Justice Department Says It Should Be Able To Require People To Decrypt Their Computers
from the legal-questions dept
Another big legal question is hitting the courts, as the Justice Deparment is asking a federal judge to require a woman to decrypt her encrypted laptop as part of a lawsuit against her for a mortgage scam. The government claims that forcing her to decrypt the laptop is no different than standard discovery procedures, such as requiring someone open a safe. However, others, including the EFF, are arguing on Fifth Amendment grounds, that individuals should not be compelled to decrypt such encrypted content, on the grounds that it’s a form of incriminating yourself, if the content is found to be useful in prosecution. As we’ve discussed in the past, some courts have found that people cannot be forced to turn over their encryption key on this very basis. However, this case is slightly different, in that the government is seeking to get around such earlier rulings, by saying that it just wants to require her to type the password in herself to decrypt the laptop — rather than demanding the key itself. However, the EFF’s brief (pdf) in the case suggests that this really isn’t a huge difference, and just the decryption requirement alone would be a Constitutional problem.
Filed Under: decryption, encryption, fifth amendment
Comments on “Justice Department Says It Should Be Able To Require People To Decrypt Their Computers”
sadly they are already a few years behind, as in most cases technology has outstripped the court system. it is possible to to hide encrypted volumes inside encrypted volumes that are supposedly undetectable.
0100011001110101011000110110101100100000010110010110111101110101
4675636b20596f75
Re:
They’re not undetectable. It’s actually not that hard for an expert to be able to tell there is another encrypted volume (although I think they must get into the first encrypted volume to do so). But the existence of a volume isn’t immediately visible.
If this were to go through a competent computer forensic guy (what the hell are they called?) could get into the first encrypted volume, discover the existence of the other encrypted volume and go back to force the user to proved access to it as well.
The reason for this is that encrypted volumes have very high entropy that is not generally found under other circumstances.
I think the EFF’s got this one right. Forcing someone to type their password into a computer to decrypt it is a testimonial act. That person will then face the cruel trilemma: self-incrimination, perjury, or contempt. The Fifth Amendment doesn’t allow that.
Re:
“Yes, your honor, my encrypted file is actually two volumes with different keys, it takes no special skill to see that. Here’s my encryption tool, complete with source code: whenever I encrypt something it offers me a chance to put a second message in the second volume, and if I decline it just encrypts some random junk with a random key which it doesn’t retain. In this file the first volume is some vacation photos, and I didn’t put anything in the second. Honest, cross my heart.”
(There was a tool that did this years ago, I forget the name. It was briefly popular until someone discovered that the implementation was flawed and could be broken.)
oops
Just type it in wrong a few times and claim the stress of the trial must have caused you to forget the password… how could they possibly prove you didn’t forget it?
Re: oops
Unfortunately, they don’t have to prove it. A judge just has to believe you didn’t forget it and you can be held in contempt of court. I’m not sure what the maximum penalty for that is. Surely they can’t just keep you in jail until you either you give them the key or they decide you don’t really know it.
oops
yup. I forget my passwords all the time.
Re:
well i would think that if they are trying to force them to give up the password that they probably aren’t going to pay an expert consulting fees in order to analyze the encrytion.
Re:
well i would think that if they are trying to force them to give up the password that they probably aren’t going to pay an expert consulting fees in order to analyze the encrytion. also I am not an expert on encryption by any means and you may be right but truecrypt documentation seems to argue that a hidden volume is undetectable (http://www.truecrypt.org/docs/) Maybe someone with a doctorate in computer forensics could pick up on that but how many of those people are employed by law enforcement.
oops
“When you raided my house you lost the post-it note I keep the password on”
Options
Just forget your password, or tell them it is [insert person or group] + [insert derogatory remark], then when it does not work… oops that must have been my last one or something.
You could also tell them that it is the same password that you use for PSN and Sony stores user passwords in plain text, so goes ask them.
I understand their desire . . .
For instance, I should be able to have an army of Natalie Portman fembots.
Sadly, we don’t always get what we want.
Not sure I see ...
… why typing in your password to decrypt a drive or even to gain access to a PC is different than compelling someone to open a safe. In both cases you are unlocking a thing so the contents can be seen. The only difference is that in one case the contents are physical things and in the other they are digital. I presume that a search warrant is still required in either case and that should mean that the state has provided sufficient evidence to a court that there may be evidence pertient to the legal proceeding in the locked thing.
One must compare the penalties of not decrypting vs the penalties of what you will get in trouble for if you do decrypt the info.
For example, if the penalties for not decrypting the data is five years in jail and decrypting the data would reveal a murder, it would be in the best interest of the laptop owner not to hand over any decryption keys.
Perhaps the law should limit the maximum possible penalties to the penalties for not decrypting. Then again, that’s just not how reality works. If police see evidence of a murder on the laptop, they will now be tipped off about the murder and now they know to dig elsewhere for information and pretend that the laptop didn’t help them. It would be hard to prove otherwise.
