Key disclosure law
Encyclopedia
Key disclosure laws, also known as mandatory key disclosure, is legislation that require individuals to surrender cryptographic key
s to law enforcement. The purpose is to allow access to material for confiscation or digital forensics
purposes and use it either as evidence in a court of law or to enforce national security
interests. Similarly, mandatory decryption laws force owners of encrypted data to supply decrypted data to law enforcement.
Nations vary widely in the specifics of how they implement key disclosure laws. Some, such as Australia, give law enforcement wide-ranging power to compel assistance in decrypting data from any party. Some, such as Belgium, concerned with self-incrimination, only allow law enforcement to compel assistance from non-suspects. Some require only specific third parties such as telecommunications carriers, certification providers, or maintainers of encryption services to provide assistance with decryption. In all cases, a warrant is generally required.
As a countermeasure to key disclosure laws, some personal privacy products such as BestCrypt
, FreeOTFE
, and TrueCrypt
have begun incorporating deniable encryption
technology, which enable a single piece of encrypted data to be decrypted in two or more different ways, creating plausible deniability
. Another alternative is steganography
, which hides encrypted data inside of benign data so that it is more difficult to identify in the first place.
A problematic aspect of key disclosure is that it leads to a total compromise of all data encrypted using that key in the past or future; time-limited encryption schemes such as those of Desmedt et al. allow decryption only for a limited time period.
and more generally the right to silence
, in nations which respect these rights. In some cases, it may be impossible to decrypt the data because the key has been lost, revoked, or because the data is actually random data which cannot be effectively distinguished from encrypted data.
A proactive alternative to key disclosure law is key escrow
law, where the government holds in escrow a copy of all cryptographic keys in use, but is only permitted to use them if an appropriate warrant is issued. Key escrow systems face difficult technical issues and are subject to many of the same criticisms as key disclosure law; they avoid some issues like lost keys, while introducing new issues such as the risk of accidental disclosure of large numbers of keys. The ambiguous term key recovery is applied to both types of systems.
material"; this is understood to include mandatory decryption. Failing to comply carries a penalty of 6 months imprisonment. Electronic Frontiers Australia
calls the provision "alarming" and "contrary to the common law privilege against self-incrimination."
, as amended by the Information Technology (Amendment) Act, 2008, empowers the central and state governments to compel assistance from any "subscriber or intermediary" in decrypting information. Failure to comply is punishable by up to seven years imprisonment and/or a fine.
(RIPA), Part III, activated by ministerial order in October 2007, requires persons to supply decrypted information and/or keys to government representatives. Failure to disclose carries a maximum penalty of two years in jail. The provision was first used against animal rights
activists in November 2007, and at least three people have been prosecuted and convicted for refusing to surrender their encryption keys, one of whom was sentenced to 13 months' imprisonment.
may be influential as case law
. In this case, a man's laptop was inspected by customs agents and child pornography was discovered. The device was seized and powered-down, at which point disk encryption
technology made the evidence unavailable. The judge argued that since the content had already been seen by the customs agents, Boucher's encryption password "adds little or nothing to the sum total of the Government's information about the existence and location of files that may contain incriminating information."
Key (cryptography)
In cryptography, a key is a piece of information that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would produce no useful result. In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa...
s to law enforcement. The purpose is to allow access to material for confiscation or digital forensics
Digital forensics
Digital forensics is a branch of forensic science encompassing the recovery and investigation of material found in digital devices, often in relation to computer crime...
purposes and use it either as evidence in a court of law or to enforce national security
National security
National security is the requirement to maintain the survival of the state through the use of economic, diplomacy, power projection and political power. The concept developed mostly in the United States of America after World War II...
interests. Similarly, mandatory decryption laws force owners of encrypted data to supply decrypted data to law enforcement.
Nations vary widely in the specifics of how they implement key disclosure laws. Some, such as Australia, give law enforcement wide-ranging power to compel assistance in decrypting data from any party. Some, such as Belgium, concerned with self-incrimination, only allow law enforcement to compel assistance from non-suspects. Some require only specific third parties such as telecommunications carriers, certification providers, or maintainers of encryption services to provide assistance with decryption. In all cases, a warrant is generally required.
