SlideShare une entreprise Scribd logo

Encryption & interception of communication

Télécharger en tant que PPT, PDF
U
Uc Man

This chapter discusses controversies around encryption, communications interception, and privacy. It covers laws governing wiretapping, the debate around key escrow systems, and concerns that government surveillance programs like the NSA's Echelon overreach. The chapter also explains cryptography techniques like public key encryption and steganography, and why strong encryption is important for activists facing human rights abuses. Overall, it examines tensions between law enforcement access to communications and privacy advocates who fear excessive government monitoring.

Business
1  sur  24
A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 1 Social, Legal, and Ethical Issues for Computers and the Internet Encryption and Interception of Communications
A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 2 A Gift of Fire Encryption and Interception of Communications Overview of the Controversies Intercepting Communications Cryptography and Its Uses Encryption Policy: Access to Software, Keys, and Plaintext Fundamental Issues
A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 3 Overview of the Controversies Communications Privacy Affected by: Interception of communications, including: • Telephone, E-mail, and Web activity. Restrictions on secure encryption. • Exportation of strong encryption was viewed as a threat to national security. CALEA (Communications Assistance for Law Enforcement Act). • Communications technology must assist law enforcement. Global surveillance systems. • The constitutionality of domestic systems and the necessity of international systems are under question.
A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 4 Intercepting Communications Wiretapping Telephone: • Pre-1934: used widely by government, businesses, and private sector. • 1934: the Federal Communications Act disallowed unauthorized wiretaps; many ignored the law. • 1968: the Omnibus Crime Control and Safe Streets Act restricted wiretapping by requiring a court order. Q: Can law enforcement intercept communications without a court order?
A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 5 … Yes…in an emergency. A device called a “pen register” and a “trap and trace” can be used to determine the telephone numbers called or the number from which a call is made. These do not require as much court scrutiny and justification as intercepting the contents of a call.
A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 6 Intercepting Communications Wiretapping New Technologies: • 1986: Electronic Communications Privacy Act (ECPA) and its amendments restricted government interception of e-mail, cell-phones, etc.. • 2001: USA Patriot Act loosened restrictions on government wiretapping and communications interception. Q: Does the USA Patriot Act supersede ECPAs restrictions?
A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 7 Intercepting Communications Designing Communications Systems for Interception and Tracking Obstacles to interception: • Incomplete pen-registers as a result of long distance service. • Packet-mode communications (e-mail, file transfers, Internet phones). Solutions: • CALEA: Requires telecommunications equipment be designed to ensure interception by law enforcement (with court order). Q: Why did privacy advocates object to CALEA?
A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 8 … Privacy advocates argued that finding packet based items allowed the government to go beyond what was necessary. They objected to the increased authority to get numbers entered after the initial phone call was made. These numbers might be account numbers, passwords, PIN’s, and so forth.
A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 9 Intercepting Communications Designing Communications Systems for Interception and Tracking (cont’d) CALEA • Costs include modified hardware, software, and overuse by authorities. (500,000,000!!!) • Wiretappable systems vulnerable to criminal hacking, industrial spies, etc.. • Competition weakened due to restricted changes and diversities. Q: CALEA allows for the interception of PINs. Do you support this use?
A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 10 Intercepting Communications Carnivore FBI’s system to intercept e-mail with a court order. • Pro: Law enforcement needs this tool to fight crime. • Con: All e-mail goes through FBI’s Carnivore system. Q: Does Carnivore violate the 4th Amendment? The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 11 Intercepting Communications NSA and Echelon NSA (National Security Agency): • Collects and analyzes communications to find threats to national security. Echelon: • Member nations intercept communications for each other. It checks Telephone conversations, e-mails, and downloads of targeted suspects. Q: Should the NSA be permitted to intercept all e-mail entering and leaving the U.S.?
A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 12 Cryptography and Its Uses Cryptography Definition: • Hiding data in plain sight. Terms: • Plaintext: Original, readable message or data. • Cyphertext: Modified, unreadable message or data. • Encryption: The act of converting plaintext into cyphertext. • Decryption: The act of reverting cyphertext back to readable, plaintext. Q: Are there other ways to hide a message in plain sight?
