Wednesday, January 13, 2016

Ontario court case suggests that PGP and Blackberry security have been cracked

A recent case from the Ontario courts suggests -- quite strongly -- that PGP (Pretty Good Privacy) and Blackberry security have been cracked by the Royal Canadian Mounted Police.

We rarely get much insight about police techniques from reported cases, but this seems to be a doozy in R v Tsekouras, 2015 ONSC 1470:

[10] The police were presented with a Blackberry cell-phone ….44505 that had been seized from the accused. Their objective was to read the information embedded in that cellphone. The BlackBerry has a reputation for being a very secure means of communication. There were three levels of security. Entry was protected by a password, the device was protected by encryption generally and e-mails processed by this particular device were protected by PGP, a form of e-mail encryption provided as an “add-on” by a third party after-market supplier. This encryption was previously thought to be undefeatable. The RCMP technological laboratory destroyed this illusion and extracted from this phone 406 e-mails, 25 address book entries and other information all of which had been protected. These materials are collected in Exhibit 8.

Of course, it could have been defeated by really bad OpSec, but who knows?


Matt Lonsdale said...

My money is on either bad opsec or the judge simplifying the details of the case to the point of mischaracterizing what actually happened (the judge's comments in the following paragraphs suggest to me that this judge isn't well versed in cryptography).

Or maybe I just don't want to accept that PGP might not be as secure as I thought.

Either way it would be nice to have more details. As far as I rememember, PGP lets you select between a few different encyrption algorithms and key lengths, so even if some PGP configurations are suspect, others might still be secure.

John G said...

Compare R v Avanis 2015 ONCJ 606 (CanLII) in which evidence from the accuseds' BlackBerries was admitted. There is discussion of a "parsing and chipping" process for figuring out the texts. The court complained that the Crown had not brought expert evidence to show that the resulting evidence was authentic, but decided that it has been sufficiently authenticated to admit in any event.

My comment on the case - focusing not on decryption but on authentication and best evidence - is on the blog: "Smartphone Evidence".