Stories
Slash Boxes
Comments

SoylentNews is people

When's A Backdoor Not A Backdoor? When The Oz Government Says It Isn't

posted by Fnord666 on Tuesday August 14 2018, @07:45PM   Printer-friendly
from the just-use-the-front-door dept.

Arthur T Knackerbracket has found the following story:

Australia's promised “not-a-backdoor” crypto-busting bill is out and the government has kept its word - it doesn't want a backdoor, just the keys to your front one.

The draft of The Assistance and Access Bill 2018 calls for anyone using or selling communications services in Australia will be subject to police orders for access to private data.

That includes all vendors of computers, phones, apps, social media and cloud services in the Lucky Country, and anyone within national borders using them. These data-tapping orders will be enforced with fines of up to AU$10m (US$7.3m) for companies or $50,000 ($36,368) for individuals

The draft legislation also wants five years in prison for anyone who reveals a data-slurping investigation is going on. And while there's no explicit encryption backdoor requirements in the 110 page draft bill, our first look suggests there doesn't need to be.

Original Submission

 
This discussion has been archived. No new comments can be posted.
When's A Backdoor Not A Backdoor? When The Oz Government Says It Isn't | Log In/Create an Account | Top | 57 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by JoeMerchant on Wednesday August 15 2018, @01:46PM (3 children)

    by JoeMerchant (3937) on Wednesday August 15 2018, @01:46PM (#721767)

    There is no encryption system which can "prove" that you haven't hidden another message in it.

    --
    🌻🌻 [google.com]
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 2) by edIII on Thursday August 16 2018, @08:19PM (2 children)

    by edIII (791) on Thursday August 16 2018, @08:19PM (#722474)

    Depends on what you mean by "prove". Technically, the feature you alluded to previously is called Deniable encryption [wikipedia.org]. Encryption that supports that feature allows you to never be able to prove that you had hidden another message. You're asking for the opposite, to prove that no other message exists.

    Not all encryption supports deniability. In those methods, it's not difficult to more or less prove that the encryption method isn't hiding additional data. At least not facilitated by that encryption. However, nothing prevents you from performing multiple passes, with each pass differently encrypted. If the final plaintext that is produced has no datatype signatures, conforms to no standards we know, contains no known data structures, and essentially looks like random noise, then yes, it will be very difficult to prove that another message was NOT hidden in it. That's because deniable encryption looks just like noise. The high entropy of that noise, the better.

    Many traditional encryption methods leave identifiable signatures too. Deniable encryption is about removing all such signatures and leaving you with "unprovable" noise that resists all analysis.

    --
    Technically, lunchtime is at any moment. It's just a wave function.

    • (Score: 2) by JoeMerchant on Thursday August 16 2018, @08:35PM (1 child)

      by JoeMerchant (3937) on Thursday August 16 2018, @08:35PM (#722494)

      Some story I recently consumed about WWII African mail back home included a bit about the code that the corresponding couple used to communicate through the censors. They basically blathered on about inane stuff like the recent cricket match, the weather, somebody's scorpion bite, whatever, and the real message was encoded in the second letter of each first word on each line. The messages were still somewhat cryptic, such as "bowlerhatsoon", but that's enough for one to tell the other that they are being discharged (only civilians wear bowler hats) and rotating home soon, which is big/important news that the censors would have struck out (simply discarded the letter, most likely). The censors were free to read the entire message, but unable to decipher the true meaning and of course let it pass.

      No information theory will ever manage to prove or disprove the existence of such messages, as long as you're allowed to send enough crap along, and with people sharing 16MP color photos of their meals every day, plus cat videos, I think there's plenty of bandwidth in which to cleverly hide just about any text you might ever want to communicate.

      --
      🌻🌻 [google.com]

      • (Score: 2) by edIII on Thursday August 16 2018, @10:30PM

        by edIII (791) on Thursday August 16 2018, @10:30PM (#722561)

        That's reminiscent of the Japanese code book encryption, and to the Navajo communications, both in WWII as well.

        Because Navajo has a complex grammar, it is not nearly mutually intelligible enough with even its closest relatives within the Na-Dene family to provide meaningful information. It was still an unwritten language, and Johnston thought Navajo could satisfy the military requirement for an undecipherable code. Navajo was spoken only on the Navajo lands of the American Southwest. Its syntax and tonal qualities, not to mention dialects, made it unintelligible to anyone without extensive exposure and training. One estimate indicates that at the outbreak of World War II, fewer than 30 non-Navajo could understand the language.[21]

        Code Talkers Monument Ocala, Florida Memorial Park
        Early in 1942, Johnston met with Major General Clayton B. Vogel, the commanding general of Amphibious Corps, Pacific Fleet, and his staff. Johnston staged tests under simulated combat conditions which demonstrated that Navajo men could encode, transmit, and decode a three-line English message in 20 seconds, versus the 30 minutes required by machines at that time. The idea was accepted, with Vogel recommending that the Marines recruit 200 Navajo. The first 29 Navajo recruits attended boot camp in May 1942. This first group created the Navajo code at Camp Pendleton, Oceanside, California.[22]

        The Navajo code was formally developed and modeled on the Joint Army/Navy Phonetic Alphabet that uses agreed-upon English words to represent letters. The Navajo Code Talkers were mainly Marines. As it was determined that phonetically spelling out all military terms letter by letter into words—while in combat—would be too time-consuming, some terms, concepts, tactics and instruments of modern warfare were given uniquely formal descriptive nomenclatures in Navajo (for example, the word for "shark" being used to refer to a destroyer, or "silver oak leaf" to the rank of lieutenant colonel).[23]

        A codebook was developed to teach the many relevant words and concepts to new initiates. The text was for classroom purposes only, and was never to be taken into the field. The code talkers memorized all these variations and practiced their rapid use under stressful conditions during training. Uninitiated Navajo speakers would have no idea what the code talkers' messages meant; they would hear only truncated and disjointed strings of individual, unrelated nouns and verbs.

        It's worth noting that the reason why code books are secure, is that nobody understands the meaning of the individual words. However, the more they are used, and the more you can perform analysis of subsequent events associated with the coded conversations, the more you can deduce their meaning.

        Code books not invulnerable precisely because they reuse the codes, and the opposite is the reason why one-time-pad encryption is the only provably unbreakable encryption around. One of the reasons why the Navajo were so secure is noted in bold above. That would not have protected them though over time, if the Japanese or Germans had enough transmissions and activity to analyze.

        What you refer to at the end is Steganography, which can be combined with deniable encryption to encode messages in the random noise found in pretty much all pictures. Especially pictures in a night time setting produced by equipment not suited to low-light conditions.

        WWII is indeed a very fascinating time period for the study of encryption.

        --
        Technically, lunchtime is at any moment. It's just a wave function.