1 / 29

Impact of Computers on Society

Impact of Computers on Society. 3. Encryption and Interception of Communication. It Could Never Happen…. Secret FBI papers revealed that John Lennon was ruled out as a communist threat because he was always stoned, London’s Evening Standard reported yesterday. Never….

Download Presentation

Impact of Computers on Society

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Impact of Computers on Society 3. Encryption and Interception of Communication

  2. It Could Never Happen… • Secret FBI papers revealed that John Lennon was ruled out as a communist threat because he was always stoned, London’s Evening Standard reported yesterday.

  3. Never… • Documents show that the FBI suspected that the ex-Beatle was the head of revolutionaries planning to hijack a 1972 Republican conference, and kept him under close watch at first. But Lennon’s abuse of heroin, cocaine and marijuana in the early 1970s eventually ruled him out of FBI investigations. An agent concluded that Lennon “appears to be radically oriented” but “does not give the impression he is a true revolutionist, since he is constantly under the influence of narcotics.”

  4. You Must Be Kidding! • Marilyn Monroe • Lucille Ball • And Albert Einstein… • ...were among the suspected communists tracked by the FBI from the 1950s to 1970s. • Washington Post, September 23, 2005, p. C3

  5. Background • Different levels of message and information security • How secure is the postal service? • How secure is email? • How secure are financial transactions?

  6. Three Main Issues • Whom do you trust? • How powerful is technology? • Technology is a “moving target” • How open should communications be?

  7. A Brief History of Wiretapping 1928 – Supreme Court rules that… • wiretapping is not unconstitutional • wiretapping can be banned by Congress 1934 – Congress passes the Federal Communications Act • illegal to wiretap • no exception for law enforcement

  8. More about Wiretapping • 1937 – Supreme Court stands behind the ban on wiretapping • FBI did it anyway • lax enforcement of anti-wiretapping laws • continuing debate for many years

  9. Wiretapping Allowed • 1967 – Supreme Court rules that intercepting phone conversations without a court order violates 4th Amendment • (2007 – NSA gathers data without warrants) • 1968 – Congress explicitly allows wiretapping with court order • intended to help fight organized crime • USA PATRIOT Act of 2001 loosens restrictions further

  10. Milestones in Interception • The Internet changes the playing field • no longer wiretapping • now, interception of communications • includes broadcast communications • what about fiber optics? • what about monitoring of RF emissions?

  11. Lawful Interception • 1994 – CALEA (Communications Assistance for Law Enforcement Act) requires equipment to be designed to allow interception. • 1999 – FBI’s Carnivore email interception system • required a court order • limited to a particular ISP • what about the email of other subscribers to that ISP? • can’t the ISP do this without having to physically hook up FBI computers to its own? • program terminated in 2005; now using commercially available software • superseded by DCS-3000 system

  12. Echelon • 1998 – NSA’s Echelon. • Not supposed to be targeted at US citizens • NSA denies its existence • Major computing power • Examines RF emissions, including cell phones, etc. • Supposedly sifts through international traffic • Sifts through business and other traffic, not just military and law enforcement • Aside: the US Embassy in Moscow and Dr. Theramin

  13. Echelon criticisms • The line is blurred on US citizens when national security is claimed or when they are abroad • What about our allies – Canada, Britain, Australia, NZ? • Going “deaf” because of the rise of fiber optic transmission rather than satellite • Major question is how much privacy should we be expected to give up in order to (maybe) catch the bad guys?