A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 13 Cryptography and Its Uses Public Key Cryptography How it works: • User creates a mathematically-related key pair (public and private keys). • Public keys are shared publicly; private keys are kept secret. • Public keys are used to encrypt message or data. • Private keys are used to decrypt message or data. Benefits: • No secret keys need be shared or transmitted. • Very secure. Q: How does key-size affect the ‘strength’ of encryption?
A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 14 … The larger the key size, the more possible keys there are. If a 40-bit key is used, there are 2^40, or more than a trillion possible keys. We now use 512-bit keys.
A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 15 Cryptography and Its Uses Encryption Used by: • Military personnel. • Financial institutions. • Human-rights activists. • Government agencies. • Anyone wanting to keep messages or data private. Q: Why are strong encryption tools needed by human-rights activists?
A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 16 Human Rights and the use of Cryptography `There has been no time that human rights concerns have been more visible than recent years as networks of local and international activists bring abuses to light. Global integration of telephone and fax lines are a direct cause.' (PoKempner, 1997) By providing quick and cheap communications and access to any kind of information, the Internet is the first truly interactive mass medium. It is not only used for fun and commercial purposes by the `consumers' but also used by those campaigning against human rights abuses. There are many organizations dealing with human rights abuses all around the world and these organizations do use the Internet to communicate with their members or with dissident groups. Before the governments can suppress the dissemination of critical writings, and reports, the authors can distribute their work through the Internet outside repressive regimes. It is well known that the Burmese dissidents(3) or the Mexican Zapatistas use the Internet to communicate with the rest of the world . It is critical and vital for human rights activists, political dissidents, and whistle blowers throughout the world to facilitate confidential communications free from government or any other intrusion. Strong encryption is the only answer for this problem .
A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 17 Cryptography and Its Uses Steganography Definition: • Hiding data so that its existence is not known. Examples: • Digital watermarks. • Hiding text in image files. Used by: • Military, • Publishers, • Anyone wishing to hide messages or data.
A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 18 Encryption Policy: Access to Software, Keys, and Plaintext Secrecy and Export Controls Control of Secrecy • The NSA designs unbreakable codes for the U.S. government. • The NSA attempts to break codes used by other governments. • In the past, the NSA also controlled the funding for and publishing of cryptographic research. Control of Exportation • Early U.S. policy prevented the exportation of strong encryption. • Meanwhile, foreign production and use of strong encryption negatively impacted U.S. competition in the world market. • Cryptographic researchers, privacy advocates, and others successfully challenged exportation restrictions. Q: Why did the U.S. government insist on controlling export of strong crypto?
A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 19 … The government argued that the export prohibition was necessary to keep strong encryption from terrorist and enemy governments.
A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 20 Encryption Policy: Access to Software, Keys, and Plaintext Domestic Encryption Key Escrow • Third-party (some organization other than the user) entrusted with non-public encryption keys. Problem…the government could get access with a court order. Real-time Access to Plaintext • Immediate decryption of encrypted data. • Long-time goal of the FBI. Key Recovery • The ability to recover encrypted files if necessary. • Used by some businesses. Q: Should key recovery systems be voluntary or compulsory?
A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 21 … Businesses often want key recovery…if an employee is not available and someone else must read encrypted files…problem. The government argued to make key recovery compulsory so that law enforcement agencies would be able to obtain messages and have them decoded by escrow agents by using search warrants and court orders.
A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 22 Fundamental Issues Role of Secrecy U.S. Policy Keeps Secret: • Cryptographic research. • Wiretap ease or difficulty. • Encryption algorithms. • Software (e.g. Carnivore). • Global endeavors (e.g. Echelon). Problems: • Secret algorithms cannot be tested by experts. • ‘Backdoors’ might exist. • NSA-influenced wiretap and encryption exportation bills. Why? Disclosing this information can help criminals and terrorists!
A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 23 Fundamental Issues The Ever-changing Status Quo Past: • Simple codes and cyphers. Present: • 512-bit RSA encryption. • AES (Advanced Encryption Standard). Future: • Quantum computing. • Quantum cryptography. Q: Today, do coders or decoders have the upper hand?
A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 24 Fundamental Issues Trust in Government Appropriate or Abusive? • Wiretapping by FBI and local police. • Wiretapping by NSA. • Strong encryption restrictions. • Roving wiretaps. • Cell-phone tracking (and E-911). • Key logger systems. • Development of a nationwide standard for surveillance.

