[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
No Subject
extracted from:
LAN Magazine
volume 9, number 8
August 1994
Is it 1984?
by Ted Bunker
The security of data over networks has risen to debate in Congress.
Does the clipper chip ensure security or violate citizens' rights?
FBI Director Louis Freeh is worried. The bad guys are beginning to see
the light, and it is digital.
Freeh fears some pretty nasty folks have discovered they can commit
highway robbery and more, without even leaving home. Worse, to Freeh
and other top cops, by using some pretty basic technologies, savvy
criminals can do their crimes without worrying about doing time.
Some crooks, spies, drug traffickers, terrorists and frauds already
use the tools of the information age to outfox law enforcement
officers. Hackers use PBXs to hide their tracks as they rip off phone
companies and poke around in other people's files. Reprogrammed
cellular phones give cops fits.
Even simpler technologies can ruin an FBI agent's day. For instance,
last year routine telephone services such as call forwarding thwarted
investigators trying to tap lines 29 times.
To Freeh and other law enforcement officials, things are bound to get
worse. As digital telecommunications technologies and powerful,
portable computers spread, they threaten to undermine the
investigative tools of electronic surveillance that the FBI says have
helped put tens of thousands of criminals behind bars in the past 25
years and saved billions of dollars and thousands of lives, No one
disputes this assessment.
But many Americans consider the Clinton administration's proposed
solutions to be worse than the problems Freeh and other law
enforcement officials confront.
Embodied by the much-maligned Clipper chip key escrow encryption
system and the FBI's Digital Telephony proposal, the solutions put
forward by the Clinton Administration have raised a rare mix of
opponents: Civil libertarians, conservatives, and technology gurus
have all lined up against the government's plans. Some vehemently
oppose these plans as serious threats to individual rights. Others say
they could prove ruinous to a leading U.S. industry at a time when the
worldwide market for telecommunications and computers is growing at an
explosive rate. Underlying all the objections is one common thread.
Do you trust your government?
"Basically, the issue is, 'Do you trust your government?'" observed
David Farber, a telecommunications professional at the University of
Pennsylvania in Philadelphia. Farber, testifying before a House
subcommittee on the issue last May, said one of his 23-year-old
students replied that to him and others of his generation, the phrase
"trust government" is meaningless.
Lack of trust in government is understandable. After all, those who
are old enough can remember Communist witch hunts in the 1940s and
1950s, the Army's pursuit of anti-Vietnam War activists in the 1960s,
and of course, watergate and the downfall of President Nixon. All
were, to some measure, abuses of the public trust.
Add to that historical conditioning the potent mix of technologies
involved in digital communications systems and cryptography, and its
not hard to open up deep-seated veins of skepticism and mistrust.
In the words of Rep. Dan Glickman, D-KS, today's digital systems are
"scarier" when it comes to wiretapping and other surveillance
capabilities, "because it's kind of inherently in the machinery
itself." Gone are the people -- the linemen, the switchboard
operators, the central office switch personnel -- who might exercise
their judgement and question a request to tap a line or record the
numbers someone dials. Today's chips and switching systems can be
programmed to do it all automatically.
"If they had the right software package," Freeh told one joint House-
Senate subcommittee hearing last March, phone company staff "could be
home sleeping at night and we could have the access we need."
With the right software and hardware combinations and just a few
keystrokes, the government could listen in on just about anyone. In
the digital age, even a computer could do the listening, alerting a
law-enforcement agent only when certain key words or numbers are
uttered. That's exactly what worries civil libertarians such as Jerry
Berman, executive director of the Electronic Frontier Foundation and
a spokesman for the public-policy interest group Digital Privacy and
Security Working Group, both based in Washington, D.C.
"In short, the [Digital Telephony] bill lays the groundwork for turning
the National Information Infrastructure into a nationwide surveillance
system, to be used by law enforcement with few technical or legal
safeguards," Berman told the House subcommittee in May. "Although the
FBI suggests that the bill is primarily designed to maintain the
status quo wiretap capability in the face of technological changes, in
fact, it seeks vast new surveillance and monitoring tools."
