Home Security IT lobby group says govt making encryption policy 'on the run'

IT lobby group says govt making encryption policy 'on the run'

A lobby group for IT workers has slammed the Coalition government over its proposal to introduce laws to gain access to encrypted communications, saying such moves were completely unworkable.

IT Professionals Association president Robert Hudson said though the government was saying it did not want a backdoor into encrypted communication applications, such a method was the only way that it could achieve what it had stated it wanted to do.

In the wake of the terrorist incidents in London, both Prime Minister Malcolm Turnbull and Attorney-General George Brandis have proposed that curbs be imposed on encryption.

But Hudson said just making such statements could be interpreted as "political opportunism" because anyone who had an understanding of how encryption worked would know that such proposals could not be implemented.

"The government is suggesting that certain device and application vendors (Apple for iPhones, various Android phone manufacturers, Facebook for Facebook Messenger and WhatsApp, etc, maybe even SSL certificate vendors – nobody really knows yet, the government has not yet explained this) provide them with an ability to intercept and read encrypted messages in 'near real time'," Hudson said.

"With modern encryption processes, this is only possible if you have access to the key required to decrypt the message, as 'cracking' the encryption is largely not possible otherwise due to the mathematical complexity of the algorithms used."

Hudson said this meant that despite the government's protests that it did not want backdoors, "that's the only way to achieve what they want – and if they have backdoors into the encryption, then two things will happen:

"The backdoor will be leaked/exposed. This basically means that the encryption process can no longer be trusted.

"People will stop using encryption processes they cannot trust."

He said this would have little effect on the "bad guys" because those who were competent would switch to communications protocols they trusted or else manage the encryption keys themselves.

"By some reports, less than half of all communications between 'bad guys' is estimated to be encrypted today and these are likely already the competent ones. Such a knee-jerk reaction will, however, have a horrific impact on innocent use of encryption. Legitimate users will be forced to find other methods of encryption," Hudson said.

"If SSL certificate vendors are forced to bake 'backdoors' into their certificates, the impact on eCommerce alone (currently a $32 billion business in Australia in 2017) will be immense.

"This government appears to have not learnt anything from past technology initiatives that were implemented on the run. In typical fashion, there appears to have been no serious consultation with experts and disregard for (or no understanding of) the complexities involved."

LEARN HOW TO BE A SUCCESSFUL MVNO

Did you know: 1 in 10 mobile services in Australia use an MVNO, as more consumers are turning away from the big 3 providers?

The Australian mobile landscape is changing, and you can take advantage of it.

Any business can grow its brand (and revenue) by adding mobile services to their product range.

From telcos to supermarkets, see who’s found success and learn how they did it in the free report ‘Rise of the MVNOs’.

This free report shows you how to become a successful MVNO:

· Track recent MVNO market trends
· See who’s found success with mobile
· Find out the secret to how they did it
· Learn how to launch your own MVNO service

DOWNLOAD NOW!

Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.