|
Cryptome DVDs are offered by Cryptome. Donate $25 for two DVDs of the Cryptome 12-years collection of 46,000 files from June 1996 to June 2008 (~6.7 GB). Click Paypal or mail check/MO made out to John Young, 251 West 89th Street, New York, NY 10024. The collection includes all files of cryptome.org, jya.com, cartome.org, eyeball-series.org and iraq-kill-maim.org, and 23,000 (updated) pages of counter-intelligence dossiers declassified by the US Army Information and Security Command, dating from 1945 to 1985.The DVDs will be sent anywhere worldwide without extra cost. | |||
The Walsh Report
CHAPTER 4
THE CONSEQUENCES FOR GOVERNMENT
4.1 Law Enforcement
4.1.1 Law enforcement agencies have no doubt the loss of real-time
access to the communications of their targets would represent a body-blow to
their investigative capacity. The cost-effectiveness of this means of
investigation is reported comprehensively in of the Report of the Review of
the Long Term Cost Effectiveness of Telecommunications Interception. 38
Agencies reiterated the key role which the interception of voice and data
communication continues to play in their investigations, illustrated this by
the number of cases brought to prosecution which relied on intercepted
communications to a significant degree and the proportion of these where no
alternative means of generating critical tactical intelligence was
available. The routine use of strong encryption to protect
telecommunications would reduce that role to a simple indication that
someone was using the service and, perhaps, the person with whom the speaker
or sender was communicating. Ways may become available to generate a
constant stream of traffic and limit even that conclusion.
4.1.2 Less concern was expressed at the encryption of stored data,
though numerous examples have already been encountered where law enforcement
agencies were unable to access the data and have had to return it unread.
The interval between search and seizure and the need then to produce
material in court or incorporate it into a brief of evidence would normally
allow sufficient time to decrypt if the encryption application was a soft
one or the key/password was available. In other instances, the only solution
would be a cryptanalytical one and there is no guarantee such would be
forthcoming - assuming the resources were available to try.
4.1.3 The issue of loss of real-time access to intercepted
communications is very different from the issue of cost-effectiveness of
interception, though there is a relationship. Because of the argued impact
which loss of real-time access to voice and data communications would
produce in tactical intelligence terms and in the security of evidence,
there is need for Ministers and senior officials to have a reliable
assessment of the operational, staffing, financial and legislative
implications for law enforcement and the protection of national security. On
the basis of those elements, an assessment of the risk exposure of agencies
and the Commonwealth in attempting to pursue similar law enforcement and
national security ends by alternative means should be prepared. The document
will clearly be sensitive and I propose it be submitted to the Secretary of
the Attorney-General's Department for presentation to the Secretaries
Committee on National Security. The submission should be completed by the
end of 1997 and be available to the further review of cryptographic policy
recommended for that time.
4.2 National Security
4.2.1 ASIO expressed similar views and just as strongly, particularly
where they affected investigations of a counter-terrorist, counter-espionage
or politically motivated violence kind. It is the flexibility, low risk,
relatively low cost, immediacy and guaranteed information stream which
commends telecommunications interception to ASIO and to law enforcement
agencies. It is not only the substance of a communication between two
people, but whom the subject of the interception contacts, if and how the
person behaves differently with one from others, the circle of contacts and
services revealed, the presence of a person at the premises where a fixed
service (telephone or computer) is located is made clear at various
intervals, and where more than one service used by the same person is
intercepted, further and useful comparisons may be made. All these matters
constitute useful tactical intelligence, affecting the implementation or
withholding of a range of other investigative actions, the coordination and
timing of an investigation and affording the investigator the opportunity
both to be forewarned and to monitor reactions once he/she has taken a
decisive or recognisable action.
4.2.2 The loss of such a flexible, immediate and low-cost source of
information would be likely to have a substantial impact on ASIO's threat
assessment capacity. The intelligence requirements generated by this program
frequently arise at short notice and often in fields not routinely covered
by ASIO or law enforcement. If Australia was to receive information from a
cooperating foreign agency of a threat to an overseas visitor or Australian
dignitary and the probable source of that threat within Australia, it is
unlikely such a matter could be investigated immediately without real-time
access to the source's communications.
