It’s been four years since the laborious process of pulling the UK out of the European Union began, and one would expect the language in the final deal to be thoroughly considered. But if a section of the 1,246-page agreement regarding encryption standards for transferring DNA is any indication, this package might be a bit half-baked.
The passages causing a small kerfuffle relate to the protocols outlining the proper way to “encrypt messages containing DNA profile information.” A few days ago, security researchers on Twitter noticed that the section appeared to make recommendations that were severely outdated.
On page 921 of the deal, it states that the “open standard s/MIME as extension to de facto e-mail standard SMTP will be deployed to encrypt messages containing DNA profile information.” From there, it applies minimum encryption standard rules that read:
– the encryption algorithm AES (Advanced Encryption Standard) with 256 bit key length and RSA with 1024 bit key length shall be applied for symmetric and asymmetric encryption respectively,
– the hash algorithm SHA-1 shall be applied.
All those acronyms and bit lengths might not make any sense to you, but if you’re of a certain age, the next line suggesting that s/MIME functionality can be found in the “vast majority of modern e-mail software packages including Outlook, Mozilla Mail as well as Netscape Communicator 4.x,” might raise some suspicion that everything’s not right here.
The last stable release of Netscape Communicator was issued in 2002. Likewise, Mozilla Mail has transformed into other products over the last couple of decades. That could pass as a minor issue since the deal doesn’t prescribe an exact email client that must be used to transfer this DNA data. Unfortunately, the encryption standards are also painfully out of date.
Professor Bill Buchanan, a cryptography expert at Edinburgh Napier University, was one of the first to notice the outdated standards and wrote up a bunch of his thoughts on Medium. He explained the problem with recommending RSA and SHA-1:
RSA is a public-key encryption method and is typically used to digitally sign a document, and thus prove its identity. It does this by taking a digital fingerprint (a digital hash) of the document and then encrypting it with the private key of the entity which is digitally signing the document. The entity’s public key is then used to prove the digital signature. In this case, RSA is used to prove the digital signature, and where SHA-1 is defined as the method of providing the digital fingerprint. While these were a good selection a decade or so ago, they are no longer up to modern security standards. The usage of 1,024 bit RSA keys is not recommended as there are great risks in producing a fake signature, and the usage of SHA-1 signatures has been shown to be flawed by researchers at Google. Normally, these days, we would look towards using 2,048-bit (2K) RSA keys and use SHA-256. You will struggle to find any Web site on the Internet which will use 1K RSA keys and/or SHA-1 for proving their identity.
Buchanan believes that the encryption instructions were simply copy-and-pasted from an older document by a lawmaker or staffer. The BBC points out a 2008 EU regulation that uses the same language as a potential source for the text.
“Overall the handling of DNA data must be seen as one of the highest levels of secrecy and trust,” Buchanan said. “There is little excuse in the use such old standards, especially as there is great expertise around in defining good practice for the sharing of sensitive information.”
Can it be fixed? That seems unlikely. The ambassadors from the EU have already unanimously approved the deal, and the UK Parliament is set to vote on it on Wednesday.