  14. FISA • Foreign Intelligence Surveillance Act (1978) • Without a warrant… • President can request surveillance without a warrant through the AG for up to one year • Limited to foreign intelligence only • Electronic surveillance • With a warrant… • Requires warrant from a secret court • Both physical and electronic searches • Only five requests for warrants have been denied since 1979

  15. Protect America Act (PAA) • A 2007 revision of FISA • Adds terrorists to the list of possible targets for monitoring • Allows for massive collection of international telecom data without court order or oversight • Disagreement over retroactive protection for telecom companies • Expired on February 17, 2008 when House did not renew • But…

  16. FISA of 1978 Amendments Act of 2008 • Signed into law on August 5, 2008 • Extended for 5 years, September 2012 • Protects telecoms from “past or future” lawsuits for cooperation with warrantless federal surveillance • Removes requirements for detailed description of what is being sought • Requires (secret) FISA court permission to eavesdrop on Americans who are overseas

  17. Recommended Reading • James Bamford • Puzzle Palace: a report on America’s most secret agency (1982) • Body of Secrets: anatomy of the ultra-secret National Security Administration: from the Cold War through the dawn of a new century (2001) • Leo Marks • Between Silk and Cyanide: a codemaker’s war 1941-1945 (1998)

  18. Two Main Computer Defenses • Packet transmission • messages are less vulnerable en route • interception is most effective at the end points • Encryption • Requires a key, which must be passed secretly • Only one unbreakable code: the one-time key

  19. Public Key Encryption • A known, published algorithm • RSA (Rivest, Shamir, Adelman) uses two large prime numbers for keys • Each party has two keys, a private key and a public key • One pair of keys to encrypt, the other pair to decrypt • Brute force attacks are essentially useless unless you have massive computing power • Quantum computing may change this situation • Longer keys make the encryption stronger • Problem of delivering the keys

  20. More Encryption • The problem of computational overhead • Most of us use encryption for financial transactions on the Internet • 40-bit versus 128 or 256 bit encryption, and more • Remember that anything broadcast or transmitted can be intercepted • The bad guys can use encryption, too

  21. A Few Uses of Encryption • Communications, both phone and data • Credit card numbers • Other financial data, for example brokerage transactions • Electronic Funds Transfer (EFT) • Passwords, usernames, account numbers on the Internet • Digital Signatures – did the message really come from that person?

  22. Steganography • Concealing the fact that a message even exists • Hidden in a picture – a digital watermark • Hidden within a document – for example, a computer printed postage stamp • An image could conceal harmful code which will execute on the recipient’s computer • A message or virus could be concealed in almost anything that is digital

  23. Attempts to Control Encryption Technology • 1990’s – Government attempts to restrict export of encryption technology • 1991 – Philip Zimmerman and PGP (Pretty Good Privacy) • “Restricted” browsers and other software • 1993 – Daniel Bernstein’s 1st Amendment lawsuit • 1996 – Courts decide in Bernstein’s favor

  24. Why? • The genie was already out of the bottle • To protect the NSA • …the main goal of the export rules was to restrict encryption to what the NSA could routinely crack in “real time,” that is as messages are scanned. • …to prevent adoption of standard cryptography systems. Standards would encourage more use of encryption and make it harder for the NSA to distinguish the messages it wants to read.

  25. Why?? • …export rules required that companies that wanted to export encryption systems had to disclose the details of their products to the government, ensuring that the NSA had full knowledge of the technologies in use. • Diffie & Landau, summarized by Baase, p. 119

  26. End of Restrictions • 2000 – The government at last gives up the attempt to impose import restrictions on encryption. • Officially, the genie is out of the bottle…

  27. Encryption Control in the US • 1993 – the Clipper Chip • Used an unpublished, secret NSA algorithm • Designed for telephones, also used on computers • Various key escrow proposals. The government wanted a third party escrow agent. • Government and law enforcement would need a court order to get the key • BUT – the escrow agent would be a government agency • A failure before it got off the ground • There is no provision for a “back door” in the USA PATRIOT Act.

  28. And In Conclusion… • Remember that the goal of encryption is to make the difficulty of reading a message not worth the effort. • Technology is progressing very rapidly • To what extent do you trust government and law enforcement to uphold the 1st and 4th Amendments?

  29. One Certain Defense • Although it may be impossible to protect against unwarranted surveillance, at least your mind can be spared. • Wear a tin foil hat!

More Related