4.3 The Cost of alternatives
[paras 4.3.1 and 4.3.2 not available]
4.3.3 Listening devices offer immediacy only when they are monitored in
real-time, a practice not always possible or affordable. There are also far
longer processing times involved in evaluating listening device product than
something like telephone interception, where the calls are immediately
accessible and each is date/timed. Legal authority to deploy tracking
devices, whose installation may involve a trespass onto property, remains
under consideration so this type of aid long used by overseas law
enforcement agencies and security services is not generally available in
Australia. Video surveillance of particular premises carries all the
attendant risks mentioned in relation to listening devices and video
surveillance of public areas raises a number of significant privacy issues.
Physical surveillance is an expensive form of coverage to mount, with
substantial overheads and a high risk of exposure - and the further risk of
contaminating the investigation itself.
4.3.4 From disclosures made in courts and inferences to be reasonably drawn
from briefs of evidence and prosecutions, from information in the public
domain and on the Internet, criminals, terrorists and foreign intelligence
officers know law enforcement agencies are able to decrypt a variety of
commercial or 'soft' forms of encryption.
[section of this para not available]
There is ample guidance material available on the Internet and elsewhere to
judge which forms of encryption are secure against law enforcement agencies'
efforts.
4.3.5 The listening device provisions in the Australian Federal Police
Act 1979, confined as they are to the capture of voice (rather than sounds,
signals, images, pictures, etc) limit that service's investigative
capability. As computer and communications crimes are not currently
categorised as Class 2 offences under the AFP Act, listening devices are not
able to be deployed against these classes of activity. The original
rationale for the drafting of the listening device provisions and those
activity categorisations has been superseded by the changing faces of
technology and crime. The lack of any overriding authority between the
States, Territories and the Commonwealth in the areas of computing, and
communications crime is probably not helpful.
4.3.6 The investigative impact on law enforcement agencies and national
security would be substantial if real-time access to the communications of
subjects of investigation was to be lost. There would be a consequent
budgetary impact as the alternate sources of information are
labour-intensive, less flexible, involve long lead-times, incur substantial
financial outlays and sometimes produce after-care problems. The effect
would, therefore, be on capability.
4.4 Decryption capability for law enforcement and national security?
4.4.1 The encryption of stored data ranges from relatively crude forms
incorporated by manufacturers in pocket organisers through to strong forms
such as PGP 39. The task facing law enforcement is increasingly a
cryptanalytical one, not one of decryption. The Terms of reference of this
Review seek at term (f)
an assessment of the most appropriate means offending the development,
implementation and maintenance of a decrypting capability for existing
and emerging technologies;
[para 4.4.2 not available]
4.4.3 Should a greater proportion of DSD's efforts be directed to
support the work of law enforcement agencies? There would be sensitivity
about such a proposal at the best of times. When Defence spending has been
quarantined against the reduction of budget outlays elsewhere in the public
sector, a political dimension is added to the issue. It would require the
construction of fire- walls and special protocols to ensure security and the
issue of evidentiary requirements would always be a vexed one. On its face,
it is not a course which obviously commends itself. On the other hand, there
will need to be some cryptanalytical capacity in the Commonwealth on which
law enforcement or national security may call when the need arises. Need, in
these circumstances, will be dictated by the immediacy and gravity of the
contextual information. There is no sound basis, as I have indicated, for
proposing a second cryptanalytical facility in the Commonwealth. It follows
necessarily that whatever cryptanalytical needs law enforcement and national
security agencies experience will have to be met from within DSD's capacity.
4.4.4 If the level of demand should become significant, there would be
a need to look at the mechanics of cooperative arrangements, turnaround
times on requests, charging arrangements and the prioritising and
channelling of requests on a national basis. That task should be picked up
in the further review recommended for late 1997.
4.4.5 There was strong support from the AFP, some state police forces
and ASIO for a separate decryption capability directed primarily to law
enforcement purposes. Currently, many law enforcement requests, including a
significant number from overseas agencies, are directed to universities and
institutes of higher learning which have developed reputations for IT
excellence and seminal research. Cases were cited to the Review where
European law enforcement agencies have contacted institutes in Australia
seeking help. The dilemma they faced was clear - bring cases to court
without encrypted information which they believed was critical to their
investigation or postpone cases in the hope the encryption may one day be
broken. Neither course affords any comfort. Many appeals for decryption
assistance explicitly presume the universities will supply this without
cost, because of their percentage of public funding in their budgets. Not
surprisingly, the universities see it otherwise.
