Delivery-Date: Sun, 14 Dec 2014 21:57:46 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,UNPARSEABLE_RELAY,
	URIBL_BLOCKED autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 2E56E1E0667;
	Sun, 14 Dec 2014 21:57:45 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 9A266319CC;
	Mon, 15 Dec 2014 02:57:40 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 8A53730A4B
 for <tor-talk@lists.torproject.org>; Mon, 15 Dec 2014 02:57:37 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id SLN-0L8lh1RY for <tor-talk@lists.torproject.org>;
 Mon, 15 Dec 2014 02:57:37 +0000 (UTC)
Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 663FA227C0
 for <tor-talk@lists.torproject.org>; Mon, 15 Dec 2014 02:57:37 +0000 (UTC)
Received: from plantcutter.riseup.net (plantcutter-pn.riseup.net [10.0.1.121])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK))
 by mx1.riseup.net (Postfix) with ESMTPS id C7D10411DF
 for <tor-talk@lists.torproject.org>; Mon, 15 Dec 2014 02:57:34 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak;
 t=1418612254; bh=QEd7zTWt5Oxe5ITtxa4VEO04sVTczct1lw3fWc86R4o=;
 h=Date:From:To:Subject:References:In-Reply-To:From;
 b=d/wLS+h5CI+L0hKwrbXO4HrwURwKQQFJM5qV5PKL+khzctCHxcGw4XK9VNVnmLBpT
 bsgPhN9GV+EN+F3jxu6Ax4N/+pyT2zsdXo1QdT56+PFRwlF75nUG9PEa0eXSZl7lhP
 WHyV8836N0Hw/jqLJYb9Q+dWfaLzuuZf8EVflLlg=
Received: from [127.0.0.1] (localhost [127.0.0.1])
 (Authenticated sender: mirimir) with ESMTPSA id 064D120215
Message-ID: <548E4E18.9000905@riseup.net>
Date: Sun, 14 Dec 2014 19:57:28 -0700
From: Mirimir <mirimir@riseup.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:31.0) Gecko/20100101 Thunderbird/31.3.0
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <COL131-W890F2621434CED49DF8306AB6E0@phx.gbl>
In-Reply-To: <COL131-W890F2621434CED49DF8306AB6E0@phx.gbl>
X-Virus-Scanned: clamav-milter 0.98.4 at mx1
X-Virus-Status: Clean
Subject: Re: [tor-talk] HR4681 Sec 309 communication privacy legislation
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On 12/14/2014 10:39 AM, Tim Mitchell wrote:
> Morning all,
> 
> 
> If no one has yet seen Section 309 of US HR4681, it contains
> some very dubious language that sounds like it is legalizing
> indefinite government retention of encrypted communications.
> The text is as follows (Section 309.b.3.B.iii):
> 
> (B) Limitation on retention.--A covered communication shall 
>  not be retained in excess of 5 years, unless--
> .... 
> (iii) the communication is enciphered or reasonably 
>  believed to have a secret meaning;

Based on Snowden releases, this is SOP. And in any case, it's clear that
the NSA ignores civil law, given that the US is at war. Always. Forever.

> This might be going out on a limb here, but "enciphered"
> and "reasonably believed to have a secret meaning" could easily
> be interpreted to apply to any and all encrypted Internet
> traffic, including Tor.

We know from Snowden releases that they retain as much intercepted
traffic as they can, for as long as they can. There's recursive triage,
based on context, occurrence of keywords in metadata and content,
flagging by analysts, and so on. Over time, less-interesting content
gets decrufted and chunked, and eventually deleted. But metadata is
retained indefinitely.

For encrypted (aka enciphered) intercepts, there's no readily
interpretable content. So triage must be based primarily on metadata and
context. And it's arguable that encrypted intercepts of particular
interest (from Tor and other anonymity networks, VPN services, extremist
websites, and so on) are retained indefinitely.

> I'd be curious as to what experts in this area think about this,
> and how to go about raising awareness if this is indeed as
> serious as it sounds to me.

Tor traffic among clients and relays is encrypted with perfect forward
secrecy, so retention is not a very serious threat. Each chunk of data
is encrypted with a different session key, and so is a separate puzzle.
Learning a particular Tor relay's private key does allow an adversary to
impersonate the relay. But it doesn't compromise prior traffic through
that relay.

> Full text of the bill can be found here:
> https://www.congress.gov/bill/113th-congress/house-bill/4681
> 
> 
> 
> Thanks,
> Tim


-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

