ЕНКРИПЦИЈА КАО ПРЕПРЕКА ОТКРИВАЊУ И ДОКАЗИВАЊУ КРИВИЧНИХ ДЕЛА
Ključne reči:
откривање и доказивање кривичних дела, електронски докази, енкрипција.
Sažetak
Енкрипција је постала саставни део савременог живота. Она је од несумњивог значаја за остваривање неких од основних људских права у свеприсутном техничком окружењу, за свакодневно коришћење бројних онлајн услуга, као и за функционисање Интернета уопште. С друге стране, органи надлежни за откривање и доказивање кривичних дела се све чешће сусрећу са препрекама када приступе енкриптованим садржајима. Енкрипција представља својеврстан изазов у спровођењу како општих, тако и посебних доказних радњи. Овај рад је посвећен сагледавању техничких страна овог изазова. Аутор приказује основне принципе на којима се заснива процес енкрипције, објашњењава разлику између симетричне и асиметричне енкрипције, енкрипције ускладиштених података и енкрипције података у транзиту, те серверске и корисничке енкрипције, указујући на који начин енкрипција отежава, односно онемогућава рад органа надлжених за откривање и доказивање кривичних дела.
Reference
Abelson, Harold, et. al., “Keys Under Doormats: Mandating Insecurity by Requiring Government Access to All Data and Communications”, 2015, https://183 www.schneier.com/academic/paperfiles/paper-keys-under-doormats-CSAIL.pdf;
AO 442 (Rev. 11/11) Arrest Warrant, Case 2:18mj-00095-BAT, https://regmedia.co.uk/2018/03/13/vincent-ramos-arrest.pdf;
Arora, Mohit, „How Secure Is AES Against Brute Force Attacks?“, 5.7.2012, ЕЕ Times, http://www.eetimes.com/document.asp;
Australian Government, Department of Justice, Telecommunications (Interception and Access) Act 1979 Annual Report 2018–19, https://parlinfo.aph.gov.au/parlInfo/download/publications/tabledpapers/c424e8ec-ce9a-4dc1-a53e-4047e8dc4797/upload_pdf/TIA%20Act%20Annual%20Report%202018-19%20%7BTabled%7D.pdf;fileType=application%2Fpdf#search=%22publications/tabledpapers/c424e8ec-ce9a-4dc1-a53e-4047e8dc4797%22;
Bobic, Igor, Ryan Reilly, “FBI Director James Comey 'Very Concerned' About New Apple, Google Privacy Features,” Huffington Post, 25.9.2014, http://www.huffingtonpost.com/2014/09/25/james-comey-appleencryption_n_5882874.html;
Chang, Linus, „Client-side vs. Server-side encryption – who holds the key?“, EE News, 14.5.2018, https://www.eenewseurope.com/design-center/client-side-vs-server-side-encryption-who-holds-key;
Confessore, Nicholas „Cambridge Analytica and Facebook: The Scandal and the Fallout So Far“, New York Times, 4.4.2018, https://www.nytimes.com/2018/04/04/us/politics/cambridge-analytica-scandal-fallout.html
Doffman, Zak, „New Warning Issued For All WhatsApp And iMessage Users: ‘Major Threat’ To Encryption“, Forbes, 14.3.2020, https://www.forbes.com/sites/zakdoffman/2020/03/14/new-warning-issued-for-all-whatsapp-and-imessage-users-major-threat-to-encryption/#4d4518153f59;
Dropbox Security, https://www.dropbox.com/security;
Dwiti, Pandya et al., „Brief History of Encryption“, International Journal of Computer Applications 9/2015, 28-31;
Encryption: Symmetric and Asymmetric, https://cryptobook.nakov.com/encryption-symmetric-and-asymmetric;
Evans, Јаq, What is Perfect Forward Secrecy?, https://www.extrahop.com/company/blog/2017/what-is-perfect-forward-secrecy/;
Gargiulo, Michael, “VPN Encryption: What is it? How does it work?”, VPN, 13.12.2019, https://www.vpn.com/privacy/how-does-vpn-encryption-work;
