NETWORKS AND COMMUNITY : feb 25, 1994 Networks and Community is devoted to encouraging LOCAL resource creation & GLOBAL resource sharing. The 10th report of 1994 is the 16th weekly survey. ------------------------------------------------- This special issue is devoted to a discussion of several U.S. government proposals to eliminate privacy for the average citizen, including all users of the Internet and the phone system. I will attempt to show that the Internet related proposal is so flawed technically as to endanger the security of the country and that the other proposals contribute to a possible loss of liberty for all citizens. While I am not a resident of the United States, I am an active user of the internet and a promoter of its global utilization. In particular as a advocate of civic networks I feel compelled to point out how U.S. regulations and legislation will impact both the U.S and other nations. LEGISLATION =========== The U.S. government, through the actions of various police and intelligence agencies is undertaking a fundamental revision of the traditional role of the state in the western industrial world . Many of its activities related to privacy are being debated or contested by users of the Internet. Many others are not. Some of its efforts along this line have already been prevented by an aware Congress. Hopefully the current crop will all be given a very thorough examination; and where they lack merit - will be rejected. Of particular note among the already rejected efforts is the legislative proposal introduced in January of 1993 by Robert Solomon (R-NY). His bill, HR380, would have required intelligence committee members and their staff to submit to random polygraph testing to prevent unauthorized disclosure of matters being considered by the committee. The bill was rejected because it inverted the traditional role of Congress and the Federal Agencies. It would have made congress subject to the decisions of individuals who's only claim to representation of public it the fact that they were public employees. This week's arrest of Mr. Ames shows that mere employment - even employment that requires regular submission to polygraph testing - is no guarantee of loyalty to the best interests of the country. Readers may recall that 2 weeks ago I raised exactly this issue of the corruptibility of Intelligence staff in my discussion of the clipper chip proposal. Particularly noteworthy in the Ames case is the small amount of money alleged to have been required to gain Mr. Ames assistance for Russia. He may have been paid a princely $150,000 a year for his efforts. That sum isn't even a drop in the bucket for any country or reasonable sized business. For that pittance he is alleged to have compromised the entire overseas intelligence network of the U.S. He may not have been the first official in his position to have compromised U.S. intelligence. James Jesus Angleton, head of U.S. counterintelligence for nearly 30 years, was removed from office under a similar cloud of suspicion. I will return to the issue of Mr. Angleton's removal at the end of this report. FLAWS IN THE CLIPPER CHIP PROPOSAL The clipper chip proposal suffers from numerous flaws. The most devastating are technical. The most worrisome would result from the consequences of its implementation. TECHNICAL This proposal is based on the use of a "split key encryption system". Such systems are not uncrackable. Instead they are time consuming to crack. But every set of keys is crackable by a well known approach, given enough time. The security the system provides lies in the technical fact that the average time to crack such a set of keys with a particular computer is currently many years. This does not mean that some keys won't be randomly cracked in a few minutes. That can happen. Its just that on average the time required might be many years. Such a system normally permits the user to choose any key and to change keys as often as the user desires. The adminstration's proposal freezes the key once its chosen. The ability to change keys provides the user with an additional guarantee that even if his prior key was broken - his new key will offer some assurance of privacy for a time. The ability to choose any key permits the user to make his key longer as the technical means of key cracking improves. The longer the key the more time it takes to crack. By freezing the key length and value the NSA provided proposal guarantees that any country or company with sufficient money will soon be able to crack any key rapidly. The problem is simple - we are moving into an era of mutli-cpu computers and of course the rate of change in computational power is not slowing either. The administration reports that the current scheme will take an average of 35 years to crack. That's well and good - but they do not report which computer chip that estimate was based on. Assuming the fastest available chip was used; all that is needed to turn the problem into just one days work, is a bank of 35 x 365 computers - or 12,775 computers. But wait. Machines are now on the market that incorporate from 1,000 to 64 thousand cpu chips in a single [ relatively inexpensive ] system. The 64k cpu system could crack the code in about 3 hours on average. In addition current lab systems using optical computing elements look like they will provide a 1,000 fold increase in power within the next 5 years. That would take the current scheme and make it possible for a 64Kcpu system to crack the codes in under 1 second. So any foreign nation or large corporation with some money and some technical skill could just capture as much traffic as feasible and then save it for a few years before being able to examine it at will. This saving of old traffic has already been done and proved useful by the allies. They found material captured during the second world war and then stored; to be of use even decades later. At the same time those nasties could systematicly attack the codes used by their major competitors or rivals. You know, 3 hours and you've got all the IBM traffic another 3 hours and you've cracked the White House flows. This flaw is fundamental to the proposal. But other problems of a technical nature also exist. 1. Where are the keys kept. The keys are to be kept with 2 separate agencies. Those agencies are unfortunately both vitally linked to the intelligence community. NIST has long acted as a front agency for the NSA. Its cover identity allows NSA staff to attend conferences without arousing suspicion from wary academics and business people. The current budget request an near doubling of the level of funding for NIST. TREASURY is the home of the Secret Service and INTERPOL. 