ITPA submission to the PJCIS on "The Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018"
To whom it may concern,
I write to you today on behalf of the Information Technology Professionals Association - a membership-based not-for-profit organisation registered in Australia, and representing over 18,000 workers in the Information Technology industry in Australia and abroad.
ITPA supports the government and various law enforcement agencies in their goal of preventing and prosecuting crime. There is no doubt that, when used by criminals (paedophiles and terrorists in particular have been named at various times) that encrypted messaging and storage of information presents a real problem for law enforcement who need access to those messages and that data to assist in the prevention and prosecution of crime. The solution being presented, however, is fundamentally flawed - and even if it were possible to implement, would be completely ineffectual due to the limited scope of enforcement possible by the Australian government. Any attempt to implement the strategies described in the bill would result in a significant negative impact for law-abiding Australian citizens, and would have a negligible impact (if any) on law enforcement at all due to the ease with which the intended targets of the legislation will bypass it entirely.
Before we get to the technical detail of encryption technologies as they relate to the proposed bill (this is where ITPA is most qualified to comment), I would like to raise a few "interesting" points around the process that has surrounded this bill so far.
Former Senator Brandis signalled an attack on encryption as far back as 2016, and the IT Industry spoke, politely but firmly, indicating that the kind of powers that Senator Brandis was hoping for were unrealistic without introducing significant compromises into encryption processes and rendering them completely worthless. Former Prime Minister Malcolm Turnbull infamously followed up in 2017, stating that "The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia." This showed not only a complete disregard for reality (the laws of mathematics are no more able to be over-ridden by the laws of Australia than the laws of physics - can we look forward to a bill in the future that coconuts will hover mid-air when detached from a coconut palm, and no longer fall on the heads of innocent bystanders because "the laws of physics are very commendable, but the only law that applies in Australia is the law of Australia"?
When the Department of Home Affairs first put the proposed bill out for comment as "The Assistance and Access Bill 2018", ITPA responded - along with 342 other respondents. Over 40MB of PDF documents (consisting of hundreds of pages of in-depth analysis of the proposed bill) were generated as a result of the submissions - yet Minister Dutton and the Department of Home Affairs would have us believe that these were all read and appropriately considered before pushing the proposed bill into parliament and referring it to the PJCIS only 10 days after submissions closed.
As a result, Minister Dutton has claimed "The government has consulted extensively with industry and the public on these measures and has made amendments to reflect the feedback in the legislation now before the parliament." This is quite an unusual consultation - a rushed "open for comment" period was sprung by the Department of Home Affairs on an industry that was completely surprised by it (having commented repeatedly in the past that the idea was a folly), and then after collecting the aforementioned 343 submissions, did not further consult with any of the parties who made submissions, and then just as quickly pushed a modified version of the bill that clearly did not take into account the vast majority of feedback provided into parliament.
That's not an extensive consultation by any definition of the term used outside of the Department of Home Affairs or by Minister Dutton - and aside from the fundamental flaws in the technology aspects of this bill that we will highlight (as well as the governance, law and order and privacy concerns that other parties will focus on), it is of great concern to ITPA that this bill is being rushed through the legislative process to meet agendas other than the stated purpose of the bill. We are deeply concerned that these unstated agendas are contrary to the rights and interests of the law abiding citizens of Australia.
Now to the crux of our submission - the technological failings of this proposed bill - why it will not and indeed cannot achieve its stated purposes, and the impact that trying to do so, despite the best of advice provided by people who actually understand the underlying systems, will have on the Australian population in the areas of privacy and the economy.
The Department of Home Affairs own submission to the PJCIS defines encryption as follows:
"Encryption is a technically complex, robust and effective means of concealing the contents of communications. Encryption schemes change otherwise intelligible data and content into ciphertext that reveals minimal information about the original form of the data. Generally, the schemes have three components:
* a key generation algorithm
* an encryption algorithm, and
* a decryption algorithm.