4.4.6 If a decryption facility was to be established, both state and
federal agencies consulted thought it should be located in a Commonwealth
agency, funded jointly by the Commonwealth and the states, operating on a
cost recovery basis, and function under the technical aegis of DSD and the
specialist IT components of the law enforcement agencies. The Review was not
persuaded, however, such a facility would achieve more than the individual
agencies are now managing. Unless a key was obtained from the owner of the
data or the manufacturer agreed to provide critical information, there is
little prospect that other than very basic or crude forms of encryption
would be decrypted. Certainly commercially available strong encryption will
defy such an approach and will likely resist cryptanalytical attack.
4.4.7 No distinct or quantifiable benefit would seem to flow from
developing an independent decryption facility for law enforcement. The
better tactic would be to enhance the computer crime and technical
investigation areas of the various agencies, to have a small budget slice
reserved for training and minor capital expenditure and to ensure the
separate efforts of agencies are coordinated so the sum produces enhanced
capability. These are essentially matters for agency management. Of them,
the critical factors are the technical or computer competence of the people
and effective coordination across agency lines. The Review sensed impressive
capability existed among computer crime specialists, but the number of
investigators dedicated to this area is small both in actual terms and in
proportion to the whole field of criminal investigation. The view was also
gained that there has been little migration of expertise and operating
familiarity to the larger body of criminal investigators. If the AFP, NCA
and ASIO are to achieve requisite investigative and analytical capability in
a field growing much faster than the pattern of staff or capital investment
by those agencies in the past 3-5 years, the respective managements will
need to accord these objectives a greater call on available resources.
4.4.8 There would be value in formalising periodic exchanges between
DSD, ASIO, AFP and NCA at a senior technical level, so that information may
be shared in a 'closed' forum, sterile areas of exploration avoided, attack
techniques discussed and some measure of cooperative research agreed. This
sort of inter-agency forum would provide an opportunity to review the
arrangements by which requests for cooperation may be channelled from State
and Territory police forces to DSD. Because of their compliance functions
and their close investigative and functional roles, both the ACS and AUSTRAC
would sensibly be included. The national and trans-national nature of
criminal and security issues and the considerable challenge which
wide-spread encryption will pose to law enforcement and national security
agencies strongly suggests a State or Territory police force representative
should be coopted to the forum. The manner of selection or rotation is
something which could be left respectively to the forum itself and the
Police Commissioners' conference, though a suggestion is offered at 6.3.2.
4.4.9 I mention such a forum should be 'closed' because information of
great sensitivity would inevitably be discussed.
[section of this para not available]
The purpose is not to prevent any derived knowledge from ever being
gainfully used but to ensure conditions attaching to compartmented knowledge
are observed, security is protected and inhibitions about the level of
candour which might apply largely removed.
4.4.10 Because they relate to the forum's effectiveness, the issues of
who should chair it and to whom it should report might briefly be canvassed
here. DSD possesses the cryptanalytical expertise. The AFP possesses the
operational management expertise, the experience of progressing cases from
investigation to prosecution, of supporting prosecutions and has an
appreciation of counter-terrorist requirements through its involvement in
the National Anti- Terrorist Plan and its participation in various standing
committees. ASIO works closely with DSD, and also with the AFP. It does not
have executive powers and only occasionally becomes involved, as a party, to
litigation. Like DSD, it has an overwhelming need to protect its targeting,
sources and methods. The NCA shares the operational imperatives of the AFP
and ASIO, but works to a narrower investigative last. All agencies have a
need to preserve their covert collection and investigative capability. On
this analysis, I consider ASIO should be the initial chair of the
inter-agency cryptographic forum and the situation should be reviewed after
18 months. That interval should ensure judgement is made on the basis of
solid work, not simply issues of establishment.
4.4.11 To whom should such a body report? Because of the importance and
the sensitivity of the matters to be addressed by the forum and the need for
Ministers to be kept informed, the appropriate authority would seem to be
the Secretaries Committee on National Security and then to Cabinet. 1 gave
consideration to the Heads of Commonwealth Law Enforcement Agencies
(HOCOLEA) but the national security interest takes the matter beyond the
remit of that body.
