UK spookhaus GCHQ can crack end-to-end encryption, claims Australian A-G

Antipodean not-backdoors plan will mirror UK Investigatory Powers Act, ensure law of land trumps laws of mathematics

British signals intelligence agency Government Communications Headquarters (GCHQ) can crack end-to-end encrypted messages sent using WhatsApp and Signal, according to Australian attorney-general George Brandis.

Brandis made the claim speaking to the Australian Broadcasting Corporation's AM program, on the occasion of Australia announcing it would adopt laws mirroring the UK's Investigatory Powers Act. Brandis said the proposed law will place “an obligation on device manufacturers and service providers to provide appropriate assistance to intelligence and law enforcement on a warranted basis where it is necessary to interdict or in the case of a crime that may have been committed.”

Asked how Australia's proposed regime would allow local authorities to read messages sent with either WhatsApp or Signal, Brandis said “Last Wednesday I met with the chief cryptographer at GCHQ ... And he assured me that this was feasible.”

Brandis is infamous for being unable to articulate an accurate or comprehensible definition of “metadata” when asked to do so during a live television interview, so his understanding of cryptographic concerns cannot be trusted without qualification, which The Register is seeking.

But there's no doubt about the intent of Australia's proposed laws, as Brandis later said in a joint appearance with prime minister Malcolm Turnbull that Australia's law enforcement agencies want access to encrypted traffic for three reasons.

The first is that Brandis says Australia already has mechanisms to allow law enforcement authorities to intercept electronic communications. Extending that power to encrypted traffic just brings that power up to date, he argues.

The second is that the Australian Federal Police says it has seen “rapid growth in the amount of encrypted traffic from around three per cent a couple of years ago to now over 55, 60 per cent of all traffic.”

Lastly, Turnbull said that encrypted messaging services are used by ordinary citizens, they are also used “ … by people who seek to do us harm. They're being used by terrorists, they're being used by drug traffickers, they're being used by paedophile rings.”

Bad people using encryption means the law needs to be modernised, with a definitely-not-a-backdoor that sees device makers and service providers co-operate with Australia in as-yet-unspecified ways to provide access to end-to-end encrypted messages when warrants are produced.

Pushed on how encrypted messages could be read when service providers don't hold the keys necessary decryption, and Turnbull had this to say:

Well, the laws of Australia prevail in Australia, I can assure you of that. The laws of mathematics are very commendable but the only laws that applies in Australia is the law of Australia.

Your Sydney-based correspondent looks forward to an attempt at repealing gravity so we can see if the laws of Australia override the laws of physics, too.

But we digress.

Brandis and Turnbull said the law will reach Parliament “in the Spring sessions” which commence on August 8th. Just what it will compel device-makers and service providers to do has not been revealed, nor has how Australia will access messages sent using services based offshore. Turnbull said “I'm not suggesting this is not without some difficulty” but hinted that in discussions at last week's G20 Leaders' Summit the participants agreed that member nations should be able to rely on colleagues to sort things out with companies resident in their respective jurisdictions. ®

Send us news

British intelligence recycles old argument for thwarting strong encryption: Think of the children!

Levy and Robinson are at it again

WhatsApp boss says no to AI filters policing encrypted chat

'What's being proposed is that we ... read everyone's messages. I don't think people want that'

Aussies crowdsource a business case for central bank digital currencies

Ring-fenced tests planned, despite previous regulatory skepticism about the need for fiat digi-dollars

Post-quantum crypto cracked in an hour with one core of an ancient Xeon

NIST's nifty new algorithm looks like it's in trouble

India proposes increased power to vet tech mergers

Chinese phone makers' tax deals probed; PayPal back in Indonesia; Boeing seeks sustainability in Japan; and more

Spyware developer charged by Australian Police after 14,500 sales

PLUS: India open to space tourism; China/Indonesia infosec pact; Paytm denies breach; Infosys dodges government again; and more

Funds sought for first submarine cable to Antarctica

Will also be first cable to go from South America to Australia

IBM puts NIST’s quantum-resistant crypto to work in Z16 mainframe

Big Blue says it helped developed the algos, so knows what it's doing

Financial exchange's efforts to replace core systems with blockchain founder – again

Accenture roped in to find the weakest link

Tories spar over UK's delayed Online Safety Bill

Perfect political pantomime

Australia bins $41m app contracted to Accenture

Plus: Chinese chips supported in key management spec; Singapore/UK digital services pact; Fujitsu's vision for oldies; and more

Tech world may face huge fines if it doesn't scrub CSAM from encrypted chats

'It is possible to implement end-to-end crypto in a way that preserves privacy,' claims UK Home Sec