[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FYI] (Fwd) BBC Online 28/9/2001: "FIPR - Net surveillance 'fatally flawed'"




------- Forwarded message follows -------
From:           	"Caspar Bowden" <cb@fipr.org>
To:             	<ir-l@gn.apc.org>, <cyber-rights-UK@mail.cyber-rights.org>,
	<apc-ir-legal@gn.apc.org>, <cryptography@wasabisystems.com>,
	"Ukcrypto" <ukcrypto@chiark.greenend.org.uk>
Subject:        	BBC Online 28/9/2001: "FIPR - Net surveillance 'fatally flawed'"
Date sent:      	Sun, 30 Sep 2001 22:15:46 +0100

http://news.bbc.co.uk/hi/english/uk_politics/newsid_1569000/1569874.st
m Net surveillance 'fatally flawed'

UK Foreign Secretary Jack Straw says campaigners against stronger
internet surveillance laws have hurt the anti-terror fight. He
suggested that with stronger powers, the security services might have
detected some of the 11 suicide hijackers who are now known to have
passed through the UK on their way to the US. 

But Caspar Bowden of the Foundation for Information Policy Research
argues that the main methods suggested for dealing with criminal use
of internet encryption are fatally flawed: 

 ---****---

Following the terrible events of 11 September, Jack Straw has
described opponents of the internet surveillance legislation he
enacted last year as "naïve". 

Both government and broadcasters have framed the debate as a
platitudinous "balance" between civil liberties and public safety. 

But this was always a false dichotomy - the main thrust of criticism
against the RIP Act is that it is completely ineffective. 

Four methods have been suggested for dealing with criminal use of
encryption. Three are fatally flawed, but more importantly, they try
to solve to wrong problem. 

The 'back-door' 
===============
All encryption would be prohibited except an officially sanctioned
version which contains a secret weakness allowing all traffic to be
broken. 

Flaw: If the secret of the backdoor is ever leaked, the security of
the entire communications infrastructure would be blown wide open and
could not be repaired or quickly replaced. 


'Key escrow' 
============
Everybody using encryption must deposit a copy of their key in a huge
database. Any particular message could thus be unscrambled, under
warrant. 

Flaw : An encrypted message is like a letter in an impregnable
envelope, which can itself be enclosed in another envelope. 

Without opening the outer envelope, it is impossible to know whether a
particular message has already been encrypted with an undeclared key,
before it was encrypted with a registered key. 

Moreover, the vast majority of computer scientists believe that a
global integrated system to escrow billions of keys is operationally
infeasible. 


Power to demand decryption 
==========================
The RIP Act gives powers to demand decryption of any message or data,
whether or not a person is suspected of any crime. 

Flaw: An encrypted message is totally opaque - nothing can be inferred
about the contents which would help a court rationally separate the
innocent from the guilty. 

Anybody could be jailed for two years on a false accusation, without a
shred of evidence, merely for failing to prove they have forgotten
something. 

And a terrorist is obviously not going to surrender a key to evidence
which would lead to conviction on a much more serious charge. 


Attack the end-points 
=====================
If the device either sending or receiving the message can be
identified, then if it can be "got at". 

Computers can be bugged in hardware, software, or possibly hacked
remotely. 

Intelligence agencies and the military will not trust the police with
these black arts, which will need unprecedentedly stringent
supervision, since their use would corrupt the legal validity of any
chain of evidence. 



Computer scientists and security specialists understand the
seriousness of what is at stake, and have wrestled with these dilemmas
for a decade with no breakthrough. 

Details of security policy are often necessarily secret, but the
reasoning refuting three of the four options is unshakeable. 

None of these options can prevent hiding of information or
steganography. 

Spies and terrorists have long used tradecraft such as chalk marks on
a park bench, or everyday language with a veiled meaning. 

In cyberspace, these equate to an innocent phrase in a chat-room, or
weaving the bits comprising a message into a sound or picture file so
it cannot be detected. Without knowing who and what to look for, it is
impossible to screen for every variation. 

Those who want a nostalgic return to the era of phone-tapping are
either naïve, or impervious to reason. 

If you want to stop terrorist cells communicating via the internet,
dismantle it. Encryption is irrelevant.

 ---****---




---------------------------------------------------------------------
The Cryptography Mailing List Unsubscribe by sending "unsubscribe
cryptography" to majordomo@wasabisystems.com
------- End of forwarded message -------