4.4.12 Knowledge of cyphertext which cannot be decrypted is more
valuable information to a criminal, terrorist or foreign intelligence
officer than knowledge of systems and applications which can be decrypted.
DSD may feel understandably vulnerable in entering such an arrangement where
such judgements are likely to emerge or be required. The current degree of
feeling and suspicion seems born of ignorance or matters not stated rather
than from any adverse experience. A more positive approach by both sides
should assist to break down those barriers.
4.4.13 At paragraph 3.5.4, it was concluded areas of expertise in
computer crime investigations will likely determine the priority with which
certain criminal investigations are initiated and a particular challenge for
agency managements will be to maintain and develop the number of staff with
the requisite skills. The inter-agency forum could play a useful role in
coordinating capital investment and personnel development plans for this
area in the member agencies.
4.4.14 The need for law enforcement and national security to initiate a
dialogue with the IT industry, carriers and service providers was mentioned
at paragraph 3.7.5. Such a task would logically be undertaken by forum
representatives.
4.4.15 It may be that some memoranda of understanding would be required
to protect technology transferred between agencies and sensitive operational
methods against disclosure in court proceedings or discovery processes. If
indicated, such devices should reinforce the special compartment in which
this information is located.
4.5 Public Key Infrastructures
4.5.1 The reactions of foreign governments to the availability of
stronger forms of encryption has varied. Some require import licenses.
Russia, India, France, China and Israel are among those and Russia and
France require those who wish to use encryption to obtain state licences.
The Belgians discovered they had passed a law in December 1994 which might
prohibit the use of unescrowed encryption. At the time it went unnoticed as
part of a larger law. The law adds a condition under which
telecommunications equipment may be seized, namely in case of end equipment
which renders interception ineffective. It has not been enforced as the
Belgian Institute for Posts and Telecommunications remains unclear of its
consequences. 40 The example is cited as a salutary warning of the fate
which may befall premature policy initiatives.
4.5.2 The efficacy of legislative measures to limit or control
importation, let alone the political and public policy wisdom of pursuing
them when the Intemet offers a range of encryption applications, seems
doubtful in the extreme.
4.5.3 Export controls on cryptography and cryptographic products have
long been in place in Australia. They interlock with controls imposed by a
number of countries, principal among them the United Kingdom, Germany,
France and the United States - generally thought to produce more than 70% of
the world's software. Contemporaneous with calls for government not to
interfere with the availability of cryptography for the privacy protection
of citizens have been calls for export controls to be ameliorated.
4.5.4 The lack of enthusiasm with which American commentators greeted
the series of United States government proposals, culminating in the formal
Administration statements on 11 July 1996, to establish a key management
infrastructure, under which the needs of quality assurance, integrity, data
retrieval and public safety would be accommodated, broadly reflects the
reaction of those consulted by this Review. 41 Few felt key escrow
arrangements could be argued as secure and less considered government ever
acting as an escrow agent to be appropriate.
4.5.5 The American proposal for a commercial encryption policy is based
on a global key management infrastructure that supports digital signatures
and confidentiality. Independent entities, key escrow agencies, would verify
digital signatures and also hold spare keys to confidential data. Those keys
could only be obtained by persons or businesses that have lost the key to
their own encrypted data, or by law enforcement officials acting under
proper authority.
4.5.6 Pressure created by the United States' computer industry and
users eventually caused three Bills dealing with cryptography to come before
the US Senate, two of which propose the abolition of export controls. The
Republican candidate for the Presidency, Mr Robert Dole, was a co-sponsor of
one of the bills. The Commerce Committee of the Senate scheduled a vote on
one measure for September 12, 1996, but this was delayed because of other
business. With the conclusion of the final session of the 104th Congress
before the November elections, the measure will have to be revived by the
returned Administration and the next Congress. The White House was
originally expected to introduce its own legislation around mid-September,
offering special arrangements for industry segments such as finance, health
care and insurance. In turn, those sectors were expected to support
government key escrow systems, which would have the effect of making them
mandatory. 42 The July 1996 United States Administration statement
foreshadowing the liberalisation of export controls for certain commercial
encryption products seemed, also, an attempt to dispel Clipper suspicions.
43 The terms and conditions attaching to that forecast liberalisation of
export controls were eventually set out in the Vice-President's statement of
1 October 1996. 44
4.5.7 While performance standards and key recovery, alone with some
relaxation of export controls are noted as the main features of the July
1996 American proposal, there was no attempt to hide the principal drivers -
on the one hand, the requirements of national security and law enforcement;
on the other, the export interests of the United States.
