Feds put heat on Web firms for master encryption keys

[Karel Bílek]

this is fucking disgusting

(I am sorry, I had to say that)

why do the big US companies bother with encryption anymore...

On Thu, Jul 25, 2013 at 10:19 AM, Eugen Leitl <eugen at leitl.org> wrote:
>
> (See also https://en.wikipedia.org/wiki/Convergence_(SSL) )
>
> http://news.cnet.com/8301-13578_3-57595202-38/feds-put-heat-on-web-firms-for-master-encryption-keys/
>
> Feds put heat on Web firms for master encryption keys
>
> Whether the FBI and NSA have the legal authority to obtain the master keys
> that companies use for Web encryption remains an open question, but it hasn't
> stopped the U.S. government from trying.
>
> Declan McCullagh by Declan McCullagh  July 24, 2013 4:00 AM PDT
>
> Large Internet companies have resisted the government's demands for
> encryption keys requests on the grounds that they go beyond what the law
> permits, according to one person who has dealt with these attempts.
>
> (Credit: Declan McCullagh)
>
> The U.S. government has attempted to obtain the master encryption keys that
> Internet companies use to shield millions of users' private Web
> communications from eavesdropping.
>
> These demands for master encryption keys, which have not been disclosed
> previously, represent a technological escalation in the clandestine methods
> that the FBI and the National Security Agency employ when conducting
> electronic surveillance against Internet users.
>
> If the government obtains a company's master encryption key, agents could
> decrypt the contents of communications intercepted through a wiretap or by
> invoking the potent surveillance authorities of the Foreign Intelligence
> Surveillance Act. Web encryption -- which often appears in a browser with a
> HTTPS lock icon when enabled -- uses a technique called SSL, or Secure
> Sockets Layer.
>
> "The government is definitely demanding SSL keys from providers," said one
> person who has responded to government attempts to obtain encryption keys.
> The source spoke with CNET on condition of anonymity.
>
> The person said that large Internet companies have resisted the requests on
> the grounds that they go beyond what the law permits, but voiced concern that
> smaller companies without well-staffed legal departments might be less
> willing to put up a fight. "I believe the government is beating up on the
> little guys," the person said. "The government's view is that anything we can
> think of, we can compel you to do."
>
> A Microsoft spokesperson would not say whether the company has received such
> requests from the government. But when asked whether Microsoft would turn
> over a master key used for Web encryption or server-to-server e-mail
> encryption, the spokesperson replied: "No, we don't, and we can't see a
> circumstance in which we would provide it."
>
> Google also declined to disclose whether it had received requests for
> encryption keys. But a spokesperson said the company has "never handed over
> keys" to the government, and that it carefully reviews each and every
> request. "We're sticklers for details -- frequently pushing back when the
> requests appear to be fishing expeditions or don't follow the correct
> process," the spokesperson said.
>
> Sarah Feinberg, a spokeswoman for Facebook, said that her employer has not
> received requests for encryption keys from the U.S. government or other
> governments. In response to a question about divulging encryption keys,
> Feinberg said: "We have not, and we would fight aggressively against any
> request for such information."
>
> Apple, Yahoo, AOL, Verizon, AT&T, Opera Software's Fastmail.fm, Time Warner
> Cable, and Comcast declined to respond to queries about whether they would
> divulge encryption keys to government agencies.
>
> Encryption used to armor Web communications was largely adopted not because
> of fears of NSA surveillance -- but because of the popularity of open,
> insecure Wi-Fi networks. The "Wall of Sheep," which highlights passwords
> transmitted over networks through unencrypted links, has become a fixture of
> computer security conventions, and Internet companies began adopting SSL in
> earnest about three years ago.
>
> "The requests are coming because the Internet is very rapidly changing to an
> encrypted model," a former Justice Department official said. "SSL has really
> impacted the capability of U.S. law enforcement. They're now going to the
> ultimate application layer provider."
>
> An FBI spokesman declined to comment, saying the bureau does not "discuss
> specific strategies, techniques and tools that we may use."
>
> NSA director Keith Alexander, shown here at a Washington, D.C. event this
> month, has said that encrypted data are "virtually unreadable."
>
> (Credit: Getty Images)
>
> Top secret NSA documents leaked by former government contractor Edward
> Snowden suggest an additional reason to ask for master encryption keys: they
> can aid bulk surveillance conducted through the spy agency's fiber taps.
>
> One of the leaked PRISM slides recommends that NSA analysts collect
> communications "upstream" of data centers operated by Apple, Microsoft,
> Google, Yahoo, and other Internet companies. That procedure relies on a FISA
> order requiring backbone providers to aid in "collection of communications on
> fiber cables and infrastructure as data flows past."
>
> Mark Klein, who worked as an AT&T technician for over 22 years, disclosed in
> 2006 (PDF) that he met with NSA officials and witnessed domestic Internet
> traffic being "diverted" through a "splitter cabinet" to secure room 641A in
> one of the company's San Francisco facilities. Only NSA-cleared technicians