Recommandé

Encryption & interception of communication
Encryption & interception of communicationEncryption & interception of communication
Encryption & interception of communicationUc Man
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1Manu Mathew Cherian
 
Intelligence Collection and Analysis
Intelligence Collection and AnalysisIntelligence Collection and Analysis
Intelligence Collection and Analysisatrantham
 
Iridium
IridiumIridium
IridiumVASS Yukon
 
Information Warfare
Information WarfareInformation Warfare
Information Warfaredibyendupaul
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscapeyohansurya2
 
Report of android hacking
Report of android hackingReport of android hacking
Report of android hackingdiv2345
 
Umts explained
Umts explainedUmts explained
Umts explainedassinha
 

Recommandé

Encryption & interception of communication
Encryption & interception of communicationEncryption & interception of communication
Encryption & interception of communicationUc Man
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1Manu Mathew Cherian
 
Intelligence Collection and Analysis
Intelligence Collection and AnalysisIntelligence Collection and Analysis
Intelligence Collection and Analysisatrantham
 
Iridium
IridiumIridium
IridiumVASS Yukon
 
Information Warfare
Information WarfareInformation Warfare
Information Warfaredibyendupaul
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscapeyohansurya2
 
Report of android hacking
Report of android hackingReport of android hacking
Report of android hackingdiv2345
 
Umts explained
Umts explainedUmts explained
Umts explainedassinha
 
Data Protection in India
Data Protection in IndiaData Protection in India
Data Protection in IndiaHome
 
Difference between Cyber and digital Forensic.pptx
Difference between Cyber and digital Forensic.pptxDifference between Cyber and digital Forensic.pptx
Difference between Cyber and digital Forensic.pptxApplied Forensic Research Sciences
 
How cell phone work?
How cell phone work?How cell phone work?
How cell phone work?kgaurav113
 
Wired and Wireless Network Forensics
Wired and Wireless Network ForensicsWired and Wireless Network Forensics
Wired and Wireless Network ForensicsSavvius, Inc
 
Spread spectrum
Spread spectrumSpread spectrum
Spread spectrumRUpaliLohar
 
ISDN
ISDNISDN
ISDNSingh_Trn
 
A brief Intro to Digital Forensics
A brief Intro to Digital ForensicsA brief Intro to Digital Forensics
A brief Intro to Digital ForensicsManik Bhola
 
Mobile Phone Seizure Guide by Raghu Khimani
Mobile Phone Seizure Guide by Raghu KhimaniMobile Phone Seizure Guide by Raghu Khimani
Mobile Phone Seizure Guide by Raghu KhimaniDr Raghu Khimani
 
Network Fundamentals – Chapter 1
Network Fundamentals – Chapter 1Network Fundamentals – Chapter 1
Network Fundamentals – Chapter 1Sachii Dosti
 
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...Qazi Anwar
 
Umts(3g)
Umts(3g)Umts(3g)
Umts(3g)aroosa khan
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensicsprimeteacher32
 
Session 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj YunosSession 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj YunosCommonwealth Telecommunications Organisation
 
Telecommunication
TelecommunicationTelecommunication
TelecommunicationVIJAYABASKAR PS
 
Hackers
HackersHackers
HackersMahmoud Saeed
 
Global system for mobile communication(GSM)
Global system for mobile communication(GSM)Global system for mobile communication(GSM)
Global system for mobile communication(GSM)Jay Nagar
 
Cyber Laws In Pakistan
Cyber Laws In PakistanCyber Laws In Pakistan
Cyber Laws In PakistanTaha Mehmood
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to securityMostafa Elgamala
 
A quick introduction to The Things Network
A quick introduction to The Things NetworkA quick introduction to The Things Network
A quick introduction to The Things NetworkMark Stanley
 
Telecommunication
TelecommunicationTelecommunication
Telecommunicationshahryarshahzad
 
Privacy and personal information
Privacy and personal informationPrivacy and personal information
Privacy and personal informationUc Man
 
Dhcp in linux
Dhcp in linuxDhcp in linux
Dhcp in linuxUc Man
 

Contenu connexe

Tendances

Data Protection in India
Data Protection in IndiaData Protection in India
Data Protection in IndiaHome
 
How cell phone work?
How cell phone work?How cell phone work?
How cell phone work?kgaurav113
 
Wired and Wireless Network Forensics
Wired and Wireless Network ForensicsWired and Wireless Network Forensics
Wired and Wireless Network ForensicsSavvius, Inc
 
A brief Intro to Digital Forensics
A brief Intro to Digital ForensicsA brief Intro to Digital Forensics
A brief Intro to Digital ForensicsManik Bhola
 
Mobile Phone Seizure Guide by Raghu Khimani
Mobile Phone Seizure Guide by Raghu KhimaniMobile Phone Seizure Guide by Raghu Khimani
Mobile Phone Seizure Guide by Raghu KhimaniDr Raghu Khimani
 
Network Fundamentals – Chapter 1
Network Fundamentals – Chapter 1Network Fundamentals – Chapter 1
Network Fundamentals – Chapter 1Sachii Dosti
 
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...Qazi Anwar
 
Global system for mobile communication(GSM)
Global system for mobile communication(GSM)Global system for mobile communication(GSM)
Global system for mobile communication(GSM)Jay Nagar
 
Cyber Laws In Pakistan
Cyber Laws In PakistanCyber Laws In Pakistan
Cyber Laws In PakistanTaha Mehmood
 
A quick introduction to The Things Network
A quick introduction to The Things NetworkA quick introduction to The Things Network
A quick introduction to The Things NetworkMark Stanley
 

Tendances (20)

Data Protection in India
Data Protection in IndiaData Protection in India
Data Protection in India
 
Difference between Cyber and digital Forensic.pptx
Difference between Cyber and digital Forensic.pptxDifference between Cyber and digital Forensic.pptx
Difference between Cyber and digital Forensic.pptx
 
How cell phone work?
How cell phone work?How cell phone work?
How cell phone work?
 