2. How are the keys sent and received. They will be networked. So little wires will come out of the back of each black box. Its efficient, but since these devices will be kept in heavily guarded locations who will know just were the other connections on this network are. There could for instance be more than 2 boxes produces. None of us will ever be in a position to know. 3. Who will guarantee that the keys won't be captured in transit. They could be easily duplicated and sent to other machines. REBIRTH OF THE DOMESTIC INTELLIGENCE STATE These flaws are not trivial. But any scheme that attempts to meet both the needs of police and of the citizenry will be flawed. The danger lies in the natural tendency of policing agencies to suspect everyone. It comes with the territory. The problem is not new. In 1989, William W. Keller, on the staff of the congressional Office of Technical Assessment's program on international security - which was examining the problem of international terrorism, published an important study. His book is "The Liberals and J. Edgar Hoover - RISE AND FALL OF A DOMESTIC INTELLIGENCE STATE. He wrote it because he became fascinated by the history of counter terrorism work in the U.S. In it he articulately and carefully shows how a well intentioned FBI program to defend black civil rights in the south turned into the Legendary COINTELLPRO program. Congress dismantled the program once its excesses were exposed. That program did not go forward without high level approval. The highest level Justice official to approve it is now the U.S. Secretary of State. Mr. Keller closes his book with a warning that the domestic intelligence state could return. He points out that new technology will make it even harder to control if its starts up again. I think his warning was prescient and needs attention now. In the past both Congress and the White House have been subject to monitoring and manipulation by elements of the police and intelligence community. THE DANGER FOR CONGRESS During the Hoover years every phone in congress was taped. Hoover liked to greet freshman congresspersons and let it slip that he was privy to a conversation they recently had with someone in the Halls of congress. This trick was made possible by the phone taps. Someone calling an associate and reporting a conversation made this possible. It put the fear of Hoover and the mistrust of other congress people uppermost in the minds of a freshman. The information from taps was also used for planning on bills the community wanted passed over opposition. The Church committee hearings delved into these matters. Much was covered in closed sessions. The final public report sanitized the findings and reported that only 5 people had their phones tapped. Any congressperson with suitable clearances can examine the committee minutes in the classified stacks of the Library of Congress. But most current congressional reps don't have the clearances and were not serving at the time those hearings took place. So history gets lost and forgotten. At the very least Congress should not permit "low level" [ to use Mr. Gore's disingenuous description of those making decisions on the clipper chip proposal ] officials to choose its security system for data services. Each office would be best served by purchasing its own facilities. Preferably a software based system that was more generally usable. THE DANGER FOR THE WHITEHOUSE As the ensign Radford incident shows, - during the Nixon years - anxious members of the military were not beyond taping White House phones when they are uncomfortable with administration positions or actions. President Kennedy would have sensitive discussions while walking in the White House garden. He was convinced that his offices were tapped. THE DANGER FOR THE INTELLIGENCE COMMUNITY As the Ames case and the many that have gone before it show - information made secret for whatever reason, becomes the target of espionage. With the secrets of commerce and civic discourse available to the intelligence community they too will become targets. The next Mr. Ames will endanger far more the espionage establishment if the clipper chip proposal and its companion bills are passed. THE DANGER FOR INDUSTRY AND COMMERCE As I have previously pointed out. The intelligence and police communities are too easily corrupted to be trusted with the capacity to capture and reveal the private actions of American firms. The problem is that their work breeds cynicism. While most staff accept the cynicism and serve honourably; it only takes a few dishonest individuals to subvert the commercial future of the U.S. Those few having grown cynical, become greedy. The rest as they say is "history". THE DANGER FOR CIVIC DISCOURSE The right of citizens to work on legislation or to engage privately in any activity is paramount to a well functioning society. The tendency of police states to evolve - as Mr Keller warns - is a constant danger to the exercise of such rights by the citizenry. Traditional police work cracked the World Trade Center bombing. It will serve equally well in the future. WHAT ACTION CAN BE TAKEN TO PROMOTE NATIONAL SECURITY and PERSONAL OR COMMERCIAL PRIVACY The most appropriate action - after reject this bill and the companion bills on telecom and FBI rights to obtain personal records without a court hearing - is to encourage additional research on cryptographic security systems. The results should be incorporated in technology including software that is readily available. If the U.S. does not keep up with technical advances its capacity to both defend itself and compete commercially will be irreparably damaged. There are many promising areas for research in improved security systems. With a diversity of systems available it really does become possible to attempt to safeguard governmental, commercial and individual privacy. Many systems makes cracking more difficult. Modernizing systems also helps prevent intrusion. As anyone who has ever dealt with a virus on his system knows. The most unexpected things can turn up on your system. Unless you can defeat efforts to harm you or steal your secrets - you are vulnerable. Cryptography defeating systems will evolve just as readily as viruses. Only ongoing research will defeat these dangers. ANOTHER LESSON FROM THE PAST I mentioned the case of Mr Angleton earlier. There may be a lesson to be learned from it. Mr Angleton effectively disrupted the U.S. and allied intelligence communities for decades through his excessive paranoia and his incompetent methods. He was finally stopped when one official, Clare George, [ staff to the CIA ] wrote a report pointing out that it really didn't matter if Mr Angleton was sincere or a Soviet Mole. His behaviour was as disruptive as if he was in fact a mole. Mr George's report was acted on. Mr Angleton was retired, given a good pension, and other indications of the appreciation of a grateful republic. Perhaps the various groups responsible for this round of dangerous nonsense should also be examined. It just might be the case that they too deserve early retirement, a good pension, and the thanks of a grateful republic. ============================================== NETWORKS and COMMUNITY is a public service of FUTURE DATA; but this issue is entirely the responsibility of Sam Sternberg .