70's technology could thwart RIP bill

A solution to the RIP bill may lie in a 20 year old technology
Written by Will Knight, Contributor and  Jane Wakefield, Contributor

Revelations that the RIP bill can be by-passed using long-standing steganographic and cryptographic technologies could signal the death blow to the government's Internet snooping plans, according to Liberal Democrat MP Richard Allan.

Allan has warned the government that the RIP (Regulation of Investigatory Powers bill) will be unenforcable because of anti-snooping techniques that have been around since the 1970s. He is now preparing proof of this and intends to send it to Charles Clarke, the Home Office minister charged with overseeing RIP.

Allan points to two existing security techniques: Steganography and the Diffie-Hellman encrypted key exchange.

The Diffie-Hellman key exchange, developed in 1976 by Whitfield Diffie and Martin Hellman, allows the exchange of encrypted messages without the need for a secret key. This is done by combining public and private keys and is incorporated within commercial encryption products such as PGP (Pretty Good Privacy.)

This technique has made encryption widely available and easy to use. It makes it very difficult for anyone to covertly read an intercepted message.

Steganography means hiding information. One modern application of Steganography is the Steganographic File System, developed by academics Ross Anderson, Roger Needham and Adi Shamir. This stipulates how files can be concealed on a computer's file system so that -- without a password it is impossible to tell if they even exist. An implementation of the steganographic file system exists for the Linux operating system. Using the Steganographic File System someone could hide the existence of a key used to access encrypted information.

Allan believes his intervention will help strengthen industry's case against RIP. "We can demonstrate that heavy-handed legislation will drive people to snoop-free services because that is commercially more attractive," he says. "I don't think the government has thought through on a technical basis whether the legislation is viable."

One government official that seems less than sure about the government's snooping bill is e-envoy Alex Allan. In a speech to industry experts in Washington he incorrectly refers to RIP as the Regulation of Investigatory Practices bill.

What do you think? Tell the Mailroom. And read what others have said.

Take me to News Roundup: Mounting pressure on RIP Bill

Editorial standards