Theory and countermeasures
Mandatory decryption is technically a weaker requirement than key disclosure, since it is possible in some cryptosystems to prove that a message has been decrypted correctly without revealing the key. For example, using RSA public-key encryption, one can verify given the message (plaintext), the encrypted message (ciphertext), and the public key of the recipient that the message is correct by merely re-encrypting it and comparing the result to the encrypted message. Such a scheme is called undeniable, since once the government has validated the message they cannot deny that it is the correct decrypted message.As a countermeasure to key disclosure laws, some personal privacy products such as BestCrypt
BestCrypt
BestCrypt is a commercial disk encryption program for Windows and Linux, developed by Jetico.-Features:* BestCrypt can create and mount an encrypted virtual drive using AES, Blowfish, Twofish, CAST, and various other encryption methods...
, FreeOTFE
FreeOTFE
FreeOTFE is an open source on-the-fly disk encryption computer program for PCs running Microsoft Windows, and personal digital assistants running Windows Mobile . It creates virtual drives, or disks, to which anything written is automatically encrypted before being stored on a computer's hard or...
, and TrueCrypt
TrueCrypt
TrueCrypt is a software application used for on-the-fly encryption . It is free and open source. It can create a virtual encrypted disk within a file or encrypt a partition or the entire storage device .- Operating systems :TrueCrypt supports Microsoft Windows, Mac OS X, and...
have begun incorporating deniable encryption
Deniable encryption
In cryptography and steganography, deniable encryption is encryption that allows its users to convincingly deny that the data is encrypted, or that they are able to decrypt it. Such convincing denials may or may not be genuine. For example, although suspicions might exist that the data is...
technology, which enable a single piece of encrypted data to be decrypted in two or more different ways, creating plausible deniability
Plausible deniability
Plausible deniability is, at root, credible ability to deny a fact or allegation, or to deny previous knowledge of a fact. The term most often refers to the denial of blame in chains of command, where upper rungs quarantine the blame to the lower rungs, and the lower rungs are often inaccessible,...
. Another alternative is steganography
Steganography
Steganography is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity...
, which hides encrypted data inside of benign data so that it is more difficult to identify in the first place.
A problematic aspect of key disclosure is that it leads to a total compromise of all data encrypted using that key in the past or future; time-limited encryption schemes such as those of Desmedt et al. allow decryption only for a limited time period.
Criticism and alternatives
Critics of key disclosure laws view them as compromising information privacy, by revealing personal information that may not be pertinent to the crime under investigation, as well as violating the right against self-incriminationSelf-incrimination
Self-incrimination is the act of accusing oneself of a crime for which a person can then be prosecuted. Self-incrimination can occur either directly or indirectly: directly, by means of interrogation where information of a self-incriminatory nature is disclosed; indirectly, when information of a...
and more generally the right to silence
Right to silence
The right to remain silent is a legal right of any person. This right is recognized, explicitly or by convention, in many of the world's legal systems....
, in nations which respect these rights. In some cases, it may be impossible to decrypt the data because the key has been lost, revoked, or because the data is actually random data which cannot be effectively distinguished from encrypted data.
A proactive alternative to key disclosure law is key escrow
Key escrow
Key escrow is an arrangement in which the keys needed to decrypt encrypted data are held in escrow so that, under certain circumstances, an authorized third party may gain access to those keys...
law, where the government holds in escrow a copy of all cryptographic keys in use, but is only permitted to use them if an appropriate warrant is issued. Key escrow systems face difficult technical issues and are subject to many of the same criticisms as key disclosure law; they avoid some issues like lost keys, while introducing new issues such as the risk of accidental disclosure of large numbers of keys. The ambiguous term key recovery is applied to both types of systems.
Antigua and Barbuda
The Computer Misuse Bill, 2006, Article 21(5)(c), if enacted, would allow police with a warrant to demand and use decryption keys. Failure to comply may incur "a fine of fifteen thousand [East Caribbean] dollars" and/or "imprisonment for two years."Australia
The Cybercrime Act 2001 No. 161, Items 12 and 28 grant police with a magistrate's order the wide-ranging power to require "a specified person to provide any information or assistance that is reasonable and necessary to allow the officer to" access computer data that is "evidentialmaterial"; this is understood to include mandatory decryption. Failing to comply carries a penalty of 6 months imprisonment. Electronic Frontiers Australia
Electronic Frontiers Australia
Electronic Frontiers Australia Inc. is a non-profit Australian national non-government organisation representing Internet users concerned with online liberties and rights...
calls the provision "alarming" and "contrary to the common law privilege against self-incrimination."