Wired and Wireless Network Forensics
Wired and Wireless Network ForensicsWired and Wireless Network Forensics
Wired and Wireless Network Forensics
 
Spread spectrum
Spread spectrumSpread spectrum
Spread spectrum
 
ISDN
ISDNISDN
ISDN
 
A brief Intro to Digital Forensics
A brief Intro to Digital ForensicsA brief Intro to Digital Forensics
A brief Intro to Digital Forensics
 
Mobile Phone Seizure Guide by Raghu Khimani
Mobile Phone Seizure Guide by Raghu KhimaniMobile Phone Seizure Guide by Raghu Khimani
Mobile Phone Seizure Guide by Raghu Khimani
 
Network Fundamentals – Chapter 1
Network Fundamentals – Chapter 1Network Fundamentals – Chapter 1
Network Fundamentals – Chapter 1
 
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
 
Umts(3g)
Umts(3g)Umts(3g)
Umts(3g)
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensics
 
Session 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj YunosSession 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj Yunos
 
Telecommunication
TelecommunicationTelecommunication
Telecommunication
 
Hackers
HackersHackers
Hackers
 
Global system for mobile communication(GSM)
Global system for mobile communication(GSM)Global system for mobile communication(GSM)
Global system for mobile communication(GSM)
 
Cyber Laws In Pakistan
Cyber Laws In PakistanCyber Laws In Pakistan
Cyber Laws In Pakistan
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to security
 
A quick introduction to The Things Network
A quick introduction to The Things NetworkA quick introduction to The Things Network
A quick introduction to The Things Network
 
Telecommunication
TelecommunicationTelecommunication
Telecommunication
 

En vedette

Privacy and personal information
Privacy and personal informationPrivacy and personal information
Privacy and personal informationUc Man
 
Dhcp in linux
Dhcp in linuxDhcp in linux
Dhcp in linuxUc Man
 
Professionalism
ProfessionalismProfessionalism
ProfessionalismUc Man
 
Manual de Buenas Prácticas en Movilidad Virtual
Manual de Buenas Prácticas en Movilidad VirtualManual de Buenas Prácticas en Movilidad Virtual
Manual de Buenas Prácticas en Movilidad VirtualCesar Barletta
 
Professional ethics in_computing
Professional ethics in_computingProfessional ethics in_computing
Professional ethics in_computingUc Man
 
Freedom of speech
Freedom of speechFreedom of speech
Freedom of speechUc Man
 
Encryption presentation final
Encryption presentation finalEncryption presentation final
Encryption presentation finaladrigee12
 

En vedette (12)

Privacy and personal information
Privacy and personal informationPrivacy and personal information
Privacy and personal information
 
Dhcp in linux
Dhcp in linuxDhcp in linux
Dhcp in linux
 
Professionalism
ProfessionalismProfessionalism
Professionalism
 
Manual de Buenas Prácticas en Movilidad Virtual
Manual de Buenas Prácticas en Movilidad VirtualManual de Buenas Prácticas en Movilidad Virtual
Manual de Buenas Prácticas en Movilidad Virtual
 
Professional ethics in_computing
Professional ethics in_computingProfessional ethics in_computing
Professional ethics in_computing
 
Data encryption
Data encryptionData encryption
Data encryption
 
Freedom of speech
Freedom of speechFreedom of speech
Freedom of speech
 
Cryptography
CryptographyCryptography
Cryptography
 
Encryption
EncryptionEncryption
Encryption
 
DES
DESDES
DES
 
Encryption presentation final
Encryption presentation finalEncryption presentation final
Encryption presentation final
 
Jugbd meet up 6
Jugbd meet up 6Jugbd meet up 6
Jugbd meet up 6
 

Similaire à Encryption & interception of communication

Tor project and Darknet Report
Tor project and Darknet ReportTor project and Darknet Report
Tor project and Darknet ReportAhmed Mater
 
Chapter2
Chapter2Chapter2
Chapter2Pibi Lu
 
2009: Voice Security And Privacy (Security Summit - Milan)
2009: Voice Security And Privacy (Security Summit - Milan)2009: Voice Security And Privacy (Security Summit - Milan)
2009: Voice Security And Privacy (Security Summit - Milan)Fabio Pietrosanti
 