Strong language, to be sure. But then, the FBI's Digital Telephony
proposal is such strong medicine that some people think it could
poison a critical industry and seriously retard the development of the
national information infrastructure. Similar criticisms have been
leveled against the Clipper chip plan.
"If we are to maintain our leading position in the information
marketplace, we must give our full support to the development of open
international security standards that protect the interests of all
parties fairly," said Whitfield Diffie, one of the inventors of the
public-key encryption concept and now a distinguished engineer with
Sun Microsystems (Mountain View, CA). "A standard based on a secret
American technology and designed to give American intelligence access
to the communications it protects seems an unlikely candidate for
widespread acceptance."
How did we get here? The first formal attempts to address the
challenges posed by digital communications systems began during the
Bush Administration. Meetings between Justice department and telephone
company officials started in 1990 and continued into early 1992, when
a formal industry group, the Alliance for Telecommunications Industry
Solutions (Washington, D.C.), set up its Electronics Communications
Service Providers committee.
But the group holds no authority over the estimated 2,000 providers of
telecommunications services operating in the country. And in any case,
in the view of the FBI, it came up with no workable solutions to the
problems posed by new technology. So, in 1992, the FBI made its first
attempt to push through legislation, meeting with a withering assault
by civil libertarians and industry figures who said it overreaching,
intrusive, and without adequate justification.
A few months after President Clinton took office, he ordered a
National Security Council (NSC) review of the problem. Eight months
later, the NSC panel offered several policy options. "As a result of
their review of the options, it was unanimously decided that
comprehensive legislation was the only effective way to deal with the
digital telephony problem," Freeh testified at the March House-Senate
hearing. The resulting proposal, he added, neither enlarges nor
reduces current authority for government access to communications
content or call setup information, such as numbers dialed or the
locations of phones.
In his written testimony, Freeh went on to sum up the proposal's main
elements: It would require common carriers to supply the capability
and necessary capacity to enable government to conduct lawfully
authorized electronic surveillance. Phone companies would have to
provide assistance for all wiretap, trace, and "pen register" dialing
records "expeditiously and simultaneously," Freeh wrote.
(Law-enforcement officials can obtain a warrant to place a pen
register on a phone line to record what numbers were dialed and from
where they were dialed.) Phone companies would also have to comply
regardless of system features used or the mobility of the target.
Phone companies would also be required to give authorities access in
unobtrusive ways, and be able to supply the content and other
information to remote locations. Failure to comply could result in
fines of up to $10,000 per day.
"The essence of the legislation is to clarify and more fully define
the nature and extent of the service provider's 'assistance'
requirement that was enacted by Congress in 1970, which Congress
imposed so that court orders would not be frustrated due to a
provider's failure to furnish needed technological assistance and
facilities," explained James Kallstrom, special agent in charge of the
FBI's Special Operations division in its New York field office.
Kallstrom, like Freeh and others before him at other hearings,
stressed that failure to adopt the measures sought by the FBI could
expose the nation to the predations of sophisticated criminals.
Rather than pitting government against the First and Fourth Amendment
rights of law-abiding Americans, Kallstrom told a congressional
committee, "I see this as a balance of power between the government
and the criminals."
The cost of compliance
Critics remain unconvinced, however, and not just on civil liberties
grounds.
While he said the proposal is "overly broad," Ron Neel, president of
the United States Telephone Association (Washington, D.C.), added, it
"does not cover all of the technologies and systems that should be
covered by any rules that are put in place." The USTA is a lobbying
group representing about 1,100 local telephone companies. Ultimately,
Neel told congressional inquisitors, the FBI bill could prompt greater
use of such advanced telecommunications systems as special mobile
radio and personal communications services, which aren't considered
common carriers.
"It makes unreasonable and perhaps impossible demands on those it does
not cover," Neel continued, adding: "It is unnecessarily punitive, and
it is economically unfair and impractical."
To assure access at any given time, all telephone companies will have
to post someone to a law-enforcement liaison role at all times, or risk
a $10,000 a day fine or being shut down entirely, Neel says. The cost
of this and other aspects of the FBI's plan could be staggering.