Lost the key
If they had a safe as evidence and you lost the key or forgot the combination they would hire a locksmith and get the evidence.
If you forgot the password to your encrypted disk let them hire someone to crack the encryption.
No need to shred the 5th amendment.
They more they push this issue the more people will fight back with new technology. For example criminal hears his front door get knocked in, presses a certain keyboard combination causing his solid state encrypted hard drive, along with some fuel source, to catch fire and become ashes in a matter of seconds.
They should be happy enough that given enough time they might some day be able to decrypt some data.
But no thats not good enough, they want to see technology advance so they are left with a pile of ashes to decrypt.
I could even see a company selling such a hard drive.
It would be encased in such a way that when activated it would not start a fire externally. It would be activated by not seeing the correct pass-phrase after some period of time or after X number of incorrect pass-phrase attempts. Maybe even activated if it detected being tampered with physically.
Companies and Governments would purchase these in bulk for laptops that contain sensitive data.
No more concerns over lost laptops!
Anyone want to invest and help me bring this to market?
Thanks DOJ for inspiring this awesome idea!
TrueCrypt
Use TrueCrypt with a plausible deniability volume. You enter one password, you get the real volume. You enter another, you get a decoy volume instead.
The Post-It® note was Scotch-Taped® to the monitor!
Look, judge, the post-it was scotch-taped to the monitor when the cops took the computer… if the police can’t find it now, then password must be lost.
Really, when they start ordering you to give up what’s in your mind, the only other reasonable answer is, “Fuck you.”
And if you tell ’em “Fuck you” like they fully deserve, they’ll probably throw you in jail. Under these circumstances, there’s no moral duty to tell ’em the truth.
Give the soviet bastards your name, rank and serial number. Then try to stay alive, and escape back to freedom. Die, if you have to.
Not sure I see ...
I think they can compel you to turn over a key to the safe, but not the combination that’s in your head.
Re:
incryption
What about his security? It’s gonna get worse as we go deeper.
Re:
One must compare the penalties of not decrypting vs the penalties of what you will get in trouble for if you do decrypt the info.
For example, if the penalties for not decrypting the data is five years in jail and decrypting the data would reveal a murder, it would be in the best interest of the laptop owner not to hand over any decryption keys.
There’s one little snag in your plan; If a judge orders you to decrypt a computer and you refuse, you will be held in contempt of court. When this happens, the normal protections of the legal system don’t apply and the judge will throw you in jail to rot until you do what he/she tells you. Judges have almost unlimited power to keep you in jail on a contempt charge and will do so until you comply.
Not sure I see ...
I think it goes back to the same issues Mike raises about border crossings.
You choose what to stick in a safe. It has a very limited capacity. A PC, however, can have enough room to hold every digital file you’re interested in, depending on how much you want to spend on storage space and form factor.
It’s not so much that you’re hiding something as there may be something in there you simply don’t recall off the top of your head that they use against you in another way, much like a fishing expedition.
Lost the key
That sort of thing already exists in numerous forms.
here you go
What is your password?
It’s ABCDEF123
That doesn’t work.
Someone must have tampered with the drive. That is my password.
Re:
To prove contempt, the prosecutor or complainant must prove the four elements of contempt:
Existence of a lawful order
The contemnor’s knowledge of the order
The contemnor’s ability to comply
The contemnor’s failure to comply
http://en.wikipedia.org/wiki/Contempt_of_court
[Emphasis Added]
Oops, I forgot the password.
Re: Re:
Re:
In totalitarian states, they don’t have to prove nuthin’.
Iow, in Soviet Russia, is not joke.
If your password is a random string of gibberish, it’d be pretty easy to forget it if you weren’t regularly typing it in. It’d be even easier to forget it if you had to memorize new random strings of gibberish (like the encryption password on your new computer).
Re:
Unfortunately, the way the U.S. is heading …
It has many of the symptoms of Russia. Big business bail outs, government is protective of big business in many other ways, the government getting away with all sorts of things (ie: warrantless wiretapping, domain seizures just to protect big business) with no due process, etc…
“It’s not self-incrimination. See, we aren’t asking you to say anything. Just write down a confession on this piece of paper here. Totally different.”
here you go
Disk failure.
I learned the hard way to NEVER encrypt the system drive. A hiccup in a defrag can instantly become a everything-lost-forever nightmare.
Personally, (assuming TrueCrypt) if I were really paranoid I’d be using a hidden volume container inside it’s outer volume, and I’d move that into a small virtual machine’s hidden volume.
Lots of risky entropy, yes. But it’s sure a lot faster to wipe a 20GB VM than an entire drive. And copies of the VM can be stored off-site in case the primary is wiped.
Not sure I see ...
