[cryptography] can the German government read PGP and ssh traffic?
Marcus Brinkmann
marcus.brinkmann at ruhr-uni-bochum.de
Sat May 26 06:30:47 PDT 2012
On 05/26/2012 08:01 AM, Peter Gutmann wrote:
> Marsh Ray <marsh at extendedsubset.com> writes:
>
>> Perhaps someone who knows German can better interpret it.
>
> The government was asked "are encrypted communications creating any
> difficulties for law enforcement in terms of pursuing criminals and
> terrorists?". The government replied "no, not really, so there's no need to
> restrict the use of crypto by the public".
Sorry, that's not quite it. The "Kleine Anfrage" (small inquiry) is a
tool for the opposition to put pressure on the government, which has to
explain itself in response to specific questions on a certain topic.
In this inquiry, the left party asked questions about telecommunication
surveillance by the BND, (encrypted and/or unencrypted), which was
reported about in the German press. In particular, they asked questions
about the keywords used for filtering, the technical methods for
filtering, the amount of filtering that has been done, if any successes
were documented, how politicians/attorneys/journalists and other
protected groups are protected, etc. The goal is to either find
material that is embarrassing or at least to remind the government and
secret services of their boundaries.
In the end, most of the answers were secret and, as far as they were
given at all, are only available to members of the German parliament.
There is very little specific information that is not secret, for
example that 90% of the emails are spam, that 16400 keywords were used etc.
As far as decryption capabilities goes, the text is very clear: The
software used to analyse the communication stream can, in principle,
decrypt and/or analyze at least some of it. Note the qualifiers: In
principle, decrypt and/or analysis, depending on type and quality of
encryption.
This really can mean anything and everything. I would assume that it
just means that the software and services they are buying have
implemented some automatic decryption based on the state of the art
attacks on weak cryptography, or at the very least the ability to detect
encrypted streams and at least analyse the flow.
There is nothing in the answer that suggests that the BND has any
abilities beyond what is commercially available as the state of the art.
Also, there is nothing in the answer that suggests that there is no need
to restrict the use of crypto by the public. That is just not within
the scope of the inquiry or the response. The topic was surveillance of
telecommunication by the BND in general.
Encryption was only the topic of one question, which was, compared to
the others, not very detailed and not very carefully phrased. Ideally,
they should have split the question in decryption and metadata analysis
and asked which methods are available in particular. They dropped the
ball on this one, and thus government and secret service could weasel
out with a typical non-answer: the smallest answer possible that is
truthful and does cover the scope of the question. The only other
possible answer would have been: "no, we can not analyse or decrypt
encrypted communication streams at all", in which case the answer would
have been secret because it revealed operational details that allows
suspects to evade the measure.
Thanks,
Marcus
_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the cypherpunks-legacy
mailing list