Just to make sure wiretaps could be placed on calls that are
automatically forwarded to another number could cost $1.8 billion,
Neel says. Others estimate compliance will cost several billion
dollars each year, a cost that Neel says would undoubtedly be passed
on to consumers. While the proposal calls for agencies to compensate
phone companies for their costs, he notes that collection can be
time-consuming, and that, in any case, it is left to the government to
decide how much to pay.
FBI and other administration officials remain unfazed by such
cost-conscious criticisms. "Today will be the cheapest day on which
Congress could fix this thing," Kallstrom said. "Two years from now,
it will be geometrically more expensive."
Freeh contends that the government isn't trying to dictate technical
standards or tell industry what technology to use or to avoid. But,
because of the vagueness of the requirements, Neel and others say the
the proposed law will stifle development of new technology.
"This legislation would make the Attorney General the arbiter of
whatever technologies and equipment can be deployed in the public
telecommunications network," Neel said. "Our nation cannot be held
hostage to inexpert analysis of telecommunications technology as we
move into the information age," he asserted, adding that the FBI
proposal "creates an enormous speed bump in the information
superhighway."
Others outside the industry agree with Neel's assessment. "The Digital
Telephony proposal presents a major drag," said Farber, the Penn
professor. "Whenever a new feature is being considered for
implementation and marketing, one very important issue will be how
much it will cost to implement it."
Farber says compliance could easily cost the industry more than #3
billion a year, and adds the modifications it could require might
disrupt the nation's communications networks. Ultimately, he says the
Digital Telephony and Clipper plans could diminish American
competitiveness in developing markets, such as Eastern Europe or
Southeast Asia. That is a frightening prospect to some in the
industry, and for good reason.
Global telecommunications demand is growing fast, and combined with
the computer and entertainment industries, it is expected to reach
$3.5 trillion by the end of the decade, according to the International
Telecommunications Union. The ITU expects the computer,
communications, and entertainment industries to have merged completely
by then.
"Telecommunications is becoming the world's biggest economic sector,
growing faster than anything else, being the real engine for growth in
almost all economies," said Pekka Tarjanne, the ITU's
secretary-general, at an ITU trade fair in Cairo earlier this year.
"The overall growth rate of the sector is continuing to accelerate in
spite of worldwide recession."
To prevent erosion of America's leading position as a
telecommunications equipment and service provider to the world, Neel
said, "It is extremely important that the public maintain confidence
in the privacy of the telephone system."
Freeh may not want certain types of information, Neel said, but it's
"extremely difficult to ferret out the kind of information he doesn't
want." And in so doing, Neel concluded, "It forces the phone company
to become an agent of law enforcement."
Freeh counters by stressing that the FBI wants only to preserve its
present authority. "Law enforcement is not seeking to build 'back
doors' to sneak into common carrier's systems," Freeh said. "The
proposed legislation is not some dreaded Orwellian prophecy come
true."
Besides, Freeh asserted, telecommunications industry officials "have
bluntly told law enforcement that the existing telecommunications
systems and networks will thwart court-authorized intercepts." Freeh
said in recent years several hundred authorized surveillance efforts
have failed partly or entirely because of "technological impediments."
He said last year alone, 91 intercepts ran into technological
problems, most involving either cellular telephones or call-forwarding
features. But Congress remains unconvinced.
"We are inching closer and closer to 1984, aren't we?" observed Sen.
William S. Cohen, R-ME, during one of the several congressional
hearings. He blamed "increasingly intrusive technology" for this trend.
Yet, he recognized the FBI's need to guard against criminal activity
and terrorist attack. There is a "constant tension" between the need
for privacy and the need for protection, he added.
"We do have some very serious privacy concerns," said Sen. Patrick
Leahy, D-VT, the chairman of the Judiciary committee's technology
subcommittee. "That's one of the underlying questions in this whole
thing."
It's a matter of privacy
Concerns about privacy and the potential for abuse are not without
foundation, as even some lawmakers can attest. Rep. Don Edwards, D-CA,
chairman of the civil rights subcommittee of the House Judiciary
committee, recalled that in his short service as an FBI agent in the
days before legal authority for wiretaps existed, the agency used the
technology anyway. Today, this kind of abuse is frightening indeed.
Freeh's proposal, Berman said, "will tell you what movies you may be
watching, what newspapers you're reading, what doctor you're seeing...