Message content and an encryption key are put into an encryption algorithm that scrambles the message and returns unintelligible ciphertext. A decryption algorithm then takes this ciphertext and a decryption key and unscrambles the message to allow it to be read in its original form. Different forms of encryption offer different levels of protection, while this submission does not discuss these types in detail, the diversity of encryption schemes is important to note."
This is an overly simplistic (and some may argue completely wrong) view of the encryption process, failing to provide insight into the technical difficulty of what this bill seeks to allow.
In essence, encryption is the application of algorithms based on mathematical principles (the "laws of mathematics" that former Prime Minister Turnbull mentioned) to scramble the contents of a message (or other payload, but for the sake of simplicity, we will will call it a message) in such a way as to only allow it to be read by the intended recipient - anyone else will be unable to read the message as it will appear to be "nonsense".
The description of encryption provided by the Department of Home Affairs also fails to indicate just how ubiquitous encryption has become in the modern world, and by extension, the scope of the potential impact of this bill should it be passed.
Almost all online communication is encrypted in some form - high value communications (such as online banking and eCommerce traffic) have been encrypted for a long time now, but encryption of general web traffic is becoming very prevalent due to the increasing standardisation of the HTTPS protocol (utilising SSL encryption of web traffic) for all websites. Any time that personally identifiable information (PII) is transmitted, it is generally encrypted in order to assist parties collecting that data to meet their privacy obligations under law. Logon details (usernames and passwords) are generally only transmitted on encrypted channels - passwords themselves are encrypted when stored (or more correctly, a mathematical hash of the password, created using the same sort of algorithms as are used for encryption). Every time a credit card is used online, the transaction is secured using encryption. Most "instant messaging" applications also implement end-to-end encryption - WhatsApp alone claims to have one billion users every day globally, and it is a well publicised fact that many parliamentarians use encrypted messaging apps such as WhatsApp, Wickr, Telegram, etc themselves to conduct their party political business.
Early encryption was based on simple ciphers - substituting one character in a message for another based on a rule that was known to the sender and receiver only - take the phrase "Hello World", shift each letter one higher in the alphabet, and the message becomes "Ifmmp Xpsme" - which looks like gibberish to the naked eye. Pig Latin could be considered a crude form of encryption - "ello-Hay orld-Way". As code breaking techniques improved (efforts by the English at Bletchley Park during WW2 being a very famous example of applying new techniques - using early computers), encryption processes themselves have improved to try to keep ahead of the code breaking game.
Current encryption techniques are substantially improved, using long key lengths (longer keys increase the effort to break encryption), salting (another technique used to make cracking encryption harder) and complex mathematical processes which have been peer reviewed and subjected to significant "proof" efforts to ensure that they are not vulnerable to attack - as vulnerabilities are discovered (as they were with DES and 3DES), algorithms are replaced.
Further, the concept of asymmetric key pairs has been established, where a message is encrypted using one key, and can only be unlocked with another separate key (the "pair" to the key used to encrypt). This is a commonly used technique in the modern world, where the potential recipient of a message publishes their "public" key to anyone who wishes to communicate with them, the message is encrypted with the public key and transmitted to the recipient, who is the only person who has access to their "private" key, which is required to decrypt the message.
Modern encryption algorithms and techniques, when properly applied, are effectively considered to be unbreakable except through the application of substantial computational capability (supercomputers) over a long period of time. It should be noted that the purpose of encryption is not to encrypt a message against attackers forever - only for long enough that the privacy of the message needs to be maintained.
"End to end" encryption (which is the form of encryption that this proposed bill is aimed at compromising) takes place when the sender encrypts the message immediately that it is produced (on a mobile device for instance, they open their secure messaging application and type the message directly into the application), and the message is encrypted when it it sent, and only decrypted when it is received by the intended recipient (the use of public/private key pairs provides not only encryption, but also non-repudiation - it can be used to confirm the sender is who they say they are, as well ensuring that only the intended recipient can decrypt the message).