[remainder of this para not available]
4.5.8 The United Kingdom government has taken a similar path. On the 11 June
1996, a policy paper was issued publicly. 47 This announced the adoption of
licensed and regulated Trusted Third Party (TTP) services as the core of its
arrangements. 48 Without giving a binding commitment, it noted licensing
might be predicated on an examination of applicants' fiduciary
responsibility, competence to provide services in this sector and commitment
to modern management principles! The purpose of the licensing policy is to
preserve the ability of the intelligence and law enforcement agencies to
fight serious crime and terrorism by establishing procedures for disclosure
to them of encryption keys under warrant. The UK Government announced
legislative proposals would be brought forward after further consultation on
detailed policy elements.
4.5.9 The British paper did not distinguish between authentication and
confidentiality keys, though the Royal Holloway proposal on which it is
founded did, and foresees some relaxation of export controls. For a time it
offered the advantage over the early Clipper schemes of an offer of key
back-up for data retrieval purposes, but the July 1996 American key
management infrastructure proposal also included that element.
4.5.10 At its essence, the TTP proposal provides users with key
management services and law enforcement agencies with warranted access to a
particular user's communications. Like the American proposal, the scheme
would be voluntary but creates new points of vulnerability where the keys of
participants may be attacked. The cost would be borne by the individual.
4.5.11 Trusted third party encryption is much more problematical in
relation to telecommunications than for stored data. It is difficult to
imagine trusted third party encryption becoming the norm unless governments
put substantial sanctions in place. For those to be meaningful will require
close coordination and global agreements to cover a global market. The
importance of the efforts by the Australian government and OECD partners to
reach an acceptable draft of cryptography guidelines is underlined here as
global agreements will only be secured on the basis of internationally
accepted principles.
4.5.12 The French government has adopted a mandatory third party scheme
which will result in some relaxation of the earlier ban on cryptography.
Like the others, it does not distinguish between authentication and
confidentiality keys. One is tempted to say it poses the same problem for
criminal prosecutions but the French approach to these matters necessitates
more specialist information than is available to this Review. The
government, of course, picks up lawful access to the key under the scheme.
4.5.13 While a number of governments have taken legislative or
regulatory action, more seem to have been monitoring developments and
turning their minds to data protection and privacy legislation. Within the
European Union and the OECD, significant effort is being devoted to
international draft principles covering the use of cryptography, for which a
target date of February 1997 has been set. The OECD is considering
undertaking a review of the 1980 privacy guidelines and intends to review
the 1992 IT security guidelines next year. Some work on intellectual
property requirements remains outstanding.
4.5.14 In Australia, a group representing government, industry and
users produced several iterations of a public key authentication framework
(PKAF) proposal. 49 This scheme would be voluntary, not subject to
government licence and would deal only with authentication. The PKAF
function is that of a certifying authority, not a trusted third party or
escrow agency. Keys would have to be generated in accordance with the scheme
to ensure integrity and security, no key would be retained by PKAF and no
government access to the scheme is proposed. The proposal was developed
under the aegis of Standards Australia and conforms to both management and
technical standards. Its adoption will require amendment to the Evidence Act
or the Acts Interpretation Act to provide for a digital signature to have
the same force and effect as a hand-written signature.
4.5.15 It is unclear how the Australian market will develop, though
electronic commerce and the trans-national nature of so many commercial
operations suggest the lead of major trading partners will likely be
followed. For the moment, the PKAF project appears to have lost some
momentum and the expected launch of products by potential service providers
have been delayed. There will almost certainly be a public requirement for
agencies which provide third party, data recovery and, possibly, key
generation facilities. Some form of registration of these service providers,
as in the telecommunications field, would seems sensible to ensure public
confidence and operating integrity and would be helpful to law enforcement
agencies and the protection of national security. It would be in the
national interest, given the community's future reliance on the integrity of
digital signatures, for the bona-fides of these providers to be vetted as a
condition of registration. The framework for that registration process
should be put in place promptly.