This is NCIC squared." NCIC is a national computerized criminal
records system operated by the Justice department.
"I don't want anybody to go nose around in all that, anymore than I'd
want somebody to open my mail," Leahy said. But Freeh claimed that
such transactional information is not covered by the proposal, and is
adequately protected under existing laws.
Besides those with concerns about preserving civil liberties, some
members of Congress worry that the FBI proposal and the Clipper chip
plan would put government in a position to shape a huge and rapidly
evolving sector of the nation's economy. Plenty of lawmakers share
Leahy's appreciation of just how technologically backward the
government can be, especially when it comes to computers and
communications systems.
So when Freeh stood in front of lawmakers in a Senate hearing room
last march to say that Americans "want to have a cop" on the digital
information highway, he was met with considerable skepticism.
"I am not prepared to support a government veto on technology
advances," Leahy told Freeh. "I'm frustrated by that idea." He added,
"If we do that, then you'll find people going to Sweden and Germany to
buy their phone systems, because we'll fall behind."
Noting the government's "outrageous" track record when it comes to
deploying telecommunications and computer technology, Leahy said if
the Justice Department had to sign off on any telecommunications
advances before they could be deployed, "We'd still be back in rotary
telephones."
He has a point. After all, the White House employed telephone operators
on an old-fashioned switchboard system until last year. And during the
Persian Gulf War, off-the-shelf cellular telephone systems turned out
to work better than expensive military communications gear.
Science and Art
But when it comes to cryptography, the mathematical science of
encoding and decoding, U.S. government employees are among the best in
the world. And many of them work for the Pentagon's National Security
Agency, or NSA, an electronic cloak-and-dagger operation charged with
collecting "signals intelligence" against foreign targets. NSA is also
charged with maintaining computer systems security for the U.S.
government, which is why it designed the key escrow encryption system
of which the Clipper and lesser-known Capstone chips are part.
Unofficially, NSA is thought to have prompted the Clipper plan in
order to head off the commercial success of strong encoding
technologies developed outside the government. That view fits with
NSA's historic role in making available the current widely used
encoding system called Data Encryption Standard, or DES. Under Adm.
Bobby Ray Inman, NSA made DES available for use within the United
States in the 1970's.
Earlier this year, the Clinton administration announced it would
implement the Clipper chip system as a "voluntary" standard suitable
for all non-classified government communications. The action makes it
possible for all government agencies to require the use of
Clipper-enabled communications devices for any sensitive work, either
by staff or outside contractors. With the government's tremendous
buying power, the White House's action could crowd out competing
cryptographic technologies, making Clipper the de facto standard. And
some outside the government ask why is that necessary.
To date, law-enforcement officials have not been "significantly
frustrated by voice encryption," according to Assistant Attorney
General Jo Ann Harris, chief of the Justice department's criminal
division. In pursuing the Clipper plan, she told Sen. Leahy in May, "We
are trying to anticipate, to get ahead of the curve."
Clipper refers to a chip that encodes communications as they pass
through it. It is designed to be embedded in telephones, fax machines,
and modems. While Clipper systems make calls indecipherable to anyone
eavesdropping, the Clipper chip has a "trap door" that the government
can open, giving investigators access to decrypted or "clear" calls.
The key to this door, unique to each chip, would be split into two
pieces and held separately in "escrow" by Treasury and Commerce
department officials.
To many people outside government, Clipper's accessibility, however
closely guarded, opens the door to abuse.
Earlier this year, some 45,000 people signed an electronic petition
against Clipper circulated over the Internet. One oft-cited poll in
March found 80 percent of those asked objected to the Clipper plan.
Still, the White House, led by Vice President Al Gore, plows ahead
with Clipper.
"There is an inherent balancing test which has to be applied," Gore
told a group of reporters in a private meeting in late February. "The
law enforcement and national security interests are of the first order
of magnitude and extremely important." He asserted that Clipper
strikes the right balance between national security interests and the
privacy rights of the individuals and firms.
"We have no intention of supporting some system that will create a de
facto ease of entry into the information superhighway for
law-enforcement officials without proper legal proceedings," Gore
said.
