Australia on the cusp of showing the world how to break encryption

You just pass a law, apparently

By Richard Chirgwin


The Australian government has scheduled its “not-a-backdoor” crypto-busting bill to land in parliament in the spring session, and we still don't know what will be in it.

The legislation is included in the Department of Prime Minister and Cabinet's schedule of proposed laws to be debated from today (13 August) all the way into December.

All we know, however, is what's already on the public record: a speech by Minister for Law Enforcement and Cybersecurity Angus Taylor in June, and the following from the digest of bills for the spring session:

Implement measures to address the impact of encrypted communications and devices on national security and law enforcement investigations. The bill provides a framework for agencies to work with the private sector so that law enforcement can adapt to the increasingly complex online environment. The bill requires both domestic and foreign companies supplying services to Australia to provide greater assistance to agencies.

What's worrying to Vulture South is not so much the government sticking to the idea that there are magical powers to be had to decrypt strongly end-to-end encrypted messages.

It’s that there’s a persistent strain of authoritarian magical thinking that keeps looking for some kind of reality-hack that gives law enforcement what it wants without somehow breaking encryption. For example, defenders of the government’s position argues that you can keep encryption intact if you only attack end-user devices (say, a rootkit with screen-capture powers), and that proves that the government doesn’t want to break into networks.

Australia wants tech companies to let cops 'n' snoops see messages without backdoors


In effect, it is argued, the government wants to force companies to push rootkits onto users to read received and sent messages without decrypting network traffic.

Apart from the dodgy technological sophistry involved, this belief contradicts what Angus Taylor said in June (our only contemporary reference to what the government has in mind).

“We need access to digital networks and devices, and to the data on them, when there are reasonable grounds to do so,” he said (emphasis added).

If this accurately reflects the purpose of the legislation, then the Australian government wants access to the networks, not just the devices. It wants a break-in that will work on networks, if law enforcement demands it, and that takes us back to the “government wants a backdoor” problem.

And it remains clear that the government's magical thinking remains in place: having no idea how to achieve the impossible, it wants the industry to cover for it under the guise of “greater assistance to agencies”.

Telcos (although not companies like Apple or Google) already provide plenty of assistance – lawful intercept, metadata, and the like – but the “greater assistance” is specifically in the context of access to encrypted communications.

It's nothing more than a legislatively-encoded rehash of FBI Director Chris Wray's plaintive call that since the technology existed to put a man on the Moon, technology must exist to decrypt communications.

Perhaps, like loonies who think someone's hiding the secret of burning water to power cars, governments believe the technology they want already exists, but telcos and tech platforms are hiding the fact. Stupidity or conspiracy: it's hard to know which is worse. ®

Sign up to our NewsletterGet IT in your inbox daily


More from The Register

Americans are just fine with facial recognition technology – as long as they get shorter queues

The younger generation leads the fight against face matching

Microsoft says it's time to get serious about facial recognition rules: 'Laws and regulations are indispensable'

Really, you all, stop it! Hey, Amazon, what's going on back there? Enough! Cut that out!

Rights group launches legal challenge over London cops' use of facial recognition tech

Court asked to grant permission for judicial review of 'inaccurate' snooping tech

Full frontal vulnerability: Photos can still trick, unlock Android mobes via facial recognition

Dutch consumer club names 42 easy-to-fool cameras

Facial recognition tech to be used on Olympians and staff at Tokyo 2020

NEC to provide NeoFace kit to 40-plus venues for the games

Need a facial recognition auto-doxxx tool? Social Mapper has you covered

Use this to match profiles to names of people at an organization. Nothing could possibly go wrong here

Oh dear! Amazon's facial recognition is racist and sexist – and there's a JLaw deep fake that will make you want to tear out your eyes

Roundup The week's other news in AI

US judge won't budge over Facebook's last-minute bid to 'derail' facial biometrics trial

Updated 'Concerns' about cost and embarrassment fall flat

Sci-tech committee:'s 27-page biometrics strategy is great... as toilet paper

Document skirts around 'the fundamental issues involved'

London's Met Police: We won't use facial recognition at Notting Hill Carnival

But cops' trial of controversial tech will continue