14 DAY TRIAL // The Indian government is considering forcing all telecommunications providers, which offer encrypted solutions in the country, to hand over cryptographic keys higher than 40 bits, for lawful interception purposes.
According to the Economic Times of India, this possibility was discussed during a meeting held a few days ago between high-ranking officials from the Home Ministry, the Intelligence Bureau and the government's telecom department.
The proposal is seen as a solution to the problem of national security agencies not being able to intercept some secure communications when trying to investigate terrorist activities and other threats.
Apparently some older telecom license agreements already stipulate that providers need to share encryption keys longer than 40 bits with the government. However, this clause has never been strictly enforced.
“DoT [Department of Telecommunications] has not been enforcing this contractual clause and the BlackBerry security problem is the most visible case of such lax enforcement of contractual requirements, which clearly stipulate that in case the encryption level is more than 40-bits, the service provider is bound to deposit the encryption key in an escrow account,” was noted during the meeting.
The country's Internet service providers are not covered by this proposal, because they were already forced back in 2008 to lower their encryption standards below the 40-bit mark.
The Indian government's issue with the BlackBerry email and messaging communications, which use 256-bit encryption or higher, is an on-going one.
Research In Motion (RIM) is currently trying to prevent a ban of some BlackBerry enterprise services in the country after August 31 by negotiating a solution that would allow security agencies to tap encrypted communications in case of emergency.
“RIM has agreed to the Indian demands and will come with some technical solution for messenger and enterprise mail next week. We will take a call on going ahead with a ban on these services after a technical evaluation of RIM’s solutions,” an government source, who prefered to remain anonymous, told the Indian newspaper.