The FSB, the Ministry of communications and the Ministry of industry intend to develop mechanisms to decrypt all Internet traffic from Russia. About it reports “Kommersant” with reference to own sources.
Currently, the law requires venue owners and organizers of information distribution (social networks, messengers, etc.) to hand over encryption keys at the request of the FSB. However, a large number of sites are not the organizers of information distribution, but use a secure https connection. Without decrypting the traffic is not always possible to understand where and why the user has visited, said the newspaper.
Decrypted traffic is scheduled using the MITM-attacks (Man in the Middle). Special equipment for user will be a website and for the website user. Intercepted from the server traffic before sending back must be encrypted by SSL certificate issued by the Russian certification authority, the source of publication.
According to the publication, the analysis of traffic planned for by key words using the system DPI (Deep Packet Inspection), which are currently widely used by mobile operators to filter the prohibited sites. It is expected that these measures will help to prevent potential threats associated with the spread of terrorist ideas via the Internet. The scheme will allow even to build profiles of user behavior in the network, including an assessment of their psychological state and tastes.
According to one of the sources of the newspaper, the FSB advocated that to decrypt all traffic in real time and analyze its key parameters, for example the word “bomb”, but the Ministry insist on decrypting traffic only to subscribers that will attract the attention of law enforcement. As notes the edition, the Ministry of industry and trade refused to comment on this, the communications Ministry and the FSB did not respond for a request for publication.
Earlier in the framework of the specific requirements of the “law of Spring” the FSB has adopted procedures to decrypt electronic messages to the user. The organizer of information dissemination in the Internet must pass data to decode on the basis of a request of the Commissioner of the division, said the Agency. Encryption keys can be transferred to magnetic media by mail or email, another option for Internet companies to provide access to the structure of the FSB directly to the system. According to the anti-terrorism package of laws, the failure to prosecute Internet companies information for decoding of electronic communications is punishable by a fine up to 1 million rubles.
That the solution to decrypt Internet traffic need, stated in the technical requirements for the execution of the “Spring law”, which in August sent “Rostelecom” in the relevant ministries.