4.5.16 The United Kingdom intends to bring forward legislative
proposals to address the licensing of trusted third parties. 50 The
statement issued by United States Vice-President AI Gore on 1 October 1996,
addressing the liberalisation of export controls, advised these would be
conditional upon industry commitments to build and market future products
that support key recovery. 51 The proposal 'presumes' trusted parties will
be designated by users, but does not address or exclude the issue of
licensing. The statement makes clear that law enforcement access, under
proper authority, would only be to the user's confidentiality key. A
condition of registration, which might carry benefits such as inclusion in
public directories and approval for products/services to be used in
government and financial sector dealings, could be that keys would be made
available to the AFP, NCA or ASIO on production of a lawful instrument.
4.6 International Agreements
4.6.1 There may be some requirement for the Australian Government, for
electronic commerce or similar purpose, to put in place systems which
interlink with the American, the British or some other proposal which wins
sufficient global support. 52 This will depend, in part, on the specific
features of the arrangements implemented by those governments and their
interoperability with the requirements for a Public Key Authentication
Framework outlined in the Miscellaneous Publication released by Standards
Australia in November 1996. The British Government paper of 11 June 1996
spoke of the need for common architectural framework in different countries
to support the provision of integrity and confidentiality and saw encryption
algorithms on the International Standards Organisation register as a
sensible benchmark. Agreement on international, and therefore interoperable,
standards is a core objective of the OECD group developing guidelines on
cryptography.
4.6.2 Until broad agreement on standards and architecture is secured,
it would seem premature to enter any bilateral negotiations, though clearly
substantive discussions on the issues must proceed.
4.6.3 The review encountered significant scepticism about mandated key
escrow or TTP systems. The national sovereignty of the agencies providing
these services could not be guaranteed, with consequent implications for the
national interest. There is the strong likelihood that these agencies would
become the major targets of foreign intelligence services. When an agency
owner provides a key, under lawful authority, to a law enforcement agency
questions of integrity about that key would arise. The PKAF proposal
outlines a precise set of obligations and actions where a private key is
known or suspected to be compromised. Certainly the key has to be replaced,
the certificate containing the associated public key revoked and the fact
notified promptly on a Certificate Revocation List. Where a key is
surrendered to a law enforcement authority in response to a search warrant,
the question arises how the compromised nature of the key would be advised
to the owner and what liability may be carried by the law enforcement agency
or the service provider? While separation of the authentication key pair
from the confidentiality key pair would go a long way to reduce this
problem, the need for clear policy definition is clear. An early and clear
statement from government that it has decided the issues of authentication
and confidentiality are to be separated would be of significant benefit.
4.6.4 Law enforcement agencies and ASIO will need to address the
reciprocal arrangements for the acquisition of keys which they would seek of
others and will be sought of them. The sensible course would be to cover
such exchanges by memoranda of understanding, after normal agency and
Ministerial processes of approval.
4.7 Third Party Systems
4.7.1 If there is a single lesson to emerge from the ill-fated
'Clipper' debate in the United States, it is that attempts by government to
mandate any cryptographic technology solution or the use of government
escrow or recovery agents are doomed to failure. Whether and how private
citizens or corporations choose to recover data or protect themselves
against a shut-out is for them alone to decide. It is interesting to note a
recent IT industry paper builds a proposal around a key recovery system
rather than an escrow System. 53 No user key would be held by the key
recovery agency or agencies. The algorithm/s employed would be publicly
available, there would be no limit on key lengths and the self-escrowing of
keys would be permitted. On production of a court order or warrant, and with
the presentation of some intercepted traffic between the party in question
and another, the key recovery agency would be able to reconstitute the
message without recovering the key. While this proposal may meet data
retrieval requirements, it is likely to lack evidential value for a
prosecution.
4.7.2 The proposal overcomes many of the deficiencies of the escrow
system, but two seem to linger: the first is the vulnerability which
attaches to the operation of the key recovery agencies. The system's
developers envisage a number of large agencies in a variety of countries,
with users deliberately spreading some of their data vulnerability
off-shore. They then ask the question could agencies in a variety of
countries be equally susceptible to inducement whether from a drug cartel or
a particular government. The second residual problem is the extent to which
'serious' criminals will avail themselves of such a system without
suspecting they are buying a Trojan horse. There is ample evidence
law-breakers continue to use means of communication when they believe them
possibly to be compromised and this tendency is advanced by some to argue
that criminals will not take extraordinary measures to secure their data. IT
industry representatives, the AFP, the NCA, ASIO and state police forces
consulted all considered encryption would routinely be employed when it was
generally available, simple to use and effective. Those conditions will
imminently be met.
