Theresa May has said that there must not be a safe place for terrorists to communicate. David Cameron has gone further and said that we cannot allow any means of communications which cannot be read, [telegraph article] and so presumably means that the 64 million of us in the UK that are not in fact terrorists are not allowed to communicate privately either. Sadly Obama has joined in [here].
I was horrified, really, that our servants, the government, are really saying that we cannot talk privately any more. That is just police state gone mad.
I was also horrified at the heckling and stupid answer that Julian Huppert got when he asked Theresa May about this. It shows that the people in government, who run this country, really have no clue what these statements actually mean.
Obviously, the people I deal with immediately think of how stupid this is in light of the technology we use every day. We understand the usage of encryption (keeping secrets) done by computer systems in our daily lives. Each and every one of us use secret communications that the security services cannot see when we access FaceBook, or Google, or even The Conservative Party Website! We are doing exactly what David Cameron has stated, in no uncertain terms, must not be allowed for any of us (not just terrorists) to do. We also know that any attempts to achieve what they are saying, no matter how stupid, would not actually stop criminals and terrorists. It is like passing a law that says "If you are a terrorist, you must send a copy of all your plans and communications to email@example.com". It is stupid. It is us, the ones that are not terrorists, that stand to be impacted by this stupidity. Terrorists won't care.
But I want to try and take technology out of this debate and explain just how stupid this is in terms that anyone can understand. I have made a video [here], and I explain below, a means of communications that anyone (including terrorists) can easily use; a method of communication that cannot be read; something that is absolutely what Theresa May and David Cameron say must not be allowed. I am not being extremest here - every one of you does far more complex stuff every time you visit FaceBook, remember that!
The system is called a one time pad, and it is uncrackable. This may look like child's play, but I can assure you that if the NSA or GCHQ intercepted your communications using this then they could not crack it as long as you have done what I say and made sure the keys are secret and safe. I'd be surprised if this is not millennia old, but the concept was first published in 1882 relating to secure telegraph.
This is not difficult - and it is fun for all the family - why not try it with your kids? If could teach them important tools they may need if this government have their way.
Let's take is step by step...
- Before you start you need keys. In my video I have made each key a separate sheet of paper and printed with blank boxes by each character. In the spirit of SMS I have made the keys 160 characters long. You will need a set of keys for future messages, with each key twice, one kept by the sender and one by the recipient. I made the keys using a computer program, and you could get from a web site [here] but that means the web site operator may have your key, so not safe (unless you are just doing this for a bit of fun). Running the software yourself is better, but you can just use a pair of dice! You do not need a computer. A couple of dice and some squared paper and a pencil, that is all.
- You need to make sure the sender has a set of keys and the recipient has the same set of keys, and that nobody else has seen the keys or has a copy or has access. Each of you should keep them safe, perhaps in an actual safe even. This does mean meeting up face to face at some point, but this can set up secure communications for the future. You may want to agree a way to tell each other that your keys have been accessed, some suitable message like "my keys have been seen by someone else" in a text! NEVER LET ANYONE ELSE SEE THE KEYS!
- When you want to send some critical message, such as the date and time of an attack you are planning (don't attack people, that is not legal), you pick one of the key sheets. You can pick it at random, as it happens, and I'll explain how the recipient knows which you used.
- You write your message over the key letters on the sheet, but start with say 4 spaces. (We didn't do this on the video) Make sure you don't have other paper below as it could leave an impression when you write (a mistake we make on the video)
- For each letter in your message you also have a key letter. Using a simple addition table or wheel you add the two letters together. You look up the message letter on one side, and the key letter on the other, and find where the lines cross to get the output (coded) letter and write that down.
- For this purpose I have created a sheet with an alphabet of 36 characters in total, being A-Z, 1-9 and a space. To avoid misreading multiple spaces we are treating a space as a * in the final message sent, and to avoid confusion as well as making it a nice number to use with two dice, we have made O and 0 the same. A simple addition sheet can be found here. You could make different decisions on the alphabet to use and so on.
- For convenience, in my addition sheet, the space (or *) is added as a zero value, and so does not change the other letter (unlike the video). That means any spaces in your message you just write the key letter down unchanged - this saves time, but it also means your final message starts with 4 key letters as per the sheet. You should also have spaces on the end, so also writing the key letters again, either a random extra number of spaces, or perhaps all the way to the end of the 160 characters every time. This hides the length of your true message.