Gill, Lex, Tamir Israel, Christopher Parsons, Citizen Lab and the Samuelson-Glushko Canadian Internet Policy and Public Interest Clinic: Shining a Light on the Encryption Debate: a Canadian Field Guide, Toronto 2018;
Google Cloud Help – Security, https://cloud.google.com/security;
Google Privacy Policy, https://policies.google.com/privacy;
Hancock, Bill, „Appeals-court panel says export ban on encryption software is unlawful“, Computers & Security 4/1999, 278-279;
Hargreaves, Christopher James , Howard Chivers, „Recovery of encryption keys from memory using a linear Scan“, Proceedings of the 2008 Third International Conference on Availability, Reliability and Security. IEEE Computer Society, 1369 – 1376;
Hoboken, Joris van, Human rights and encryption, Paris 2016;
How does TOR browser work?, https://www.quora.com/How-does-TOR-browser-work;
iCloud security overview, https://support.apple.com/en-us/HT202303#:~:text=Data%20security,end%2Dto%2Dend%20encryption;
Hymas, Charles, „Facebook is threatening to hinder police by increasing encryption, warns Priti Patel“, Telegraph, 30.7.2019, https://www.telegraph.co.uk/politics/2019/07/30/facebook-threatening-hinder-police-increasing-encryption-warns/;
Internet Engineering Task Force, PKCS #5: Password-Based Key Derivation Function 2 (PBKDF2) Test Vectors, 2011, https://11 tools.ietf.org/html/rfc6070;
Levy, Steven, „Battle of the Clipper Chip“, New York Times, 12.6.1994, https://www.nytimes.com/1994/06/12/magazine/battle-of-the-clipper-chip.html?pagewanted=all;
Leyden, John, „Russian doll steganography allow users to mask covert drives“, The Daily Swig, 10.12. 2018, https://portswigger.net/daily-swig/russian-doll-steganography-allows-users-to-mask-covert-drives;
Li, Shujun, New information hiding technology to be commercialised by Crossword Cybersecurity, 5.03.2016, https://blogs.surrey.ac.uk/sccs/2016/03/05/new-information-hiding-technology-to-be-commercialised-by-crossword-cybersecurity/;
McMillan, Robert, „Facebook’s WhatsApp Launches ‘End-to-End’ Encryption“, WSJ, 5.4.2016, https://www.wsj.com/articles/facebooks-whatsapp-turns-on-encryption-by-default-1459869097;
Menn, Joseph, „Exclusive: Apple dropped plan for encrypting backups after FBI complained – sources“, Reuters, 21.1.2020, https://www.reuters.com/article/us-apple-fbi-icloud-exclusive/exclusive-apple-dropped-plan-for-encrypting-backups-after-fbi-complained-sources-idUSKBN1ZK1CT;
Microsoft, Description of Symmetric and Asymmetric Encryption, https://support.microsoft.com/en-us/help/246071/description-of-symmetric-andasymmetric-encryption;
Miller, Joe, “Google and Apple to introduce default encryption“, BBC, 19.9.2014, https://www.bbc.com/news/technology-29276955;
National Institute of Standards and Technology, Recommendation for Password-Based Key Derivation, 2010, http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-132.pdf;
OECD Council Recommendation Concerning Guidelines for Cryptography Policy, C(97)62/FINAL, 27.3.1997, https://www.oecd.org/sti/ieconomy/guidelinesforcryptographypolicy.htm;
Писарић, Милана, Електронски докази у кривичном поступку, Нови Сад 2019;
ProtonMail, What is encrypted?, https://protonmail.com/support/knowledge-base/what-is-encrypted/;
Quinlan, Sayako Andi Wilson Thompson, A Brief History of Law Enforcement Hacking in the United States, 2016, https://www.newamerica.org/cybersecurity-initiative/policy-papers/brief-history-law-enforcement-hacking-united-states/;
Report of the Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression, 2015, http://daccess-dds-ny.un.org/doc/UNDOC/GEN/G15/095/85/PDF/G1509585.pdf?OpenElement15;