4.7.3 The Review formed the opinion that some form of third party
system would commend itself as the best option for government and a sales
pitch based on data recovery and public safety would be more likely to gain
community acceptance than one founded on law and order, or even less, for
essential tax collection purposes! No person consulted disputed the need for
the state to be able to move quickly when confronted with kidnapping, the
threat of terrorism or the abuse of children. At a level of principle, that
consensus, wrapped in the delivery of a useful service such as data
retrieval, offers the best 'hearts and minds' approach. The appeal of each
of the three 'Clipper' versions was based on the needs of law enforcement
and national security - those appeals were greeted with some cynicism. This
is not to say that high-flown principle does not carry some weight but third
party service providers will be in business to make a profit.
4.7.4 The assumption that encryption users would require some form of
third party system rested hitherto on the premise that software based
methods would be employed to generate encryption materials. While the
software approach still predominates, a shift towards primarily hardware
based solutions is starting to revise thinking. The need for emergency data
recovery, date/time stamping and non-repudiation facilities is certain to be
felt and that means trusted third parties will have a place. As a passing
comment, use of the Internet seems to have increased the community's level
of data security consciousness. The realisation that using the Internet in
open mode to buy tickets for a function on a particular date may be to risk
advertising one's house may be empty on that evening would be disquieting!
4.7.5 While the American and British proposals both envisage law
enforcement and national security agencies serving legal instruments on TTPs
or escrow agencies and obtaining the specified keys, the confidentiality of
such arrangements is not guaranteed and the integrity of investigations is
sometimes put at risk. Problems of leakage of information from
telecommunications carriers and companies providing pager services to the
subjects of law enforcement investigations are currently experienced in
Australia and may be expected to continue. The post 1 July 1997 deregulated
climate is unlikely to temper this pattern.
4.7.6 Users of TTPs, escrow arrangements or key recovery agencies will
need to ask themselves to what extent those service providers should be
trusted. The British Government has formally proposed a licensing system and
a Federal Bureau of Investigation/Department of Justice proposal outlined
the US Administration's views of the characteristics it considered should
attach to the service provided and those providing the services. Licensing
systems, or their equivalents, do not guarantee ownership of such agencies
will remain in the national interest, nor that those involved would remain
immune to inducements or coercion, but they do provide a measure of public
confidence. In that fabled New World Order of which public commentators are
wont to speak, key recovery agencies, escrow agencies and TTPs will become
major intelligence targets for all countries with a capability to match
their desire. It will be possible for the risk factor to be reduced, where
users have the wit and resources to spread it across jurisdictions and
different control interests, to have some objective testing of the 'trust
quotient' of service providers, but not finally to eliminate it.
4.7.7 How then to address the question of trust? Users cannot be
expected to presume the bona fades of those providing third party services
and the integrity of commercial and personal transactions will rest on that
of the service providers. This dictates, in view of the potential for
corruption in this industry sector, a form of screening and registration
will be essential. The procedures used in several States and Territories to
assess potential casino operators would be a useful initial model for the
integrity checking process. In view of the pace at which technology has been
developing and the cost and consequences of leaving the process of
regulation too late, it would be prudent for government to indicate early
its intention to apply a system of registration and take the administrative
steps to implement it.
4.8 The Internet
4.8.1 Cryptography today can scarcely be discussed or viewed outside
the context of the Internet. Designed originally by the United States
Department of Defense to be a centre-less anarchic system and then taken
over by the academic community, it continues to defy attempts to regulate
it. In the course of the 1996 US presidential election campaign, President
Clinton promised to build a new network. It was not clear if this would be a
second Internet, if it was intended to incorporate some form of central
control or key nodes or the extent of its relationship with the existing
Internet. What is clear is the problem will remain as long as the current
net exists and many will defend its right to longevity.
4.8.2 In such a fluid context, to mandate processes is a questionable
course as it will not automatically direct or prevent the conduct to which
they are directed. Professor Dennis Longley observed, 'the Internet can
always refigure itself around restrictions or regulations'. 54 There have
already been knee-jerk reactions in various parts of the world to
developments on the Internet but reasonably clear indication that few, if
any, of those proposals will work and the dangers they are intended to avert
or contain may sometimes have been over- stated.