Actually this goes to the fact that they don’t actually need you to open the safe as they do have other means. However with a good encrypted drive they really do not have other means.
Personally in either case you should be able to claim Fifth amendment rights.
Re:
If you were really paranoid you would have designed a battery powered electromagnet into your computer case that is designed to engage when the power plug is removed without holding down three other hidden “buttons” like a screw, etc. and then for good measure have pads of thermite ignite above each of your hard drives.
I personally am not that paranoid/would never put anything incrementing on something the government could get their hands on.
Re: Re:
This makes me wonder what the laws are regarding booby trapping. Suppose you rig your computer in such a way that it explodes if carried outside of your house. Now suppose you aren’t home when the police perform a search and take your stuff. How were you supposed to know?
wireless capture keystroke
they can perfectly capture keystroke from the next door room
http://hacknmod.com/hack/two-new-methods-for-wireless-
keystroke-sniffing/
Re:
They’re not undetectable. It’s actually not that hard for an expert to be able to tell there is another encrypted volume (although I think they must get into the first encrypted volume to do so). But the existence of a volume isn’t immediately visible
You are talking about Truecrypt – and it seems that you are reading from a second hand account of a research paper. The true situation is this:
If you create a hidden volume then there are ways to detect its presence because of tell tale signs left in the “outer” volume by the operating system. However if you create a complete hidden operating system then there is no known way at present to detect its existence.
Your comment about entropy is wrong. Truecrypt fills all the empty space on the drive with random (i.e. high entropy) data anyway – so there is no entropy diffence between encrypted data and empty space.
oops
There’s an old story about Sheriff Dan Ring who did some weird stuff.. Part of the story is he used SafeHouse Explorer to encrypt a section of his work laptop..
Read the story, it’s pretty interesting at times..
http://www.seattlepi.com/default/article/Secrets-locked-away-in-encrypted-files-1179734.php
The links from their home page;
http://www.safehousesoftware.com/SafeHouseProfessional.aspx
They never did find out what was in there 😉
Re:
If you create a hidden volume then there are ways to detect its presence because of tell tale signs left in the “outer” volume by the operating system.
Citation needed.
Re:
At the very least they can detect the presence of unpartitioned space. What should unpartitioned space look like? Is unpartitioned space generally composed of a bunch of random bytes in random order (which is what encrypted data attempts to mimic), or is unpartitioned space generally composed of patterned data?
Or maybe they can simply destroy any unpartitioned space by changing the bytes around.
Re: Re:
If the drive is new, unpartitioned space will probably be all zeros. That is why an important step before creating an encrypted volume is to fill the whole drive with random data. Most encryption tools do this automatically. This way, it will be hard to tell if encrypted data is present.
Re:
(Ok, I’ll spell it out, just in case it’s not obvious from my previous post).
I would go out on a limb and say that unpartitioned space is generally patterned.
If you do a full format, what does the format software generally set the unused bytes to (depending on what you use to format the drive with and perhaps depending on the needs of the operating system). Zero? One? Or it’ll arrange the bytes in some sort of patterned structure.
If you do a quick format, what did you generally have before the format? An operating system? Some files? and what do these things consist of? Patterned data.
A chunk of hard disk being composed of unpatterned data can be suspicious.
Re:
You’re better off hiding data in a bunch of image files that you used your camera to take pictures with. If done right, it can be cryptographically difficult to detect.
Re:
I learned the hard way to NEVER encrypt the system drive.
If you don’t encrypt the system drive, then any data accessed on that system is not secure. It is technologically simple to get data out of various cache and temporary files, such as the Windows pagefile. Which is stored in your unencrypted system drive.
Heck, RAM isn’t even completely secure after the system is off. Data (including your encryption key) can be pulled off it for minutes even after power is removed, depending on temperature. http://en.wikipedia.org/wiki/Cold_boot_attack
Re:
but basically, if you want to hide encrypted data, you’re better off hiding this unpatterned looking data within patterned data. Make it look like some of the unpredictable elements within patterned data. For instance, you can quick format an operating system. Though we expect the data to be patterned, we don’t expect to be able to determine an expected state of each bite. There is some expected unpredictable variance, and encrypted data can hide within that.
For instance, you take a picture of the sky. The picture consists of multiple shades of blue. Do we expect the nine hundredth and fifty ninth pixel be #00FFFF or should it be #00FFFE . Either value are just as expected.
Re:
either value is just as expected *
oops
how could they possibly prove you didn’t forget it?
http://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis
Like that.
oops
?Waterboarding Used 266 Times on 2 Suspects?, New York Times, April 19, 2009
Encryption
I don’t have anything that needs encryption, or encrypted erasure, but I have those programs anyway – because I can. If any old Tom, Dick, or Harry can demand the key, what good is having the program? If the government needs to decrypt something they must do what responsible governments have always done and crack the code! It’s good for the brain!
