On May 10th 2017, the Dutch Public Prosecution Office published a press release (in Dutch) regarding arrests made during police investigations into businesses for allegedly providing/selling crypto phones to criminals. Earlier, the Public Prosecution Office made public their investigation into the Nijmegen-based company Ennetcom. The present investigation involves the Amsterdam-based PGP Safe. Here is my (unofficial) translation of the official press release:
New arrests in the Netherlands for providing crypto phones to the underworld
10 May 2017 – Public Prosecution Office
The police has arrested four suspects on Tuesday May 9th in relation to the 26Sassenheim investigation into selling encrypted mobile phones and services to criminals. A 51 year old man from Guizen and a 66 year old man from Amsterdam are being detained on suspicion of money laundering. A 34 year old man from Amsterdam and a 24 year old man from Almere were also arrested. They would have provided support to the older men.
These are not the first arrests en detainments of provider of encrypted phones and services to the underworld. That also happened in April last year in the extensive investigation, 26DeVink, into the Ennetcom company in Nijmegen.
The money laundering investigation 26Sassenheim was initiated by the Team High Tech Crime of the National Unit of Police. The investigation is focused on two main suspects who offered products and services to, primarily criminals under the trade mark ‘PGP Safe’. The suspects sold customized BlackBerry or Android smartphones that could only communicate in encrypted form. These phones were sold for EUR 1200, on the average. The payments mostly took place as cash payments at public roads.
The Public Prosecution Office suspects the men of laundering part of the yields. The two were presumably supported by family members.
Since 2014, at least 34 Dutch police investigations exist where crypto phones, that the suspects provided, played a role. The investigations involve, among others, (attempted) liquidation and international organized trade in drugs. Police and the Justice Department have clues that suggest the main suspects knew that their products and services were mostly used by criminals in committing such offenses.
Millions of Euro’s and luxurious vehicles
The police and the National Public Prosecutor have searched buildings at eleven locations in the Netherlands. This was done in cooperation with the tax intelligence and investigation service, FIOD. The searches took place in the municipalities of Amsterdam, Huizen, Koggenland and Zandvoort in the province of North Holland, and in Almere and Zeewolde in the province of Flevoland.
A farmhouse of the suspect in Berkhout was seized, as well as a mansion in Amsterdam. The farmhouse has an estimated worth of EUR 600.000 and the building in Amsterdam has an estimated worth of EUR 1.6 million. The police has seized, in total, some 2 million Euro and thirteen vehicles, including luxury editions of Mercedes, Porsche and Audi. Hundreds of phones were found (both BlackBerry and Android phones) and large number of sim cards. Furthermore, 57 bank accounts in the Netherlands are frozen. Simultaneously, the FIOD entered two administrative offices to confiscate the suspects’ book keeping. Several searches were also carried out abroad.
The police and the Public Prosecution Office act against persons who (digitally) support or facilitate criminals and criminal organizations. They are prosecuted for laundering and there criminal capital is seized.
Following 26DeVink, the investigation into Ennetcom, 26Sassenheim is the second large-scale criminal investigation into providers of tools and services for encrypted communication. Both providers are suspected of having provided, to a vast number of criminal customers, means and services, to communicate in encrypted form about serious crime. 26DeVink is still ongoing. It has already yielded information: some 3.6 million messages were decrypted. The investigation into the content and usability of these messages is ongoing.
The Ennetcom case involved a company located in Nijmegen (NL) that sold PGP-enabled BlackBerry phones priced at ~EUR 1500, often with camera and mic removed. According to the Public Prosecution Service, some 40,000 phones were registered (by some 19,000 users). The phones could only communicate with other phones on Ennetcom’s network, and could be remotely wiped by Ennetcom (e.g. in case the phone is lost or stolen). The phones reportedly connected to a server at an IP address that was traced to the telecommunications hub / carrier hotel at 151 Front Street West, Toronto, Canada. On April 18th 2016, a Canadian judge authorized a search of Ennetcom’s server, and “the complete key management system” was found during that search (to my knowledge it is not certain what that refers to, but Symantec PGP Universal Server — part of PGP Support for BlackBerry BES — would be the obvious guess). Data was made available by Canada to the Dutch police on September 19th 2016, which enabled the Dutch police to decrypt user messages. While it is (to my knowledge) not clear what “data” entails here, precisely, the Mutual Legal Assistance in Criminal Matters Act (Re), 2016 ONSC 5699 (CanLII) states:
The Dutch authorities also discovered that the “keys” for the PGP encryption system were generated by the server, rather than by the device. As a result, the Dutch authorities came to believe that the keys to decrypt the PGP encrypted information, on the Ennetcom PGP BlackBerry devices, are stored on Ennetcom’s BlackBerry Enterprise Servers.
