Crypto could force government hacking

To get access to encrypted messages, GCHQ may have to resort to illegal hack tactics, says an expert

The increased use of cryptography could be leading the government into a legal trap where it comes to electronic surveillance, according to a British cryptography expert.

Brian Gladman, an independent cryptography researcher, suggests that the increased use of secure encryption for email communication will mean that the only way for GCHQ, the government's information-gathering headquarters, to intercept communications may be to covertly infiltrate an individual's computer using a Trojan program. That may contravene the 1990 Computer Misuse Act, Gladman argues.

Although the 1994 Intelligence Services Act gives GCHQ certain privileges to intercept communications without a warrant, Gladman says it is unclear whether this relates to the Computer Misuse Act.

"The issue is whether the Intelligence Services Act overrules the Computer Misuse Act. The Intelligence Services Act says that GCHQ is allowed to infiltrate 'things', it doesn't say exactly what. [The] context is also interesting because encryption is going to become much more widely deployed."

Gladman says that after posting a message to the highly respected cryptography mailing list "ukcrypto" speculating on this issue, GCHQ took down references to its statutory powers to intercept communications from its Web site .

GCHQ maintains it is not breaking the law but is far from clear as to where exactly it stands. A spokesman says, "It's a very tricky question. I'm not aware of any conflict between the Acts. All I can say is that GCHQ operates according to the law and all operations are carried out with the appropriate warrants."

Take me to the Hackers news special