Lost the key
I am curious about that. How the authorities prevent that from happenning? Do they power off electricity?
Different violation
A requirement to type in the password is contrary to the 13th Amendment (not that any of them are respected in USA anymore).
The appropriate answer is, “All the data has been delivered, you have it right there”. AFAIK there has never been a requirement for the discoveree to interpret data for the opposing party. If it were in a language they didn’t understand, for example, it would be their own responsibility to find a translator.
Re: Different violation
Exactly. Suppose you were skilled enough to use a filesystem that you invented yourself. Since no know else understands it, they would have no way of knowing if there was data or not. The bottom line is though that your story has to be believable. If you are accused of something, just arguing that the other side can’t prove anything isn’t gonna cut it. The jury/court has to believe that you are telling the truth.
Re: Re: Different violation
$ strings /dev/sdc | less
Encryption
They’ll have to pry MY passwords out of my cold, dead fingers…..
Re:
Oops, I forgot the password.
So the court is supposed to believe that a person has suddenly forgotten the password to a computer that they were using on a daily basis? Or that the person kept a computer set up, even though they could no longer use it because of a forgotten password?
Neither one is very believable.
Encryption
They’ll have to pry MY passwords out of my cold, dead fingers…..
Nah, that’s what water-boarding is for.
Enforcement
If the court rules that encryption passwords are non-testimonial, what can they do if someone claims to have forgotten their password? The common remedy for such things (refusing to provide a voice-lineup, for example) is to jail the person for contempt until they comply. But such things have their limits. A few weeks to a month is typical. Anything approaching a year is very unusual.
However, it seems like if I know that what’s on the computer will get me convicted and sent to prison, I’d certainly prefer 6 months to a year in the county jail for contempt over 10 years in the federal penitentiary for mortgage fraud or whatever.
Not sure I see ...
> why typing in your password to decrypt a
> drive or even to gain access to a PC is
> different than compelling someone to open
> a safe
The difference is that if you ‘lose’ the key to the safe, the government can still cut it open and get to the contents.
If you ‘lose’ a password, the government is basicaly SOL. And the government doesn’t like to be SOL.
Re:
> Neither one is very believable.
Doesn’t matter what they believe. Just what they can prove.
Lost the key
> For example criminal hears his front door get
> knocked in, presses a certain keyboard combination
> causing his solid state encrypted hard drive,
> along with some fuel source, to catch fire
> and become ashes in a matter of seconds.
We had a CP case years ago where we served the warrant on the guy, arrested him at his house and seized his computers. Took them back to our office for forensic examination and when we started them up, found every single disk and drive was completely blank.
Turns out he embedded extremely powerful magnets in the door frame and window frame of the room where he kept the computers and when the computers were taken out through the door, it wiped the drives.
about that laptop...
If the woman broke the law, and they want to look at her files, I think they would have to KNOW that information on there is detrimental to her, otherwise they wouldn’t ask, and she wouldn’t refuse…THAT SAID, if she is still in possession of the laptop, (unlikely of course) she could always format the hard drive and NOBODY would be able see what was on there, I think this is a test case for purposes other than prosecuting this woman, if they have THIS much on her, they don’t need any info on her laptop, there are traces of her activities everywhere.
@ steve....good point, and I'll tell you why...
Steve, Jul 13th, 2011 @ 10:36am
A requirement to type in the password is contrary to the 13th Amendment (not that any of them are respected in USA anymore).
The appropriate answer is, “All the data has been delivered, you have it right there”. AFAIK there has never been a requirement for the discoveree to interpret data for the opposing party. If it were in a language they didn’t understand, for example, it would be their own responsibility to find a translator.
years ago, when after a false conviction and an appeal I requested transcripts of the proceedings of my court case, and they came alright, but were in the “symbolized’ shorthand of the court stenographer, and most people don’t realize this, but they all have different styles, so only the person who wrote them, would ever have a shot at decrypting them, so basically, when asked if I HAD been given a copy of the transcripts, I had to say yes, but they were unreadable, he said, that’s not my fault, and eventually dismissed my case! the conviction stands!
Re:
That’s crazy lawyer talk. I really can’t wrap my head around the fact that ANYBODY could ever think these are different things.
Encryption
Damn, can’t find the link to the corresponding XKCD comic.
Lost the key
It is not likely this would work with modern drives, certainly not for drives made since 2005 that use Perpendicular Magnetic Recording (PMR). A high magnetic field is necessary for erasure and a quick glance shows the cost for these degaussers range from $8k – $20K. Also, remember that close proximity is required as the field strength drops off quite rapidly. Even a few inches away means that a permanent magnet or an electromagnet will not be effective in degauusing.
Encryption
http://xkcd.com/538/
Encryption
Thx.
sohbet
Unfortunately, they don’t have to prove it