> were allowed to work on equipment in the SG3 secure room, Klein said, adding
> that he was told similar fiber taps existed in other major cities.
>
> But an increasing amount of Internet traffic flowing through those fiber
> cables is now armored against surveillance using SSL encryption. Google
> enabled HTTPS by default for Gmail in 2010, followed soon after by
> Microsoft's Hotmail. Facebook enabled encryption by default in 2012. Yahoo
> now offers it as an option.
>
> "Strongly encrypted data are virtually unreadable," NSA director Keith
> Alexander told (PDF) the Senate earlier this year.
>
> Unless, of course, the NSA can obtain an Internet company's private SSL key.
> With a copy of that key, a government agency that intercepts the contents of
> encrypted communications has the technical ability to decrypt and peruse
> everything it acquires in transit, although actual policies may be more
> restrictive.
>
> One exception to that rule relies on a clever bit of mathematics called
> perfect forward secrecy. PFS uses temporary individual keys, a different one
> for each encrypted Web session, instead of relying on a single master key.
> That means even a government agency with the master SSL key and the ability
> to passively eavesdrop on the network can't decode private communications.
>
> Google is the only major Internet company to offer PFS, though Facebook is
> preparing to enable it by default.
>
> Even PFS isn't complete proof against surveillance. It's possible to mount a
> more advanced attack, sometimes called a man-in-the-middle or active attack,
> and decode the contents of the communications.
>
> A Wired article in 2010 disclosed that a company called Packet Forensics was
> marketing to government agencies a box that would do precisely that. (There
> is no evidence that the NSA performs active attacks as part of routine
> surveillance, and even those could be detected in some circumstances.)
>
> The Packet Forensics brochure said that government agencies would "have the
> ability to import a copy of any legitimate key they obtain (potentially by
> court order)." It predicted that agents or analysts will collect their "best
> evidence while users are lulled into a false sense of security afforded by
> Web, e-mail or VOIP encryption."
>
> With a few exceptions, even if communications in transit are encrypted,
> Internet companies typically do not encrypt e-mail or files stored in their
> data centers. Those remain accessible to law enforcement or the NSA through
> legal processes.
>
> Leaked NSA surveillance procedures, authorized by Attorney General Eric
> Holder, suggest that intercepted domestic communications are typically
> destroyed -- unless they're encrypted. If that's the case, the procedures
> say, "retention of all communications that are enciphered" is permissible.
>
> Valerie Caproni, who was the FBI's general counsel at the time this file
> photo was taken, told Congress that the government needs "individualized
> solutions" when "individuals who put encryption on their traffic."
>
> (Credit: Getty Images)
>
> It's not entirely clear whether federal surveillance law gives the U.S.
> government the authority to demand master encryption keys from Internet
> companies.  "That's an unanswered question," said Jennifer Granick, director
> of civil liberties at Stanford University's Center for Internet and Society.
> "We don't know whether you can be compelled to do that or not."
>
> The government has attempted to use subpoenas to request copies of encryption
> keys in some cases, according to one person familiar with the requests.
> Justice Department guidelines say subpoenas may be used to obtain information
> "relevant" to an investigation, unless the request is "unreasonably
> burdensome."
>
> "I don't know anyone who would turn it over for a subpoena," said an attorney
> who represents Internet companies but has not fielded requests for encryption
> keys. Even a wiretap order in a criminal case would be insufficient, but a
> FISA order might be a different story, the attorney said. "I'm sure there's
> some logic in collecting the haystack."
>
> Kurt Opsahl, a senior staff attorney at the Electronic Frontier Foundation,
> challenged the notion that current law hands the government the power to
> demand master encryption keys. Even with a FISA order for the private key,
> Opsahl said, the amount of technical assistance that a company must provide
> to the NSA or other federal agencies "has a limit."
>
> Federal and state law enforcement officials have previously said encrypted
> communications were beginning to pose an obstacle to lawful surveillance.
> Valerie Caproni, the FBI's general counsel at the time, told a congressional
> hearing in 2011, according to a transcript:
>
>  Encryption is a problem, and it is a problem that we see for certain
> providers... For individuals who put encryption on their traffic, we
> understand that there would need to be some individualized solutions if we
> get a wiretap order for such persons... We are suggesting that if the
> provider has the communications in the clear and we have a wiretap order,
> that the provider should give us those communications in the clear.
>
> "One of the biggest problems with compelling the [private key] is it gives
> you access to not just the target's communications, but all communications
> flowing through the system, which is exceedingly dangerous," said Stanford's
> Granick.
>
> Update, 11:40 a.m. PT: Adds additional comments from a Facebook
> representative saying the company has not received such requests.
>
> Disclosure: McCullagh is married to a Google employee not involved with this
> issue.