The national anti-terrorist Committee of Russia (NAC) has established a working group to discuss regulation of encrypted traffic, said Tuesday, April 19, the head of Roskomnadzor Alexander Zharov. He personally led a working group at NAC. Also it included representatives of all law enforcement agencies, the Ministry of economic development, the Ministry of communications and industry experts from the Russian Association for electronic communications (RAEC), said Zharov.
Discussion on the new site have been conducted since February of 2016, the working group was created at the request of the security Council of the Russian Federation and shall submit to the Council a report on the results of work by July 1, 2016, said the representative of Roskomnadzor Vadim Ampelonskiy.
In Runet the amount of encrypted traffic, according to various estimates, from 30% to 50%, most of it falls on the HTTPS Protocol, says senior analyst RAEC Karen Ghazaryan. Experts, Google said that the share of encrypted traffic services Corporation averaging over 75% worldwide, 81% in Russia. In “Rostelecom” about 50% encrypted traffic, says the statement. Zharov himself in February 2016 in an interview to “Rossiyskaya Gazeta” said that the share of encrypted traffic in Russia in 2015 was about 15%, and in 2016 may exceed 20%.
“We’re talking about encrypted traffic, which increases the compression of the traffic as legitimate, which is used in browsers and other programs, [and illegal] in other makeshift ways of bypass: proxy-servers, anonymizers, etc.” — said Zharov. According to him, discussed “the introduction of a unified encryption system, [which is necessary ] to understand what happens inside the encrypted traffic.” Members of the group think “can be done with various means of encryption that are used to certify them, to license, to limit the number of encryption schemes”.
Carried away by the encryption
The data encryption model end to end, when data is transmitted from one wireless device to another and accessible only to the sender and the recipient, for several years, uses the messenger Telegram Pavel Durov. In early April 2016 this technology across its billion users have implemented messenger WhatsApp. And on April 19 the beginning of the encrypted data has announced another popular service for messaging Viber.
In the future the market may see technology “by analogy with DPI (deep packet inspection — filtering technology usage by providers — RBC) at the level of encrypted traffic,” said Zharov. Large German Corporation has developed a method of segmentation encrypted traffic, and submitted it for consideration by the working group, said the head of Roskomnadzor. Company name he refused to disclose, citing trade secrets.
Segmentation of traffic need not only for the state to effectively combat terrorism and extremism, but also communication operators, said Zharov. “For the operator from the point of view of business, it is important to prioritize, for example, voice traffic, to monetize the paid services that it provides, at the expense of other traffic types. For example, torrent traffic, which is relatively legitimate field”, — said the head of Roskomnadzor. “Rostelecom” participates in the working group, said a company spokesman Andrey Polyakov. Representatives of MTS, MegaFon and VimpelCom declined to comment.
Encryption may be performed by software, freely available online (Google Chrome browser, messenger of Pavel Durov Telegram, etc.), monitor their use, if only “to put on each terminal device by wire or remotely to constantly monitor the work,” says a source in one of operators. In his opinion, “the very posing of the question of the control of encryption on communication networks is on the verge of violating the constitutional rights of citizens to secrecy of communications.”
The working group of NAC has also been discussing the possibility of regulation of services that use data wireless networks and is able to work without connecting to the Internet, such as messenger FireChat, known as the main means of coordination of protesters in Hong Kong in 2014. “In fact, outside the network of the site is the exchange of packets of information. This is a problem, because so will the drugs be sold, distributed child pornography and so on. We have to do something,” said Zharov.
Similar approaches are being developed in the U.S. and Europe, “the issue of customisation — certification — end equipment,” said Zharov. Specific technological and legislative approaches to the regulation of encrypted traffic will appear not earlier than in two years, he predicts. According to him, the working group does not aim to tighten control over the Internet. “Absolutely everyone understands that to forbid encrypted traffic is not possible, because it is used for absolutely necessary actions, like banking secrecy,” said the official.
Ghazaryan from RAEC reported that the organization believes that “the regulation of encryption is not required, moreover, with high probability it will lead to increased cyber threats and leakage of personal data of citizens”.
In the National anti-terrorist Committee and Federal security service are unable to respond promptly to the requests of RBC.
With the participation of Ilya Rozhdestvensky