Saunders, Kurt, „The Regulation of the Internet Encryption Technologies: Separating the Wheat from the Chaf“, John Marshall Journal of Information Technology and Privacy Law 3/1999, 945- 960;
Schneier, Bruce, History of the First Crypto War, 2015, https://www.schneier.com/blog/archives/2015/06/history_of_the_.html;
Schneier, Bruce, Applied Cryptography, Second Edition: Protocols, Algorithms, and Source Code in C (cloth), Indianapolis 2015;
Schwartzbeck, Michael, The Evolution of US Government Restrictions on Using and Exporting Encryption Technologies, 2014, https://www.cia.gov/library/readingroom/docs/DOC_0006231614.pdf;
Signal Terms & Privacy Policy, https://signal.org/legal;
Sloan, Robert, Richard Warner, „The Self, the Stasi, the NSA: Privacy, Knowledge, and Complicity in the Surveillance State“, Minnesota Journal of Law, Science & Technology 1/2016, 347-408;
Special Rapporteur of United Nations on the promotion and protection of the right to freedom of opinion and expression, Research paper on Encryption and Anonymity, 2018, https://www.ohchr.org/Documents/Issues/Opinion/EncryptionAnonymityFollowUpReport.pdf;
Swire, Peter, Kenesa Ahmad, “Encryption and Globalization”, Columbia Science and Technology Law Review 1/2012, 416-481;
Swire, Peter, Going Dark: Encryption, Technology, and the Balance Between Public Safety and Privacy, 2015, https://www.hsdl.org/?view&did=794328;
Telegram Privacy Policy, https://telegram.org/privacy;
Van De Zande, Paul, The Day DES Died, https://www.sans.org/reading-room/whitepapers/vpns/daydes-died-722;
Vaas, Lisa, „Five Eyes nations demand access to encrypted messaging“, Naked security, 1.8.2019, https://nakedsecurity.sophos.com/2019/08/01/five-eyes-nations-demand-access-to-encrypted-messaging/;
Vance, Cyrus, “Apple and Google Threaten Public Safety with Default Smartphone Encryption,” The Washington Post, 26.9.2014, https://www.washingtonpost.com/opinions/apple-and-googlethreaten-public-safety-with-default-smartphone-encryption/2014/09/25/43af9bf0-44ab-11e4-b4371a7368204804_story.html;
Villanueva, John Carl, Symmetric vs Asymmetric Encryption, Jscape, 15.3.2015, https://www.jscape.com/blog/bid/84422/Symmetric-vs-Asymmetric-Encryption;
What is off-the-record messaging (OTR)?, https://www.expressvpn.com/internet-privacy/guides/otr/.
AO 442 (Rev. 11/11) Arrest Warrant, Case 2:18mj-00095-BAT, https://regmedia.co.uk/2018/03/13/vincent-ramos-arrest.pdf;
Arora, Mohit, „How Secure Is AES Against Brute Force Attacks?“, 5.7.2012, ЕЕ Times, http://www.eetimes.com/document.asp;
Australian Government, Department of Justice, Telecommunications (Interception and Access) Act 1979 Annual Report 2018–19, https://parlinfo.aph.gov.au/parlInfo/download/publications/tabledpapers/c424e8ec-ce9a-4dc1-a53e-4047e8dc4797/upload_pdf/TIA%20Act%20Annual%20Report%202018-19%20%7BTabled%7D.pdf;fileType=application%2Fpdf#search=%22publications/tabledpapers/c424e8ec-ce9a-4dc1-a53e-4047e8dc4797%22;
Bobic, Igor, Ryan Reilly, “FBI Director James Comey 'Very Concerned' About New Apple, Google Privacy Features,” Huffington Post, 25.9.2014, http://www.huffingtonpost.com/2014/09/25/james-comey-appleencryption_n_5882874.html;
Chang, Linus, „Client-side vs. Server-side encryption – who holds the key?“, EE News, 14.5.2018, https://www.eenewseurope.com/design-center/client-side-vs-server-side-encryption-who-holds-key;