4.8.3 The anarchic nature of the Internet may have conditioned the
United States Administration's approach to cryptography policy. As recently
as 25 July, FBI Director Louis Freeh said if the current 'voluntary' policy
failed, he would seek mandatory domestic controls on cryptography, while
conceding these too may not work - they were simply the logical progression
of his thinking. 55 If one had to pick a single characteristic which
epitomised public policy, pragmatism would beat logic every time. Dorothy
Denning, a staunch advocate of the American 'law and order position', argued
in a web debate that an encrypted Global Information Infrastructure is
without precedent in world history. That is right , and so is the GII
itself. The public discussion needs to offer more than the prospect of
losing one's encryption keys and/or facing the depredations of organised
crime and terrorism before general support for government arranged key
management infrastructure wills be elicited. It is a question of balance.
4.8.4 There are powerful benefits to be reaped by our citizens and our
community from the ready availability of encryption in terms of privacy,
commerce, the range of on-line services which might be accessed from home,
inquiries which may be initiated discreetly, payments made and a range of
others. There remain, for law enforcement agencies, concerns about the
legally unclear (in terms of the TI Act) role of Internet service providers,
jurisdictional confusion as to service of warrants, uncertainty about the
telecommunications market in Australia after 1 July 1997, the potential for
people to use satellite telephones which transmit and receive directly from
satellites located over South-east Asia and other matters. LEAC, supported
by an annual telecommunications interception conference, should provide the
avenue for meeting these concerns or feeding them into other established
channels.
Footnotes:
38 See Attachment 6 of the Barrett Report.
39 PGP - Pretty Good Privacy - a strong encryption package that utilises
RSA, designed by Paul Zimmerman and published on the Internet. The US
Government charged Zimmerman with breaching export controls but dropped the
suit after more than two years when it could not establish if Zimmerman
placed PGP on a server or someone stole it.
40 Crypto Law Survey, Version 4.2, July l996, available
http://cwis.k-ub.nirfrw/people/k-oops/lawsurvy.htm
41 The first of two statements released by the White House on 12 July 1996,
titled Administration Statement on Commercial Encryption Policy July 12
1996, is shown at Annex C of this report. The second statement issued on the
same date was titled US Cryptography Policy: Why We Are Taking the Current
Approach.
42 EPIC Alert, Vol. 3.16, September 12, 1996, item 4. p 4.
(http://www.epic.org/)
43 The first use of key escrow, dubbed Clipper. was in 1993. Clipper was a
hardware chip that allowed digital telephone users to make secure calls but
also allowed the government. under lawful authority, to intercept calls.
44 The full text of the Vice-President's statement is shown at Annex F of
this report.
45 The only way of finding out if Smith or Jones is using double encryption
(with a non-escrowed key) would be by decrypting their files/communications
with their escrowed keys and observing the decrypted data is still
unintelligible. Warrants would have to he obtained to verify people are
playing by the rules or else their privacy would be violated.
47 Paper on Regulatory Intent Concerning Use of Encryption on Public
Networks, issued by the Department of Trade and Industry, 11 June 1996. This
paper is repeated at Annex D.
48 A solution first advanced by the Royal Holloway group of the University
of London.
49 A draft Australian Standard on Strategies for the Implementation of a
Public Key Authentication Framework in Australia was issued for comment by
Standards Australia on 1 April 1996 and was released as a Miscellaneous
Publication (MP75) on 5 November 1996.
50 See Annex D
51 Statement of the Vice-President, AI Gore, released by the White House on
1 October 1996. Copy attached at Annex F.
52 cf conclusion at 1.1.19 of this report.
53 The Need for a Global Cryptographic Policy Framework - An IBM Position
Paper, August 1996.
54 Professor Dennis Longley, Director Information Security Research Centre,
Queensland University of Technology, in a presentation to the Joint
Australian/OECD conference on Security Privacy and Intellectual Property
Protection in the Global Information Infrastructure, 7-8 February 1996,
Canberra.
55 Louis J Freeh, Director of the FBI, testimony before the Commerce
Committee of the Senate of the United States Congress. 25 July 1996, quoted
in Epic Alert, Volume 3.14 of August 1, 1996.
Chapter 5
----------------------------------------------------------------------------