwise just the presence of something that looks like an encrypted container means you have to hand over your keys or get 2 years jail. Even if it isn't actually an encrypted container! Could be a result of a cat /dev/urandom you did some years ago to test stuff or wipe data and never bothered to delete.
I wonder what will happen if it's someone else's encrypted stuff - I recall Wikileaks having an encrypted "insurance" file. Or you are keeping a friend's encrypted backups. Perhaps you should start making friends in countries with no extradition treaties with your country and offer to store their encrypted backups.
Then you can say this encrypted file is not mine. And he/she can say the same thing :).
(Score: 5, Informative) by Anonymous Coward on Wednesday November 04 2015, @10:40AM
Well, with one-time pads, you can create as many "decrypted" versions as you want. It works as follows:
Step 1: You have your secret data (S), create a one-time pad and encrypt it with that pad. Now you have an encrypted text (E) and a big key (K).
Step 2: You have harmless replacement data (R). You use the encrypted text E as "one-time pad" on R, and get a "fake key" (F).
When E is found on your hard disk and you're asked for the key, you give them the fake key F. That will decrypt the text to R. There's absolutely no way to prove that R is not the actually encrypted text (you should, of course, use something that one might reasonable go to the hassle to encrypt, or else you'll have a hard time to explain why you encrypted the one-digit multiplication table).
Step 2 can be repeated as often as you want (for example, in some countries encrypted porn might be a good explanation why you encrypted it; in other countries it will be a bad idea to show that you are carrying porn with you; therefore you might generate one fake key producing porn, and another one producing something else).
(Score: 2, Funny) by Anonymous Coward on Wednesday November 04 2015, @02:38PM
Sure, just memorize two 4GB one time pads.
(Score: 2) by tonyPick on Thursday November 05 2015, @12:23PM
Today I can find 8GB USB sticks for under a fiver, and the pad is indistinguishable from random noise.
(Score: 0) by Anonymous Coward on Wednesday November 04 2015, @08:42PM
This is all great information.
The problem is that only the intelligent and the people that care will take these steps, and even have alternate partitions for the concerns you cited.
The law will most heavily fall upon those that have no defenses, much like how cattle have been domesticated and are readily culled from the herd as needed to provide food and luxury goods to others.
(Score: 0) by Anonymous Coward on Wednesday November 04 2015, @10:07PM
Otherwise if you do significant updates to the encrypted file when they seize all your stuff and require you to produce the "F" you may not have access to an up-to-date "E" to generate the "F" from "R". You might not even have access to an "R".
(Score: 3, Informative) by edIII on Thursday November 05 2015, @12:06AM
Well... more accurately OTP has as many decrypted versions as the possible permutations of the dataset itself .
It's not big key (K) and encrypted text (E), it's Key (K) and CipherText (C), and they are perfectly equal in size. Therein lies the truly unbreakable encryption, of which to my knowledge, OTP is the only one that claim that title.
The why is simple.
0 1 0 1 0 1 0 1 1 0 (P)
1 0 1 0 1 0 0 1 1 0 (K)
0 1 1 0 1 1 1 0 0 1 (C)
I know they don't line up without a monospaced font (I'm too lazy today), but the unbreakable part comes from the fact that the first pair of PK (column) is wholly disconnected from the 2nd, and the 10th pairs. The operation is purely non-deterministic because of this. Typical encryption is not, and because Key (K) is a small insignificant size compared to CipherText (C), the 1st, 2nd, and millionth pairs are related and deterministic. Hence, they are mathematically provable to be breakable under the right conditions. Doesn't matter that science says multiple stars are required to break it either. It's nearly impossible to securely exchange your keys when they are the same size as the dataset, which is why we use Diffie-Hellman, and because of poor implementations of it, encryption is routinely broken.
In court, it's 100000000% impossible for a mathematician to state that any dataset is more probable than any other dataset when using OTP correctly. Meaning, ALL cases of Plain Text (P) are equally possible from CipherText (C) where Big Key (K) is missing and unavailable.
Big Key (K) is the proof itself of which dataset is actually contained in CipherText (C). So, without decrypting OTP, you can't prove the contents of OTP. Where you show designs for a bomb, I can show you a picture of monkeys writing Shakespeare. Or your mom blowing Putin. Or Putin blowing your dad. Anything is possible. That's the point :)
Mathematically pure unbreakable encryption
I'll leave it to other experts to explain why OTP will sadly never be widely used for anything....
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 0) by Anonymous Coward on Thursday November 05 2015, @12:20AM
With a OTP, why not just memorize the actual file? It's exactly the same size.
(Score: 2) by maxwell demon on Thursday November 05 2015, @11:45PM
For the same reason why you don't memorize the key for your RSA encrypted file?
The Tao of math: The numbers you can count are not the real numbers.
(Score: 0) by Anonymous Coward on Wednesday November 04 2015, @11:32AM
The Brits have never gotten basic human rights. Magna Carta, after all, was a statement of landed baron's rights versus the crown and didn't free any serfs. The English Civil War was about religion, not parliamentary authority per se.
(Score: 2) by turgid on Wednesday November 04 2015, @08:51PM
The Brits have never gotten basic human rights.
Not really (from Liberty [liberty-human-rights.org.uk]'s web site):
The current bunch of fascists [conservatives.com] in government want to scrap that and "replace" it with a British Bill of Rights.
Just like before the recent General Election, Irritible Duncan Syndrome [conservatives.com] wouldn't tell us which particular welfare/benefits he would cut in his massive £12 billion programme and suprisingly kicked supporters of his own party squarely in the teeth [telegraph.co.uk].
But as the right-wing loonies are so frequently heard to rant, "Yooman rights! Yooman rights! I don't need no yooman rights cause I ain't done nothing wrong!" I dare say they're heading for another kicking along with everyone else.
I refuse to engage in a battle of wits with an unarmed opponent [wikipedia.org].
(Score: 2) by turgid on Wednesday November 04 2015, @08:53PM
I missed out a link there. The second blockquote is from the Independent [independent.co.uk].
I refuse to engage in a battle of wits with an unarmed opponent [wikipedia.org].
(Score: 5, Insightful) by jdavidb on Wednesday November 04 2015, @02:49PM
It seems that they just don't get that privacy is a basic human right
Governments do not get rights. Governments do not care about rights at all. When it comes to securing your rights, government is not your friend and it is not your defender. It is the biggest enemy of your rights in existence. Other criminals may also pose a danger to your rights, but only government can do so with legal impunity.
The assertion in the U.S. Declaration of Independence, "That to secure these rights, Governments are instituted among Men, deriving their just powers from the consent of the governed" is a complete fiction with regards to all governments in existence today. Governments only care about rights as much as they need to to keep their farm animals happy and healthy, preventing revolt. Individual politicians only pay lip service to rights to get elected, and the rare exceptions rarely get elected (and if they do, once they get a taste of the power they have, they become corrupted addicts just like all the rest of them).
If you are hoping to persuade your government anything at all about your rights, you will hope until you die and never see your hope fulfilled. You are the farm animal and they are the farmers.
ⓋⒶ☮✝🕊 Secession is the right of all sentient beings