TSCM Overview for Stakeholders
TSCM Overview for StakeholdersTSCM Overview for Stakeholders
TSCM Overview for Stakeholderskevinwetzel
 
Cyber Crime Investigation
Cyber Crime InvestigationCyber Crime Investigation
Cyber Crime InvestigationHarshita Ved
 
Electronic Surveillance Of Communications 100225
Electronic Surveillance Of Communications 100225Electronic Surveillance Of Communications 100225
Electronic Surveillance Of Communications 100225Klamberg
 
Electronic Surveillance of Communications 100225
Electronic Surveillance of Communications 100225Electronic Surveillance of Communications 100225
Electronic Surveillance of Communications 100225Klamberg
 
A brief look at Cyber security
A brief look at Cyber securityA brief look at Cyber security
A brief look at Cyber securityNabarun Sarkar
 
Historical genesis and evolution of cyber crimes new
Historical genesis and evolution of cyber crimes newHistorical genesis and evolution of cyber crimes new
Historical genesis and evolution of cyber crimes newDr. Arun Verma
 
Digital Repression and Techno-Authoritarianism
Digital Repression and Techno-AuthoritarianismDigital Repression and Techno-Authoritarianism
Digital Repression and Techno-AuthoritarianismCharles Mok
 
Electronic surveillance has become a controversial practice in the U.docx
Electronic surveillance has become a controversial practice in the U.docxElectronic surveillance has become a controversial practice in the U.docx
Electronic surveillance has become a controversial practice in the U.docxshandicollingwood
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionSean Whalen
 
Tor Project and The Darknet
Tor Project and The DarknetTor Project and The Darknet
Tor Project and The DarknetAhmed Mater
 
Us legislation authorizing wiretapping
Us legislation authorizing wiretappingUs legislation authorizing wiretapping
Us legislation authorizing wiretappingAngela Strudwick
 

Similaire à Encryption & interception of communication (20)

PC213.L3.pdf
PC213.L3.pdfPC213.L3.pdf
PC213.L3.pdf
 
Tor project and Darknet Report
Tor project and Darknet ReportTor project and Darknet Report
Tor project and Darknet Report
 
Chapter2
Chapter2Chapter2
Chapter2
 
28658043 cyber-terrorism
28658043 cyber-terrorism28658043 cyber-terrorism
28658043 cyber-terrorism
 
2009: Voice Security And Privacy (Security Summit - Milan)
2009: Voice Security And Privacy (Security Summit - Milan)2009: Voice Security And Privacy (Security Summit - Milan)
2009: Voice Security And Privacy (Security Summit - Milan)
 
TSCM Overview for Stakeholders
TSCM Overview for StakeholdersTSCM Overview for Stakeholders
TSCM Overview for Stakeholders
 
Cyber Crime Investigation
Cyber Crime InvestigationCyber Crime Investigation
Cyber Crime Investigation
 
Electronic Surveillance Of Communications 100225
Electronic Surveillance Of Communications 100225Electronic Surveillance Of Communications 100225
Electronic Surveillance Of Communications 100225
 
Electronic Surveillance of Communications 100225
Electronic Surveillance of Communications 100225Electronic Surveillance of Communications 100225
Electronic Surveillance of Communications 100225
 
A brief look at Cyber security
A brief look at Cyber securityA brief look at Cyber security
A brief look at Cyber security
 
Historical genesis and evolution of cyber crimes new
Historical genesis and evolution of cyber crimes newHistorical genesis and evolution of cyber crimes new
Historical genesis and evolution of cyber crimes new
 
Digital Repression and Techno-Authoritarianism
Digital Repression and Techno-AuthoritarianismDigital Repression and Techno-Authoritarianism
Digital Repression and Techno-Authoritarianism
 
Electronic surveillance has become a controversial practice in the U.docx
Electronic surveillance has become a controversial practice in the U.docxElectronic surveillance has become a controversial practice in the U.docx
Electronic surveillance has become a controversial practice in the U.docx
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and Encryption
 
Tor Project and The Darknet
Tor Project and The DarknetTor Project and The Darknet
Tor Project and The Darknet
 
Cyberterrorismv1
Cyberterrorismv1Cyberterrorismv1
Cyberterrorismv1
 
551 2006 3
551 2006 3551 2006 3
551 2006 3
 
NCSC Speaker
NCSC Speaker NCSC Speaker
NCSC Speaker
 
Sec Wars Episode 3
Sec Wars Episode 3Sec Wars Episode 3
Sec Wars Episode 3
 
Us legislation authorizing wiretapping
Us legislation authorizing wiretappingUs legislation authorizing wiretapping
Us legislation authorizing wiretapping
 

