Document Proves FBI Wanted Lavabit SSL Keys Because of Snowden
In a new release of court documents related to the Lavabit case, US authorities failed to obscure Edward Snowden’s email address. This proves that the whistleblower was the target of the FBI’s interrogations.
It has long been clear that the FBI was knocking on the door of the encrypted email service provider Lavabit about Snowden, but the owner of the service, Ladar Levison, was not allowed to comment and the name had been removed from documents about the case. The US authorities once mistakenly forgot to remove the e-mail address [email protected] from a new publication, put online by Cryptome, which has now been conclusively established that it was the whistleblower.
The documents also show that Levison wanted in principle to comply with the FBI’s claim, but by providing the time and date of logins and outs, the IP address and non-content email headers of Snowden’s account. The Lavabit owner wanted $2,000 in compensation for costs incurred, with an additional $1,500 for frequent withdrawals.
The FBI rejected the proposal, demanding “any information necessary to decrypt communications to and from the email account, including encryption keys and SSL keys” and “any information necessary to decrypt data contained in the account resides or is associated with it.” In practice, this meant that the FBI could gain access to the communications of all 400,000 users. Something Lavabit resisted.
Lavabit finally gave in and did indeed hand over the ssl keys, printed on paper. As a result, the FBI had to retype all characters, with a high risk of errors. Finally, the service was instructed to provide the keys electronically. Lavabit did so, but at the same time decided that it was impossible to continue his work. The documents also show that the FBI complained that six weeks of Snowden’s data could no longer be accessed due to Lavabit’s training.