[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] HR4681 Sec 309 communication privacy legislation

On 12/14/2014 10:39 AM, Tim Mitchell wrote:
> Morning all,
> If no one has yet seen Section 309 of US HR4681, it contains
> some very dubious language that sounds like it is legalizing
> indefinite government retention of encrypted communications.
> The text is as follows (Section 309.b.3.B.iii):
> (B) Limitation on retention.--A covered communication shall 
>  not be retained in excess of 5 years, unless--
> .... 
> (iii) the communication is enciphered or reasonably 
>  believed to have a secret meaning;

Based on Snowden releases, this is SOP. And in any case, it's clear that
the NSA ignores civil law, given that the US is at war. Always. Forever.

> This might be going out on a limb here, but "enciphered"
> and "reasonably believed to have a secret meaning" could easily
> be interpreted to apply to any and all encrypted Internet
> traffic, including Tor.

We know from Snowden releases that they retain as much intercepted
traffic as they can, for as long as they can. There's recursive triage,
based on context, occurrence of keywords in metadata and content,
flagging by analysts, and so on. Over time, less-interesting content
gets decrufted and chunked, and eventually deleted. But metadata is
retained indefinitely.

For encrypted (aka enciphered) intercepts, there's no readily
interpretable content. So triage must be based primarily on metadata and
context. And it's arguable that encrypted intercepts of particular
interest (from Tor and other anonymity networks, VPN services, extremist
websites, and so on) are retained indefinitely.

> I'd be curious as to what experts in this area think about this,
> and how to go about raising awareness if this is indeed as
> serious as it sounds to me.

Tor traffic among clients and relays is encrypted with perfect forward
secrecy, so retention is not a very serious threat. Each chunk of data
is encrypted with a different session key, and so is a separate puzzle.
Learning a particular Tor relay's private key does allow an adversary to
impersonate the relay. But it doesn't compromise prior traffic through
that relay.

> Full text of the bill can be found here:
> https://www.congress.gov/bill/113th-congress/house-bill/4681
> Thanks,
> Tim

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to