- You send the code letters to the recipient. This could be by text, but remember, this coded message is not secret - so you could just tweet it, or write it on a post-it note, or graffiti it on the side of a building (don't do that, it is not legal either). As long as the recipient knows where to look for the message that is fine.
- The sender now destroys the sheet, destroying your message and the key. NEVER EVER USE THE SAME KEY SHEET TWICE.
- The recipient can use the first 4 letters to work out which key sheet applies as they were coded as spaces. When making the key sheets you may want to avoid duplicates in the first 4 letters.
- The recipient writes the coded message on the sheet, and then works through the characters. This time, you find the key letter row, and follow it along to the coded letter, then go up/down to the letter at the end of the column and that will be the original message letter. Write that down on the sheet. You will see spaces easily as they have the coded letter the same as the key letter and so the padding spaces at the end are simple to spot and ignore.
- At the end you will see the original message on the sheet. Read it and understand it.
- The the recipient destroys the sheet, destroying the message and the key.
The one time pad does have some issues. The main benefit is the simplicity and total security it offers, but the down sides are that you have to pre-exchange some keys, you have to be sure the keys really are random, and you have to be sure to keep the keys totally safe. If you can do that, then you have a means to safely communicate privately (even if you are not a terrorist).
Now, computers can do a lot more, and have ways to avoid the sharing of keys like this, but authenticity of sender and recipient are always issues in any system. Using computers it is even possible to actually hide the fact that the message is coded in some way, so you are not looking suspicious by sending gibberish texts. However, I hope this shows how simple it is to do what David Cameron and Theresa May actually want to ban, and how pointless any such ban would be. The damaging effects of any sort of measures they take could be massive though, and that is why we have to stop this proposal at the start and make them understand that:-
- we have a right to communicate privately,
- we have the technology (pen and paper) to communicate privately, and
- we will communicate privately (and so might terrorists).
Paste this fake spam email:ReplyDelete
Dear Friend , This letter was specially selected to
be sent to you ! We will comply with all removal requests
! This mail is being sent in compliance with Senate
bill 1621 ; Title 5 ; Section 303 ! Do NOT confuse
us with Internet scam artists . Why work for somebody
else when you can become rich within 38 days ! Have
you ever noticed people are much more likely to BUY
with a credit card than cash & nearly every commercial
on television has a .com on in it ! Well, now is your
chance to capitalize on this ! We will help you sell
more & SELL MORE ! You can begin at absolutely no cost
to you . But don't believe us . Ms Anderson of New
Mexico tried us and says "Now I'm rich many more things
are possible" . This offer is 100% legal . You have
no reason not to act now . Sign up a friend and you'll
get a discount of 20% . Thanks ! Dear Business person
, Especially for you - this cutting-edge info . We
will comply with all removal requests . This mail is
being sent in compliance with Senate bill 2616 ; Title
1 , Section 303 . This is not multi-level marketing
. Why work for somebody else when you can become rich
inside 59 WEEKS . Have you ever noticed how long the
line-ups are at bank machines plus nearly every commercial
on television has a .com on in it . Well, now is your
chance to capitalize on this ! WE will help YOU process
your orders within seconds and increase customer response
by 130% . The best thing about our system is that it
is absolutely risk free for you ! But don't believe
us ! Mrs Simpson of Hawaii tried us and says "I was
skeptical but it worked for me" ! We are licensed to
operate in all states ! We BESEECH you - act now !
Sign up a friend and you get half off ! God Bless .
If anyone's looking for the footage of Julian Huppert MP asking the question then it can be found here: https://www.youtube.com/watch?v=fgUtcUDZJBgReplyDelete
Thanks, linked in to main article now.Delete
Wow, that was scary. Is this honestly the country I live in? It's almost surreal at this point.Delete
They don't need to meet face to face. Just exchange emails before these back doors are introduced. And of course they could use books and not keys. Also remember how in ww2 we sent messages to the French resistance with clear messages. Like "John. Go to the garden tonight and open the gate".ReplyDelete
It could be garbage or it could be translated into something meaningful if you have the right book.