Other than the application on the mobile device, the unencrypted message is never present - the application passes the encrypted message to the mobile device operating system, which transmits it via a wireless network protocol to the carrier, who transmits it across their network, potentially across a number of intermediary networks, until the recipient's carrier receives it, transmits it to the recipient's mobile device, which presents it to the messaging application - and only at this stage is the message decrypted. At no stage, except in the messaging application, is the message available in its raw form - if intercepted, the message is encrypted to a level where it is effectively unreadable.
There are, effectively, only two ways to achieve what the government is aiming to do.
The first is to implement encryption algorithms with known vulnerabilities, allowing an external party to intercept a message and exploit that vulnerability to decrypt the message. As already mentioned however, modern encryption algorithms are effectively considered to not have such vulnerabilities, so in order to do this, the government would have to introduce a new encryption algorithm with a level of vulnerability inside it, and then somehow not only convince people to use it (extremely unlikely, as anyone using encrypted messaging is going to be immediately suspicious about the use of an encryption algorithm that hasn't had the scrutiny applied to it that other known good algorithms have had) or mandate its use (where they actually have the authority to do so), but then also protect the algorithm's vulnerabilities from misuse by other parties (it is inconceivable that external scrutiny would not be applied, and the vulnerabilities quickly discovered). This method of attack would also directly contravene the repeated promise that this legislation will not introduce systemic weaknesses in to encryption processes.
The other way to break strong modern encryption is at the application level - to change the application in such a way as to allow it to produce and send an unencrypted copy of a message to a law enforcement agency - to establish a "backchannel" alongside the encrypted transmission that is available for law enforcement to intercept and read. The way that this would need to be achieved is for a variation of the standard application to be written that, as far as the user is concerned, is exactly the same as the standard application, and then this application installed on to the target's mobile device, either by "fooling" the target into installing it through standard processes, or by surreptitiously injecting it on to the device.
To trick the target into installing the application, it would need to be either published as a standard update to the "App Store" or "Google Play" (for Apple and Android devices respectively) or equivalent for the extreme minority of other devices out there, or, for targets who do not download their end-to-end encrypted messaging apps from public application repositories, injected into an application source that the target trusts. The former would involve convincing (or legally obliging) Apple and Google respectively to allow the publication of compromised applications onto their respective repositories. This would not only directly contravene the promise not to introduce systemic weaknesses, but would also result in a massive loss of confidence from the law-abiding public in this form of application (and in-fact the application publishing methodologies used globally - and any criminal element stupid enough to be downloading their end-to-end encrypted messaging apps from the standard repositories would quickly move to other alternatives.
There is also the fact that as much as Australia is a lucrative market for many of the larger players (Apple, Google, Facebook, etc), that if it came down to a choice between continuing to operate within Australia or losing the trust of their global customer bases, there is a real chance that the decision would be made to exit Australia as a market - this would have significant economic ramifications for Australia well beyond the intended scope of this proposed bill.
This, of course, all assumes that the application author is subject to Australian law to start with (or the law of countries likely to assist Australia in enforcing its will). There are apps that are already not subject to Australian law, and even if the authors of every app that currently exists was somehow subject to Australian law, a new app would absolutely pop up from an author who is not - and not only criminals would move immediately to this new app, but so would anyone who had a legally-sound interest in privacy and was interested in ensuring that the Australian government cannot pry into their lives to any degree more than they can today.
If this bill is passed, there will be no improvement in the prevention or prosecution of crime at any level - but it will instead lead to a massive overreach into the private lives of law-abiding Australians, and a significant negative economic impact to Australia as a whole. Due to the ubiquitous nature of encryption in our daily lives, an effective attack on any individual use of encryption is an attack on almost all usage. And of course, an ineffective attack is completely pointless.
Whilst the stated intention is noble, the proposed bill cannot achieve its stated aims. Real consultation with industry could lead to improving the prevention or prosecution of crime, but until that happens, this bill should not be passed.