Belgium
The Loi du 28 novembre 2000 relative à la criminalité informatique (Law on computer crime of 28 November 2000), Article 9 allows a judge to order both operators of computer systems and telecommunications providers to provide assistance to law enforcement, including mandatory decryption, and to keep their assistance secret; but this action cannot be taken against suspects or their families. Failure to comply is punishable by 6 months to 1 year in jail and/or a fine of 130 to 100,000 Euros.Canada
Canada implements key disclosure by broad interpretation of "existing interception, search and seizure and assistance procedures"; in a 1998 statement, Cabinet Minister John Manley explained, "warrants and assistance orders also apply to situations where encryption is encountered — to obtain the decrypted material or decryption keys."Finland
The Coercive Measures Act (Pakkokeinolaki) 1987/450 (as amended by 2007/541) section 4 paragraph 4a requires a specified person to surrender the necessary "passwords and other such information" to the police in order to provide access to information stored on an information system. The suspect and some other specified persons that cannot otherwise be called as witnesses are exempt of this requirement. There is currently a proposal (Government Proposal HE 222/2010 vp) to change this and other related laws, which may result in changes as to how information systems can be searched and accessed.France
Loi n°2001-1062 du 15 novembre 2001 relative à la sécurité quotidienne (Law #2001-1062 of 15 November 2001 on Community Safety), Article 30 allows a judge or prosecutor to compel any qualified person to decrypt or surrender keys to make available any information encountered in the course of an investigation. Failure to comply incurs three years of jail time and a fine of €45,000; if the refusal would have prevented or mitigated a crime, the penalty increases to five years of jail time and €75,000.India
Section 69 of the Information Technology ActInformation Technology Act
The Information Technology Act 2000 is an Act of the Indian Parliament notified on October 17, 2000.-History of the Act:...
, as amended by the Information Technology (Amendment) Act, 2008, empowers the central and state governments to compel assistance from any "subscriber or intermediary" in decrypting information. Failure to comply is punishable by up to seven years imprisonment and/or a fine.
United Kingdom
The Regulation of Investigatory Powers Act 2000Regulation of Investigatory Powers Act 2000
The Regulation of Investigatory Powers Act 2000 is an Act of the Parliament of the United Kingdom, regulating the powers of public bodies to carry out surveillance and investigation, and covering the interception of communications...
(RIPA), Part III, activated by ministerial order in October 2007, requires persons to supply decrypted information and/or keys to government representatives. Failure to disclose carries a maximum penalty of two years in jail. The provision was first used against animal rights
Animal rights
Animal rights, also known as animal liberation, is the idea that the most basic interests of non-human animals should be afforded the same consideration as the similar interests of human beings...
activists in November 2007, and at least three people have been prosecuted and convicted for refusing to surrender their encryption keys, one of whom was sentenced to 13 months' imprisonment.
United States
There is currently no law regarding key disclosure in the United States, but the federal case United States v. BoucherUnited States v. Boucher
In re Boucher, No. 2:06-mj-91, 2009 WL 424718, is a federal criminal case in Vermont, which was the first to address directly the question of whether a person can be compelled to reveal his or her encryption passphrase or password, despite the U.S. Constitution's Fifth Amendment protection against...
may be influential as case law
Case law
In law, case law is the set of reported judicial decisions of selected appellate courts and other courts of first instance which make new interpretations of the law and, therefore, can be cited as precedents in a process known as stare decisis...
. In this case, a man's laptop was inspected by customs agents and child pornography was discovered. The device was seized and powered-down, at which point disk encryption
Disk encryption
Disk encryption is a special case of data at rest protection when the storage media is a sector-addressable device . This article presents cryptographic aspects of the problem...
technology made the evidence unavailable. The judge argued that since the content had already been seen by the customs agents, Boucher's encryption password "adds little or nothing to the sum total of the Government's information about the existence and location of files that may contain incriminating information."