Codebooks are essentially a form of substitution cipher, which means they are crackable with enough data (e.g. from repeated reuse of the code words). This differs from a one time pad in that it's mathematically provable that data encrypted with a one time pad is not crackable - both the pad itself and the ciphertext are mathematically random when examined separately and only become meaningful when examined together.Delete
The random nature of the ciphertext lends itself to stenography - you can embed it in another signal, and it is indistinguishable from the natural background noise. A very simple example of this would be to take a digital photo or digital audio recording and replace each low order bit with a bit from your ciphertext - unless the recording was absolutely top quality to begin with, the low order bits probably only contain noise to begin with, and even if they don't you'd only be raising the noise floor marginally. As long as there is no "original" file for someone to compare it with (so use your own photos/audio and destroy the original after you've finished, rather than grabbing random stuff off the internet), it is impossible to detect the ciphertext without the key.
(Note: the replace-low-order-bits method won't stand up to any kind of lossy compression, but serves as a simple example)
Julian Huppert tries his best. It's such a shame so many other MPs appear to be clueless about technology. I'm about a mile outside his consituency.ReplyDelete
> You have no legal obligation to hand over the keys that are not yet used and you can keep them in the safe.ReplyDelete
It is perhaps not quite as clear cut as this. s49 applies not only to protected information which has been acquired already, but to protected information which "is likely to do so". It is not beyond the bounds of possibility that an agency would make the case that, if someone were a target of interception (for example, or else that they were communicating with someone who was a target), all their communications would come into the possession of the agency, and some, based on the exchange which has already been discovered, are likely to be encrypted using a key from the one pad, and so seizing the pad is required.
Interesting. In which case you tweet that your keys have been taken...Delete
Unless the s49 notice contains a secrecy provision (s54), in which case such disclosure of the existence of the notice is a criminal offence.Delete
So use a different message that nobody can prove was in fact disclosure.Delete
I suspect that, by this point, you are firmly in "get a good lawyer" territory, if, in practice, you are looking to disclose the existence of a s49 notice, even using a coded way of doing so, whilst trying to avoid a prison sentence!Delete
But terrorists are not really worried about complying with the law, so not really an issue for them. The could "notify" simply by not tweeting how much they hate Fridays this week. And if they have gone after the sender rather than recipient, they simple don't send any more messages using the compromised keys. Catching the recipient is always harder as the messages can be sent publicly.Delete
And bear in mind - we are discussing the simplest of crypto here - in practice criminals can use any number of tools, and apps, and techniques, including those that show no evidence of an encrypted message anyway. In practice the "maths" that exists allows not just private communications but covert communications as well, so it is all totally pointless. My video and blog are to show how simply it can be done if you want, to give some idea of how far you would have to go to try and ban this. Saying terrorists must not have a means to secretly communicate is like saying they must not have gravity, it is nonsense. Maths (and gravity) both exist, and that is as much a fact of life as the tide coming in.Delete
I don't disagree, and I was just responding to the "no legal obligation" point.Delete
If the actor is one who is not inclined to follow the law anyway, then the nuances of Part III of RIPA are unlikely to be of much interest.
However, for those *other* than such terrorists, who want to use cryptography not because they have something to hide but merely because they want to do so, having a reasonable understanding of the framework is probably worthwhile, against the day that a lawful demand is made for a key, to encourage careful reading of the notice before reaching for Twitter :)
I have updated wording in the main article to be clearer.Delete
Sorry, someone asked about "licence" for the code and I managed to zap their comment - stop bloodspot system. Anyway, do what you like with it.ReplyDelete
Fascinating read about GCHQ’s Joint Threat Research and Intelligence Group (JTRIG) and on what lengths the (US) intelligence community is willing to go to—and what happens when they take the fruits of the surveillance they’ve done and unleash it on a target.ReplyDelete
I switched to A&A about a month ago and found your Blog. This article inspired me to have a go at writing a one time pad program in C. I've only written 2, very small, programs before but have read a few tutorials on the web. Anyway, If I can do it I am sure any school age kid can do infinity better. Just goes to show how out of touch politicians are when it come to encryption and the internet! Here is a link, Linux only at the moment. https://github.com/n0p513d/otpcryptReplyDelete
I linked to this article from http://blog.adamspiers.org/2015/05/09/tories-limit-maths-via-snoopers-charter/ - hope you approve :)ReplyDelete
a writer must be a penReplyDelete