Plus de Uc Man

Unit 3 maintain yourself in professional practice
Unit 3 maintain yourself in professional practiceUnit 3 maintain yourself in professional practice
Unit 3 maintain yourself in professional practiceUc Man
 
Unit 3 maintain yourself in professional practice
Unit 3 maintain yourself in professional practiceUnit 3 maintain yourself in professional practice
Unit 3 maintain yourself in professional practiceUc Man
 
Course outline pp_2
Course outline pp_2Course outline pp_2
Course outline pp_2Uc Man
 
Unit 3 maintain yourself in professional practice
Unit 3 maintain yourself in professional practiceUnit 3 maintain yourself in professional practice
Unit 3 maintain yourself in professional practiceUc Man
 
Course outline pp_2
Course outline pp_2Course outline pp_2
Course outline pp_2Uc Man
 
System and network administration network services
System and network administration network servicesSystem and network administration network services
System and network administration network servicesUc Man
 
Unit 3 maintain yourself in professional practice
Unit 3 maintain yourself in professional practiceUnit 3 maintain yourself in professional practice
Unit 3 maintain yourself in professional practiceUc Man
 
Pro in the_workplace2
Pro in the_workplace2Pro in the_workplace2
Pro in the_workplace2Uc Man
 
Effective time-management
Effective time-managementEffective time-management
Effective time-managementUc Man
 
Digital divide
Digital divideDigital divide
Digital divideUc Man
 
Course outline pp
Course outline ppCourse outline pp
Course outline ppUc Man
 
Computer crime
Computer crimeComputer crime
Computer crimeUc Man
 
Maintain yourself in professional practice
Maintain yourself in professional practiceMaintain yourself in professional practice
Maintain yourself in professional practiceUc Man
 
Time management
Time managementTime management
Time managementUc Man
 
Time management,planning and prioritization
Time management,planning and prioritizationTime management,planning and prioritization
Time management,planning and prioritizationUc Man
 
Student attendancereportofit 105(a)
Student attendancereportofit 105(a)Student attendancereportofit 105(a)
Student attendancereportofit 105(a)Uc Man
 
Personal effectiveness
Personal effectivenessPersonal effectiveness
Personal effectivenessUc Man
 
Professional context of ICT (Need of professionalism)
Professional context of ICT (Need of professionalism) Professional context of ICT (Need of professionalism)
Professional context of ICT (Need of professionalism) Uc Man
 
Ethics and professionalism
Ethics and professionalismEthics and professionalism
Ethics and professionalismUc Man
 
Effective time-management
Effective time-managementEffective time-management
Effective time-managementUc Man
 

Plus de Uc Man (20)

Unit 3 maintain yourself in professional practice
Unit 3 maintain yourself in professional practiceUnit 3 maintain yourself in professional practice
Unit 3 maintain yourself in professional practice
 
Unit 3 maintain yourself in professional practice
Unit 3 maintain yourself in professional practiceUnit 3 maintain yourself in professional practice
Unit 3 maintain yourself in professional practice
 
Course outline pp_2
Course outline pp_2Course outline pp_2
Course outline pp_2
 
Unit 3 maintain yourself in professional practice
Unit 3 maintain yourself in professional practiceUnit 3 maintain yourself in professional practice
Unit 3 maintain yourself in professional practice
 
Course outline pp_2
Course outline pp_2Course outline pp_2
Course outline pp_2
 
System and network administration network services
System and network administration network servicesSystem and network administration network services
System and network administration network services
 
Unit 3 maintain yourself in professional practice
Unit 3 maintain yourself in professional practiceUnit 3 maintain yourself in professional practice
Unit 3 maintain yourself in professional practice
 
Pro in the_workplace2
Pro in the_workplace2Pro in the_workplace2
Pro in the_workplace2
 
Effective time-management
Effective time-managementEffective time-management
Effective time-management
 
Digital divide
Digital divideDigital divide
Digital divide
 
Course outline pp
Course outline ppCourse outline pp
Course outline pp
 
Computer crime
Computer crimeComputer crime
Computer crime
 
Maintain yourself in professional practice
Maintain yourself in professional practiceMaintain yourself in professional practice
Maintain yourself in professional practice
 
Time management
Time managementTime management
Time management
 
Time management,planning and prioritization
Time management,planning and prioritizationTime management,planning and prioritization
Time management,planning and prioritization
 
Student attendancereportofit 105(a)
Student attendancereportofit 105(a)Student attendancereportofit 105(a)
Student attendancereportofit 105(a)
 
Personal effectiveness
Personal effectivenessPersonal effectiveness
Personal effectiveness
 
Professional context of ICT (Need of professionalism)
Professional context of ICT (Need of professionalism) Professional context of ICT (Need of professionalism)
Professional context of ICT (Need of professionalism)
 
