UK spookhaus GCHQ can crack end-to-end encryption, claims Australian A-G

Antipodean not-backdoors plan will mirror UK Investigatory Powers Act, ensure law of land trumps laws of mathematics

British signals intelligence agency Government Communications Headquarters (GCHQ) can crack end-to-end encrypted messages sent using WhatsApp and Signal, according to Australian attorney-general George Brandis.

Brandis made the claim speaking to the Australian Broadcasting Corporation's AM program, on the occasion of Australia announcing it would adopt laws mirroring the UK's Investigatory Powers Act. Brandis said the proposed law will place “an obligation on device manufacturers and service providers to provide appropriate assistance to intelligence and law enforcement on a warranted basis where it is necessary to interdict or in the case of a crime that may have been committed.”

Asked how Australia's proposed regime would allow local authorities to read messages sent with either WhatsApp or Signal, Brandis said “Last Wednesday I met with the chief cryptographer at GCHQ ... And he assured me that this was feasible.”

Brandis is infamous for being unable to articulate an accurate or comprehensible definition of “metadata” when asked to do so during a live television interview, so his understanding of cryptographic concerns cannot be trusted without qualification, which The Register is seeking.

But there's no doubt about the intent of Australia's proposed laws, as Brandis later said in a joint appearance with prime minister Malcolm Turnbull that Australia's law enforcement agencies want access to encrypted traffic for three reasons.

The first is that Brandis says Australia already has mechanisms to allow law enforcement authorities to intercept electronic communications. Extending that power to encrypted traffic just brings that power up to date, he argues.

The second is that the Australian Federal Police says it has seen “rapid growth in the amount of encrypted traffic from around three per cent a couple of years ago to now over 55, 60 per cent of all traffic.”

Lastly, Turnbull said that encrypted messaging services are used by ordinary citizens, they are also used “ … by people who seek to do us harm. They're being used by terrorists, they're being used by drug traffickers, they're being used by paedophile rings.”

Bad people using encryption means the law needs to be modernised, with a definitely-not-a-backdoor that sees device makers and service providers co-operate with Australia in as-yet-unspecified ways to provide access to end-to-end encrypted messages when warrants are produced.

Pushed on how encrypted messages could be read when service providers don't hold the keys necessary decryption, and Turnbull had this to say:

Well, the laws of Australia prevail in Australia, I can assure you of that. The laws of mathematics are very commendable but the only laws that applies in Australia is the law of Australia.

Your Sydney-based correspondent looks forward to an attempt at repealing gravity so we can see if the laws of Australia override the laws of physics, too.

But we digress.

Brandis and Turnbull said the law will reach Parliament “in the Spring sessions” which commence on August 8th. Just what it will compel device-makers and service providers to do has not been revealed, nor has how Australia will access messages sent using services based offshore. Turnbull said “I'm not suggesting this is not without some difficulty” but hinted that in discussions at last week's G20 Leaders' Summit the participants agreed that member nations should be able to rely on colleagues to sort things out with companies resident in their respective jurisdictions. ®

Send us news

Australia asks FBI to help find attacker who stole data from millions of users

Apparent perp claims to have deleted swiped info as carrier Optus struggles to get its story straight

Matrix chat encryption sunk by five now-patched holes

You take the green pill, you'll spend six hours in a 'don't roll your own crypto' debate

Meta, Twitter, Apple, Google urged to up encryption game in post-Roe America

Tech giants 'throwing their users to the wolves'

Delivery drone crashes into power lines, causes outage

Google-owned Wing said it was a 'precautionary controlled landing' – right into 11,000 volts

FBI: We tracked who was printing secret documents to unmask ex-NSA suspect

Infosec systems designer alleged to have chatted with undercover agent

Ever suspected bankers could just use WhatsApp comms? $1.8b says you're right

Thought shadow IT at your office was bad? Try enforcing workplace device policies on hedge fund traders

Significant customer data exposed in attack on Australian telco

Subscribers have questions – like 'When were you going to tell us?'

Patch your Mitel VoIP systems, Lorenz ransomware gang is back on the prowl

Criminals do love that unpatched VoIP and IoT kit

NATO investigates after criminals claim to be selling its stolen missile plans

Also, Microsoft’s one-click TikTok trick, a 14-year old Aussie cracks ASD encryption in an hour, and more

Australian quantum startup enlists GlobalFoundries to develop mass qubit production

Company claims tech can detect quantum information at room temperature

China orders tech companies to 'improve traceability' of users to control 'rumours and false information'

PLUS: Australia mints a physical crypto-coin; Alibaba Cloud claims world's biggest DC; India’s space airbags; and more

Indian court directs chat app Telegram to disclose details of copyright infringers

Judge says that servers being located in Singapore is not a get-out clause