Critics fear that's just what Clipper ultimately will allow.
"Many worry that such an escrow system could be vulnerable to misuse
by a future administration or overzealous law-enforcement
organizations," Farber told the House subcommittee. "The position of
the administration worries many in the technical community, since they
feel it is but the first step to the banning of any form of encryption
except that approved and escrowed by the government."
"The Clinton administration says 'not on our watch,' and I believe
them," Farber added. "However, our grandchildren will not have them on
watch when they grow up. So we need a lasting and effective solution
to this problem, not a quick fix that is technologically unsound and
unwise as a matter of public policy."
Clipper's defenders say it is the fairest, most effective way to
ensure the preservation of the law-enforcement agency's current
authority, while at the same time providing society with a very strong
method of protecting communications. For instance, Clipper is 16
million times harder to break using a "brute force" approach than DES.
>From Adm Michael McConnell, the director of NSA, to FBI agents such as
Kallstrom, Clipper supporters claim much of the opposition to the plan
stems from misinformation. Opponents say one reason for that is that
much of the Clipper system remains shrouded in secrecy, including the
algorithm, known as Skipjack, used to encrypt communications as they
pass through the Clipper chips.
Dorothy Denning, a cryptographer who heads Georgetown University's
computer science department, was among a handful of outsiders allowed
to examine the classified Skipjack algorithm. After trying to break
it, she and others determined that "there was no significant risk that
Skipjack could be broken by any short-cut method of attack." Moreover,
she testified, it would be 36 years before a brute force approach --
trying every possible combination of keys -- would be economically
feasible.
But the details of how the escrow bureaucracy would work and how
authorized agents would obtain and use the keys, then destroy them,
have yet to be worked out. At one point, the Justice department's
Harris said she believed the Clipper keys, once issued, would
"self-destruct after a certain period of time."
Opponents remain unconvinced. Some, like University of Pennsylvania's
Farber, suggest placing the keys under the control of nonexecutive
branch agencies, or even in the custody of some private-sector
organization. Clipper is a non-starter as long as the government
controls the keys, say executives in banking, computer services, and
other industries.
Comments by Les Alberthal, chairman and chief executive of General
Motors' EDS (Dallas) unit, reflect the discomfort felt by many
business people when they consider Clipper and its implications.
"I can understand what the government is trying to do," Alberthal
says. "I shudder a little bit at the potential of that sort of
eavesdropping on normal business and normal people's lives.
"We criticized Russia for years for doing that, and yet we're turning
around and trying to do the same thing. Somehow or other, we're going
to have to figure out some process, whereby the illegal kind of
activities, the courts can get at to deal with," Alberthal notes,
adding: "But I do not believe a blanket ability to enter into, watch,
monitor, or pull information out of normal processes or business
cycles is really going to work."
An American disadvantage
While the U.S. government meddles with the market for encryption,
causing major purchasers to delay acquisitions, it gives foreign
competitive advantages over its suppliers, in the view of Martin
Hellman, a Stanford University electrical engineering professor who
studied the issue for the Business Software Alliance (Washington,
D.C.). Government meddling risks slowing the development of America's
information structure, he adds, pointing out that it may also lead to
the creation of incompatible infrastructures in other parts of the
world, where encryption technology is not restricted.
Hellman and others say that for any network to gain widespread
acceptance as a medium for commerce, it must be trusted to deliver
communications with absolute privacy and integrity. "Just as people do
not use post cards for most of their mail, prudent users will refuse
to trust most information to an insecure NII," Hellman writes in a
study of the issue. Absent that level of security, the American
information superhighway could become a monumental white elephant.
"Local area networks are, in reality, spy networks in which each node
watches all the information flowing over the shared cable and picks
out only those messages with its address. It would take only a minor
modification to create phantom nodes that watch all information
flowing over the cable and pick out only those intended for someone
else on the network," Hellman writes. "Because such phantom nodes look
like normal nodes, it would be hard to detect their existence."
E-mail messages, for instance, often pass through "supernodes" en
route to their final destination, and thus could easily be picked off
and copied or altered along the way, hellman notes. He says the NSA,
aware of the potential problems this could cause, "prohibits its own
confidential information from being sent over the Internet. Instead,
the agency uses its own secure e-mail network and is extremely careful
to prevent any connection between the two."