Ethics and professionalism
Ethics and professionalismEthics and professionalism
Ethics and professionalism
 
Effective time-management
Effective time-managementEffective time-management
Effective time-management
 

Dernier

Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...amitlee9823
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756dollysharma2066
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangaloreamitlee9823
 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxAndy Lambert
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...Paul Menig
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Roland Driesen
 
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...anilsa9823
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageMatteo Carbone
 
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒anilsa9823
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.Aaiza Hassan
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...rajveerescorts2022
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayNZSG
 
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Delhi Call girls
 
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Lviv Startup Club
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyEthan lee
 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfAdmir Softic
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsP&CO
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Dave Litwiller
 

Dernier (20)

unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptx
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...
 
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usage
 
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
 
Forklift Operations: Safety through Cartoons
Forklift Operations: Safety through CartoonsForklift Operations: Safety through Cartoons
Forklift Operations: Safety through Cartoons
 
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
 
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and pains
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
 

Encryption & interception of communication

  • 1. A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 1 Social, Legal, and Ethical Issues for Computers and the Internet Encryption and Interception of Communications
  • 2. A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 2 A Gift of Fire Encryption and Interception of Communications Overview of the Controversies Intercepting Communications Cryptography and Its Uses Encryption Policy: Access to Software, Keys, and Plaintext Fundamental Issues
  • 3. A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 3 Overview of the Controversies Communications Privacy Affected by: Interception of communications, including: • Telephone, E-mail, and Web activity. Restrictions on secure encryption. • Exportation of strong encryption was viewed as a threat to national security. CALEA (Communications Assistance for Law Enforcement Act). • Communications technology must assist law enforcement. Global surveillance systems. • The constitutionality of domestic systems and the necessity of international systems are under question.
  • 4. A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 4 Intercepting Communications Wiretapping Telephone: • Pre-1934: used widely by government, businesses, and private sector. • 1934: the Federal Communications Act disallowed unauthorized wiretaps; many ignored the law. • 1968: the Omnibus Crime Control and Safe Streets Act restricted wiretapping by requiring a court order. Q: Can law enforcement intercept communications without a court order?
  • 5. A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 5 … Yes…in an emergency. A device called a “pen register” and a “trap and trace” can be used to determine the telephone numbers called or the number from which a call is made. These do not require as much court scrutiny and justification as intercepting the contents of a call.
  • 6. A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 6 Intercepting Communications Wiretapping New Technologies: • 1986: Electronic Communications Privacy Act (ECPA) and its amendments restricted government interception of e-mail, cell-phones, etc.. • 2001: USA Patriot Act loosened restrictions on government wiretapping and communications interception. Q: Does the USA Patriot Act supersede ECPAs restrictions?
  • 7. A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 7 Intercepting Communications Designing Communications Systems for Interception and Tracking Obstacles to interception: • Incomplete pen-registers as a result of long distance service. • Packet-mode communications (e-mail, file transfers, Internet phones). Solutions: • CALEA: Requires telecommunications equipment be designed to ensure interception by law enforcement (with court order). Q: Why did privacy advocates object to CALEA?
  • 8. A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 8 … Privacy advocates argued that finding packet based items allowed the government to go beyond what was necessary. They objected to the increased authority to get numbers entered after the initial phone call was made. These numbers might be account numbers, passwords, PIN’s, and so forth.
  • 9. A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 9 Intercepting Communications Designing Communications Systems for Interception and Tracking (cont’d) CALEA • Costs include modified hardware, software, and overuse by authorities. (500,000,000!!!) • Wiretappable systems vulnerable to criminal hacking, industrial spies, etc.. • Competition weakened due to restricted changes and diversities. Q: CALEA allows for the interception of PINs. Do you support this use?
  • 10. A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 10 Intercepting Communications Carnivore FBI’s system to intercept e-mail with a court order. • Pro: Law enforcement needs this tool to fight crime. • Con: All e-mail goes through FBI’s Carnivore system. Q: Does Carnivore violate the 4th Amendment? The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
  • 11. A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 11 Intercepting Communications NSA and Echelon NSA (National Security Agency): • Collects and analyzes communications to find threats to national security. Echelon: • Member nations intercept communications for each other. It checks Telephone conversations, e-mails, and downloads of targeted suspects. Q: Should the NSA be permitted to intercept all e-mail entering and leaving the U.S.?
