Tuesday, March 3, 2009

Encryption and the 5th amendment

This is a very interesting twist on the interpretation of handing over encryption keys according to the 5th amendment.I had the opportunity to work on a case a long time ago where a suspect of intentional data leak refused to provide the PGP passphrase to a encrypted volume on his computer. I don't know how the case evolved in the Brazilian courts, but it was very similar to this one. On that situation, the guy simply provided a wrong password and said he didn't know why it wasn't working. Quite clever.Some years later I asked a "highly respected computer forensics specialist", during a roundtable in a security conference, about his thoughts on the situation. He promptly said, doing a "I'm smarter than that" face, that they probably wouldn't need the passphrase anyway as forensic specialists could break the crypto without that. Ha! Five years later, here is the same case, in a more "developed country", going through the same issue. Does that guy still think that the passphrase is not necessary?There is also a high profile corruption case being handled by the Brazilian federal police where a set of encrypted hard drives were found. They didn't manage to break the encryption, and some journalists promptly started to accuse the police of intentionally pushing back the investigations. Ok, they sent the hard drives to the "magical US FBI" (some people really believes on those things from CSI tv shows) in order to get the data. Results? None.It's funny how people believe that encryption really works, but when law enforcement cannot break it, they immediately think there is something behind it. Conspiracy theories are much more fun than just admitting that, sometimes, encryption does its job :-)

No comments:

Post a Comment