Confessore, Nicholas „Cambridge Analytica and Facebook: The Scandal and the Fallout So Far“, New York Times, 4.4.2018, https://www.nytimes.com/2018/04/04/us/politics/cambridge-analytica-scandal-fallout.html
Doffman, Zak, „New Warning Issued For All WhatsApp And iMessage Users: ‘Major Threat’ To Encryption“, Forbes, 14.3.2020, https://www.forbes.com/sites/zakdoffman/2020/03/14/new-warning-issued-for-all-whatsapp-and-imessage-users-major-threat-to-encryption/#4d4518153f59;
Dropbox Security, https://www.dropbox.com/security;
Dwiti, Pandya et al., „Brief History of Encryption“, International Journal of Computer Applications 9/2015, 28-31;
Encryption: Symmetric and Asymmetric, https://cryptobook.nakov.com/encryption-symmetric-and-asymmetric;
Evans, Јаq, What is Perfect Forward Secrecy?, https://www.extrahop.com/company/blog/2017/what-is-perfect-forward-secrecy/;
Gargiulo, Michael, “VPN Encryption: What is it? How does it work?”, VPN, 13.12.2019, https://www.vpn.com/privacy/how-does-vpn-encryption-work;
Gill, Lex, Tamir Israel, Christopher Parsons, Citizen Lab and the Samuelson-Glushko Canadian Internet Policy and Public Interest Clinic: Shining a Light on the Encryption Debate: a Canadian Field Guide, Toronto 2018;
Google Cloud Help – Security, https://cloud.google.com/security;
Google Privacy Policy, https://policies.google.com/privacy;
Hancock, Bill, „Appeals-court panel says export ban on encryption software is unlawful“, Computers & Security 4/1999, 278-279;
Hargreaves, Christopher James , Howard Chivers, „Recovery of encryption keys from memory using a linear Scan“, Proceedings of the 2008 Third International Conference on Availability, Reliability and Security. IEEE Computer Society, 1369 – 1376;
Hoboken, Joris van, Human rights and encryption, Paris 2016;
How does TOR browser work?, https://www.quora.com/How-does-TOR-browser-work;
iCloud security overview, https://support.apple.com/en-us/HT202303#:~:text=Data%20security,end%2Dto%2Dend%20encryption;
Hymas, Charles, „Facebook is threatening to hinder police by increasing encryption, warns Priti Patel“, Telegraph, 30.7.2019, https://www.telegraph.co.uk/politics/2019/07/30/facebook-threatening-hinder-police-increasing-encryption-warns/;
Internet Engineering Task Force, PKCS #5: Password-Based Key Derivation Function 2 (PBKDF2) Test Vectors, 2011, https://11 tools.ietf.org/html/rfc6070;
Levy, Steven, „Battle of the Clipper Chip“, New York Times, 12.6.1994, https://www.nytimes.com/1994/06/12/magazine/battle-of-the-clipper-chip.html?pagewanted=all;
Leyden, John, „Russian doll steganography allow users to mask covert drives“, The Daily Swig, 10.12. 2018, https://portswigger.net/daily-swig/russian-doll-steganography-allows-users-to-mask-covert-drives;
Li, Shujun, New information hiding technology to be commercialised by Crossword Cybersecurity, 5.03.2016, https://blogs.surrey.ac.uk/sccs/2016/03/05/new-information-hiding-technology-to-be-commercialised-by-crossword-cybersecurity/;
McMillan, Robert, „Facebook’s WhatsApp Launches ‘End-to-End’ Encryption“, WSJ, 5.4.2016, https://www.wsj.com/articles/facebooks-whatsapp-turns-on-encryption-by-default-1459869097;
Menn, Joseph, „Exclusive: Apple dropped plan for encrypting backups after FBI complained – sources“, Reuters, 21.1.2020, https://www.reuters.com/article/us-apple-fbi-icloud-exclusive/exclusive-apple-dropped-plan-for-encrypting-backups-after-fbi-complained-sources-idUSKBN1ZK1CT;