  • 12. A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 12 Cryptography and Its Uses Cryptography Definition: • Hiding data in plain sight. Terms: • Plaintext: Original, readable message or data. • Cyphertext: Modified, unreadable message or data. • Encryption: The act of converting plaintext into cyphertext. • Decryption: The act of reverting cyphertext back to readable, plaintext. Q: Are there other ways to hide a message in plain sight?
  • 13. A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 13 Cryptography and Its Uses Public Key Cryptography How it works: • User creates a mathematically-related key pair (public and private keys). • Public keys are shared publicly; private keys are kept secret. • Public keys are used to encrypt message or data. • Private keys are used to decrypt message or data. Benefits: • No secret keys need be shared or transmitted. • Very secure. Q: How does key-size affect the ‘strength’ of encryption?
  • 14. A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 14 … The larger the key size, the more possible keys there are. If a 40-bit key is used, there are 2^40, or more than a trillion possible keys. We now use 512-bit keys.
  • 15. A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 15 Cryptography and Its Uses Encryption Used by: • Military personnel. • Financial institutions. • Human-rights activists. • Government agencies. • Anyone wanting to keep messages or data private. Q: Why are strong encryption tools needed by human-rights activists?
  • 16. A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 16 Human Rights and the use of Cryptography `There has been no time that human rights concerns have been more visible than recent years as networks of local and international activists bring abuses to light. Global integration of telephone and fax lines are a direct cause.' (PoKempner, 1997) By providing quick and cheap communications and access to any kind of information, the Internet is the first truly interactive mass medium. It is not only used for fun and commercial purposes by the `consumers' but also used by those campaigning against human rights abuses. There are many organizations dealing with human rights abuses all around the world and these organizations do use the Internet to communicate with their members or with dissident groups. Before the governments can suppress the dissemination of critical writings, and reports, the authors can distribute their work through the Internet outside repressive regimes. It is well known that the Burmese dissidents(3) or the Mexican Zapatistas use the Internet to communicate with the rest of the world . It is critical and vital for human rights activists, political dissidents, and whistle blowers throughout the world to facilitate confidential communications free from government or any other intrusion. Strong encryption is the only answer for this problem .
  • 17. A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 17 Cryptography and Its Uses Steganography Definition: • Hiding data so that its existence is not known. Examples: • Digital watermarks. • Hiding text in image files. Used by: • Military, • Publishers, • Anyone wishing to hide messages or data.
  • 18. A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 18 Encryption Policy: Access to Software, Keys, and Plaintext Secrecy and Export Controls Control of Secrecy • The NSA designs unbreakable codes for the U.S. government. • The NSA attempts to break codes used by other governments. • In the past, the NSA also controlled the funding for and publishing of cryptographic research. Control of Exportation • Early U.S. policy prevented the exportation of strong encryption. • Meanwhile, foreign production and use of strong encryption negatively impacted U.S. competition in the world market. • Cryptographic researchers, privacy advocates, and others successfully challenged exportation restrictions. Q: Why did the U.S. government insist on controlling export of strong crypto?
  • 19. A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 19 … The government argued that the export prohibition was necessary to keep strong encryption from terrorist and enemy governments.
  • 20. A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 20 Encryption Policy: Access to Software, Keys, and Plaintext Domestic Encryption Key Escrow • Third-party (some organization other than the user) entrusted with non-public encryption keys. Problem…the government could get access with a court order. Real-time Access to Plaintext • Immediate decryption of encrypted data. • Long-time goal of the FBI. Key Recovery • The ability to recover encrypted files if necessary. • Used by some businesses. Q: Should key recovery systems be voluntary or compulsory?
  • 21. A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 21 … Businesses often want key recovery…if an employee is not available and someone else must read encrypted files…problem. The government argued to make key recovery compulsory so that law enforcement agencies would be able to obtain messages and have them decoded by escrow agents by using search warrants and court orders.
  • 22. A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 22 Fundamental Issues Role of Secrecy U.S. Policy Keeps Secret: • Cryptographic research. • Wiretap ease or difficulty. • Encryption algorithms. • Software (e.g. Carnivore). • Global endeavors (e.g. Echelon). Problems: • Secret algorithms cannot be tested by experts. • ‘Backdoors’ might exist. • NSA-influenced wiretap and encryption exportation bills. Why? Disclosing this information can help criminals and terrorists!
  • 23. A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 23 Fundamental Issues The Ever-changing Status Quo Past: • Simple codes and cyphers. Present: • 512-bit RSA encryption. • AES (Advanced Encryption Standard). Future: • Quantum computing. • Quantum cryptography. Q: Today, do coders or decoders have the upper hand?
  • 24. A Gift of Fire, 2ed Chapter 3: Encryption and Interception of Communications 24 Fundamental Issues Trust in Government Appropriate or Abusive? • Wiretapping by FBI and local police. • Wiretapping by NSA. • Strong encryption restrictions. • Roving wiretaps. • Cell-phone tracking (and E-911). • Key logger systems. • Development of a nationwide standard for surveillance.