Government and Cryptography Sandy Kutin CSPP 532 8/14/01.
-
Upload
miranda-hampton -
Category
Documents
-
view
215 -
download
0
Transcript of Government and Cryptography Sandy Kutin CSPP 532 8/14/01.
Government and Cryptography
Sandy KutinCSPP 5328/14/01
We, the people, ...
How, and why, does government get involved in cryptography?
Role of government: Establish justice Ensure domestic tranquility Provide for the common defense Promote the general welfare Secure the blessings of liberty to ourselves and
our posterity
in order to form...
Provide for the common defense National Security: Import/export restrictions
Ensure domestic tranquility Law enforcement: Key escrow
Secure the blessings of liberty Encryption does this through confidentiality Government restrictions can be restrictive
a more perfect union
Establish justice Contract law: what is a signature? Digital copyright laws, patent law
Balance rights of software/hardware companies, content providers with rights of consumers
Standard or approved algorithmsLegal standardsAlso affects national security: infrastructurePromote the general welfare
Dan Bernstein vs.the Department of Justice
In 1990, Dan Bernstein wrote a paper Showed how to use one-way hashes for
encryption; included source code
1992: tried to get permission to publish1995: with EFF, sued the governmentCase is still being appealedMay be made irrelevant by changes to the
export laws
Current Export Laws
January, 2000: U.S. eased restrictions: Can’t export cryptanalytic materials Strong products exportable with a license Exports not allowed to Cuba, Iran, Iraq, Libya, North
Korea, Syria, Sudan Posting on web sites could still be a problem
Europe is less restrictiveWassenaar agreement:
DES decontrolled, stronger systems controlled
Pros & Cons
Harder for terrorists to get sensitive material
NSA keeps its edgeNow, U.S. companies
can compete
Approval process complicated
“Bad guys will have crypto anyway”
Infringes on free speech, academics
Key Escrow
Technical issues: secret-sharing schemesClipper (voice), Capstone (data)
Algorithm is Skipjack, designed by NSA Each chip has a unit key, KU, held in escrow
Law Enforcement Access Field (LEAF):session key encrypted with KU
U encrypted with KF (fixed key)
16-bit checksum; invalid LEAFs disallowed
Proposal never really caught on
American Standards
Government standards: AES, SHA, HMAC Helps large companies choose secure
systems, defend national infrastructure Bank doesn’t care whether NSA can break in If you don’t trust government, don’t use them
What key length corresponds to “beyond reasonable doubt”? Expert witnesses, or government standards?
What’s your sign?
What is a signature?Electronic Signatures in Global and
National Commerce Act (E-Sign) Contract can’t be rejected because it’s digital Doesn’t apply to checks, wills, court filings, …
Problem: as we’ve said, there are lots of ways to attack a digital signature scheme
Courts will work this out, eventually
Divorce in Dubai
Divorce in traditional Islamic law: Husband makes declaration to wife Let’s avoid religious argument; assume we live
in a country in which this is the rule
Dubai (in United Arab Emirates): 16 recent divorces by cell phone text message
Singapore, last week: Islamic authorities declared such divorces illegal Issues of authentication
©: All Rights Reserved?
Can someone copyright encryption?Can you reverse-engineer your own hardware
or software?What if encryption, digital watermarks interfere
with fair use?Digital Millenium Copyright Act (DMCA)
1998: Work which could be used for copyright violation is an illegal “circumvention device”
We’ll look at a few cases
DVD encryption: theory
Decryption key stored on DVD Not directly accessible by player But: piracy easy (copy DVD, key included)
2-way authentication with player’s key Each player uses one of 408 keys If one player is compromised, phase it out of future
releases
How secure is it?What if I want a Linux player?
DVD encryption: practice
40-bit keysOne player was weak, key was broken
Weakness just made attack even faster
Scheme published; 216 attack foundCan break encryption in 20 secondsMPAA prosecuting people who write,
distribute tools to break encryptionLast week: Pavlovich (lost jurisdiction battle)
Felten vs. SDMI
1999: Secure Digital Music Initiative Record companies, RIAA, some techs Verance Corp. developed watermarking
9/00: SDMI announces hack challenge11/00: Fentel et al. (Princeton, Rice)Broke the encryption; decided to publishAccepted for April conference, then pulledSlated for tomorrow at USENIX
eBooks
eBooks: convenient, easy to use, but easy to copy; publishers nervous
Adobe provides a solution: locking Pro: can’t make illegal copies Con: fair use: extra copies, excerpts, resale
You can resell or upgrade computers, but you have to contact the publisher
What if the publisher no longer exists?
Adobe vs. Sklyarov
Elcomsoft (Russian) broke encryption Legal in Russia; right to make backup PhD student Dmitry Sklyarov wrote code Elcomsoft sold 7 copies in US
7/17: FBI arrested Sklyarov in Las VegasAdobe has since dropped suit, but Sklyarov
still charged with federal crimeSklyarov released on bail last week
Around the World
European Software Directive (1993) User has right to make back-up Reverse-engineering permitted if it is
“indispensable” for the purpose of achieving interoperability; may not be used to infringe copyright or conflict with the program owner’s “legitimate interests”
Canada working on a DMCA-like law
Recommended Reading
Discrete Logarithms, Diffie-Hellman Stallings, Section 6.4
Elliptic Curves Stallings, Section 6.5
Import/Export Laws http://www.rsa.com/rsalabs/faq/
DMCA cases http://www.eff.org/