So, conceivably, the actual keys were present and handed over, and that was that; although alternative scenarios cannot be ruled out, depending on how the software implements key scheduling etc., in which decryption is not immediately straightforward, but some cryptanalytic method is involved that is feasible depending on whatever other information is present (e.g. all user identifiers, all ciphertexts per user, and all associations between all users, etc.).
Ennetcom’s servers are reported to have been configured such that messages are wiped/overwritten after 48 hours; nonetheless, according to the Public Prosecution Service, some 3,6 million messages were obtained. (Note: “message” as in “instant message”, not as in “email message”; a single conversation can be made up of multiple messages.)
The Public Prosecution Service press release states that prior to seizing Ennetcom’s servers, the police sent a message to all 19,000(ish) users, requesting that if they hold a special profession (such as lawyers, doctors, notaries or clergyman), they inform the police about that (presumably for reasons of due diligence); the police did not receive any response. It is reported that the data remains under Canadian control, and can not be shared further without court approval: “The fear is that unfettered disclosure would expose innocent people to the unjustified attention of police, just because they used an encrypted BlackBerry.”
On March 9th 2017, Ennetcom posted the following press statement:
Press release March 9th, 2017
In response to the press release of the public prosecution service today, in which the public prosecutor indicated to have “cracked” the servers, which the public prosecution had seized from client’s organization Ennetcom, announce I, as the client’s counselor, that first has to be determined, that the public prosecution has done these seizures under false pretenses, based on a suspicion of money laundering with the excuse as if the customers of the phones are criminals.
The file showed that the Ennetcom organization had tens of thousands of customers who bought the phones and the software through resellers and that the public prosecutor could name only 4 actual example cases in which there would have been a PGP phone purchased from a reseller. The company proved to have many customers nationally and internationally, also with governmental agencies and businesses, that wish to safely communicate without being hacked without any criminal reasons. The seizure of the servers was, so it seemed, more an attempt by the public prosecution to gain access on improper grounds to an immense amount of data of tens of thousands in order to “catch fish with a trail-net”.
As if KPN or any other telecom company would simply be invaded and all their possessions being plundered to see who sends a wrongful message.
The public prosecution now tries to give the impression that all servers were cracked, but states at the same time that 3.6 million messages were made accessible, apparently giving the impression as if this would mean a lot of communication. The public prosecutor mentions 40,000 users. However, one message is part of a conversation, so consecutive “yes”, “and then”, “what do you mean”, are three messages in one conversation.
Calculating the number of messages to the number of users, 90 messages per user would have been made accessible. Given the fact that the data on the servers was erased after 48 hours by default, in other words; the messages were destroyed, it would indeed mean for those 40,000 users with 3.6 million messages that only the last 48 hours were made accessible.
The public prosecution speaks in the press release remarkably about “encryption keys which were obtained by the public prosecutor and police during the investigation.” Client’s organization however did not obtain these keys. These keys are in possession of the company responsible for making PGP, namely Symantec. There are many other companies that sell their PGP products in the same way as the client’s company did. The “falling of this communication into the hands of” seems therefore involve a very shadowy area of irregularities and possibly the result of present-day wild hacking.
The public prosecutor assumes to get started on this “loot”, but the Canadian court had, and in my opinion deceived by the public prosecution service, based on the given suspicion, only authorized the use of the confiscated data for 4 defined and appointed investigations. And then there is always the question what messages can be linked to which cases and subsequently be linked to which physical entities.
That still seems a hack too much for me.
UPDATES (from new to old)
UPDATE 2017-08-31: a blogpost by Bits of Freedom states that according to Inez Weski, defense lawyer in case spawn from the Ennetcom investigation, ‘the PGP [private] keys’ were located ‘at a different organization’ than the organization where the Canadian RCMP seized the (or an?) Ennetcom server.