Microsoft, Description of Symmetric and Asymmetric Encryption, https://support.microsoft.com/en-us/help/246071/description-of-symmetric-andasymmetric-encryption;
Miller, Joe, “Google and Apple to introduce default encryption“, BBC, 19.9.2014, https://www.bbc.com/news/technology-29276955;
National Institute of Standards and Technology, Recommendation for Password-Based Key Derivation, 2010, http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-132.pdf;
OECD Council Recommendation Concerning Guidelines for Cryptography Policy, C(97)62/FINAL, 27.3.1997, https://www.oecd.org/sti/ieconomy/guidelinesforcryptographypolicy.htm;
Писарић, Милана, Електронски докази у кривичном поступку, Нови Сад 2019;
ProtonMail, What is encrypted?, https://protonmail.com/support/knowledge-base/what-is-encrypted/;
Quinlan, Sayako Andi Wilson Thompson, A Brief History of Law Enforcement Hacking in the United States, 2016, https://www.newamerica.org/cybersecurity-initiative/policy-papers/brief-history-law-enforcement-hacking-united-states/;
Report of the Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression, 2015, http://daccess-dds-ny.un.org/doc/UNDOC/GEN/G15/095/85/PDF/G1509585.pdf?OpenElement15;
Saunders, Kurt, „The Regulation of the Internet Encryption Technologies: Separating the Wheat from the Chaf“, John Marshall Journal of Information Technology and Privacy Law 3/1999, 945- 960;
Schneier, Bruce, History of the First Crypto War, 2015, https://www.schneier.com/blog/archives/2015/06/history_of_the_.html;
Schneier, Bruce, Applied Cryptography, Second Edition: Protocols, Algorithms, and Source Code in C (cloth), Indianapolis 2015;
Schwartzbeck, Michael, The Evolution of US Government Restrictions on Using and Exporting Encryption Technologies, 2014, https://www.cia.gov/library/readingroom/docs/DOC_0006231614.pdf;
Signal Terms & Privacy Policy, https://signal.org/legal;
Sloan, Robert, Richard Warner, „The Self, the Stasi, the NSA: Privacy, Knowledge, and Complicity in the Surveillance State“, Minnesota Journal of Law, Science & Technology 1/2016, 347-408;
Special Rapporteur of United Nations on the promotion and protection of the right to freedom of opinion and expression, Research paper on Encryption and Anonymity, 2018, https://www.ohchr.org/Documents/Issues/Opinion/EncryptionAnonymityFollowUpReport.pdf;
Swire, Peter, Kenesa Ahmad, “Encryption and Globalization”, Columbia Science and Technology Law Review 1/2012, 416-481;
Swire, Peter, Going Dark: Encryption, Technology, and the Balance Between Public Safety and Privacy, 2015, https://www.hsdl.org/?view&did=794328;
Telegram Privacy Policy, https://telegram.org/privacy;
Van De Zande, Paul, The Day DES Died, https://www.sans.org/reading-room/whitepapers/vpns/daydes-died-722;
Vaas, Lisa, „Five Eyes nations demand access to encrypted messaging“, Naked security, 1.8.2019, https://nakedsecurity.sophos.com/2019/08/01/five-eyes-nations-demand-access-to-encrypted-messaging/;
Vance, Cyrus, “Apple and Google Threaten Public Safety with Default Smartphone Encryption,” The Washington Post, 26.9.2014, https://www.washingtonpost.com/opinions/apple-and-googlethreaten-public-safety-with-default-smartphone-encryption/2014/09/25/43af9bf0-44ab-11e4-b4371a7368204804_story.html;
Villanueva, John Carl, Symmetric vs Asymmetric Encryption, Jscape, 15.3.2015, https://www.jscape.com/blog/bid/84422/Symmetric-vs-Asymmetric-Encryption;
What is off-the-record messaging (OTR)?, https://www.expressvpn.com/internet-privacy/guides/otr/.
Objavljeno
2021/02/25
Rubrika
Originalni naučni rad