Additionally, Hellman observes that America's allies -- as well as its
old opponents -- continue to pry into the affairs of U.S. businesses,
particularly those with proprietary technology. Government officials
in the U.S. and Canada have testified recently concerning the
activities of French, Japanese, Chinese, and Russian services spying
on U.S. corporations. So those that operate without the benefit of
data encryption and other security measures are at risk.
Reluctant acceptance
Data security and integrity is a vital issue to many people in
business. One survey, conducted among Fortune 500 companies by Forest
& Sullivan last year, found 92 percent of the 151 respondents felt
information security was important. Data encryption was counted as an
important tool to that end by 46 percent. Datapro, a McGraw Hill
research unit based in Delran, NJ, found that 29 percent of the 1,153
respondents in a 1992 survey used end-to-end encryption systems to
guard their communications.
Yet for all that interest, AT&T, the only maker of Clipper telephone
systems, counts the FBI as its biggest customer. Earlier this year,
the agency ordered 9,000 of the Clipper units, which retail at a cost
of $1,090 each.
Stephen Walker, founder and president of Trusted Information Systems
(Glenwood, MD), a long-time NSA cryptographer, argues that the Clipper
plan is hopelessly flawed from an economic standpoint. Citing market
estimates that there are 250,000 voice encryption systems in use
today, Walker told a Senate hearing that the $14 million Clipper setup
costs and its $16 million annual budget would mean that the cost of
intercepting Clipper encrypted calls could run as high as $6.4 million
each, given that only an estimated 2.5 Clipper-encoded calls would be
intercepted each year.
He derived those numbers based on the estimated 500 million phones in
use in the United States, the number of wiretaps likely in a year
(5,000), and the statistical likelihood that a target line would be
encrypted, assuming that all encryption would be with Clipper systems.
Besides those impractical economics, Walker points out that by
doubling up DES encryption -- running a communication through two
different devices -- someone who wants to frustrate a wiretap could
have a code that is stronger than Clipper, and for which there would
be no escrowed key. Besides, he and others note, there are literally
hundreds of other encryption systems available today, including many
that use DES and some that use "public key" methods that make encoded
electronic mail unbreakable.
Based on his analysis, Walker added, "I'm convinced that five years
from now they'll say 'This isn't working,' so we'll have to change
the rules." Then, he predicted, Clipper will be made mandatory for all
encoded communications.
One way in which Clipper could be made acceptable, Walker says, is to
make the judiciary system act as the escrow agent. That way it would
at least be independent of the executive branch, and would reinforce
the traditional American method of balancing governmental power among
its different branches.
But Diffie, the Sun engineer, contended that any escrowed system is
hopelessly flawed when it comes to communications encryption security.
Good security practice in communications, he observed, means keeping
the decoded keys around far as short a time as necessary, then
destroying them. Today, secure phones use keys that exist only for as
long as a single encrypted call lasts, and once destroyed can never be
recreated. "A key escrow proposal surrenders this advantage," he said,
"by creating a new set of escrowed keys that are stored indefinitely
and can always be used to read earlier traffic."
Stored data that is encrypted is useless without a key, Diffie
noted. For that reason, the user has to keep a copy of the key
somewhere, and that makes it obtainable by traditional methods like
those that are used to retrieve paper records today.
Finally, Diffie noted, "The reason there is so much disagreement is
that there is so little evidence of a problem." No one has claimed,
after all, that the bad guys are using voice encryption technology
today. Even master spy Aldrich Ames, the renegade CIA officer
turned Soviet mole, used clear lines to plot his misdeeds.
With the rapid advances in computing and communications technologies,
Diffie asserted, "If allowing or even encouraging wide dissemination
of high-grade cryptography proves to be a mistake, it is likely to be
a correctable mistake."
"If, on the other hand, we set the precedent of building government
surveillance capabilities into our security equipment, we risk
entrenching a bureaucracy that will not easily surrender that power
this gives."
--------------------------------------------------------------------
Ted Bunker is a freelance journalist who covers technology policy
issues. He is based in Washington, D.C. and can be reached at
[email protected].