SoylentNews is people
SoylentNews
An Anonymous Coward has submitted the following:
The UK government will tomorrow publish draft legislation to regulate the use of encryption and require ISPs to log which websites their customers visit for a year. The government has previously expressed irritation at the idea of some communications being out of government reach. There is an (inevitably toothless) petition.
The silver lining is perhaps that the government still cannot comprehend that not all secure communications involve a communications provider. The government appears to be using the door in the face technique, making the bill as over the top as possible so they can appear to compromise later.
This discussion has been archived.
No new comments can be posted.
UK Wants to Ban Unbreakable Encryption, Log which Websites You Visit
|
Log In/Create an Account
| Top
| 22 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Hey, wait a minute!! I want a divorce!! ... you're not Clint Eastwood!!
(Score: 2, Informative) by Anonymous Coward on Wednesday November 04 2015, @10:04AM
In the UK you are required to provide your keys or face 2 years jail: https://en.wikipedia.org/wiki/Key_disclosure_law#United_Kingdom [wikipedia.org]
As for NZ where you presumably are: http://www.stuff.co.nz/technology/digital-living/67449940/customs-downplays-password-plan [stuff.co.nz]
Popular Linux distros should allow filesystem encryption AND whether you enable it or not they should also create an encrypted container: https://bugs.launchpad.net/ubuntu/+bug/148440 [launchpad.net]
If millions of people don't actually use that encrypted container nor have the key to decrypt it then you're more believable when you go "What key?" ;).
Otherwise just the presence of something that looks like an encrypted container means you have to hand over your keys or get 2 years jail. Even if it isn't actually an encrypted container! Could be a result of a cat /dev/urandom you did some years ago to test stuff or wipe data and never bothered to delete.
I wonder what will happen if it's someone else's encrypted stuff - I recall Wikileaks having an encrypted "insurance" file. Or you are keeping a friend's encrypted backups. Perhaps you should start making friends in countries with no extradition treaties with your country and offer to store their encrypted backups.
Then you can say this encrypted file is not mine. And he/she can say the same thing :).
(Score: 5, Informative) by Anonymous Coward on Wednesday November 04 2015, @10:40AM
Well, with one-time pads, you can create as many "decrypted" versions as you want. It works as follows:
Step 1: You have your secret data (S), create a one-time pad and encrypt it with that pad. Now you have an encrypted text (E) and a big key (K).
Step 2: You have harmless replacement data (R). You use the encrypted text E as "one-time pad" on R, and get a "fake key" (F).
When E is found on your hard disk and you're asked for the key, you give them the fake key F. That will decrypt the text to R. There's absolutely no way to prove that R is not the actually encrypted text (you should, of course, use something that one might reasonable go to the hassle to encrypt, or else you'll have a hard time to explain why you encrypted the one-digit multiplication table).
Step 2 can be repeated as often as you want (for example, in some countries encrypted porn might be a good explanation why you encrypted it; in other countries it will be a bad idea to show that you are carrying porn with you; therefore you might generate one fake key producing porn, and another one producing something else).
(Score: 2, Funny) by Anonymous Coward on Wednesday November 04 2015, @02:38PM
Sure, just memorize two 4GB one time pads.
(Score: 2) by tonyPick on Thursday November 05 2015, @12:23PM
Today I can find 8GB USB sticks for under a fiver, and the pad is indistinguishable from random noise.
(Score: 0) by Anonymous Coward on Wednesday November 04 2015, @08:42PM
This is all great information.
The problem is that only the intelligent and the people that care will take these steps, and even have alternate partitions for the concerns you cited.
The law will most heavily fall upon those that have no defenses, much like how cattle have been domesticated and are readily culled from the herd as needed to provide food and luxury goods to others.
(Score: 0) by Anonymous Coward on Wednesday November 04 2015, @10:07PM
Otherwise if you do significant updates to the encrypted file when they seize all your stuff and require you to produce the "F" you may not have access to an up-to-date "E" to generate the "F" from "R". You might not even have access to an "R".
(Score: 3, Informative) by edIII on Thursday November 05 2015, @12:06AM
Well... more accurately OTP has as many decrypted versions as the possible permutations of the dataset itself .
It's not big key (K) and encrypted text (E), it's Key (K) and CipherText (C), and they are perfectly equal in size. Therein lies the truly unbreakable encryption, of which to my knowledge, OTP is the only one that claim that title.
The why is simple.
0 1 0 1 0 1 0 1 1 0 (P)
1 0 1 0 1 0 0 1 1 0 (K)
0 1 1 0 1 1 1 0 0 1 (C)
I know they don't line up without a monospaced font (I'm too lazy today), but the unbreakable part comes from the fact that the first pair of PK (column) is wholly disconnected from the 2nd, and the 10th pairs. The operation is purely non-deterministic because of this. Typical encryption is not, and because Key (K) is a small insignificant size compared to CipherText (C), the 1st, 2nd, and millionth pairs are related and deterministic. Hence, they are mathematically provable to be breakable under the right conditions. Doesn't matter that science says multiple stars are required to break it either. It's nearly impossible to securely exchange your keys when they are the same size as the dataset, which is why we use Diffie-Hellman, and because of poor implementations of it, encryption is routinely broken.
In court, it's 100000000% impossible for a mathematician to state that any dataset is more probable than any other dataset when using OTP correctly. Meaning, ALL cases of Plain Text (P) are equally possible from CipherText (C) where Big Key (K) is missing and unavailable.
Big Key (K) is the proof itself of which dataset is actually contained in CipherText (C). So, without decrypting OTP, you can't prove the contents of OTP. Where you show designs for a bomb, I can show you a picture of monkeys writing Shakespeare. Or your mom blowing Putin. Or Putin blowing your dad. Anything is possible. That's the point :)
Mathematically pure unbreakable encryption
I'll leave it to other experts to explain why OTP will sadly never be widely used for anything....
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 0) by Anonymous Coward on Thursday November 05 2015, @12:20AM
With a OTP, why not just memorize the actual file? It's exactly the same size.
(Score: 2) by maxwell demon on Thursday November 05 2015, @11:45PM
For the same reason why you don't memorize the key for your RSA encrypted file?
The Tao of math: The numbers you can count are not the real numbers.