denise caruso | caruso.com » Data Security and Privacy

Data Security and Privacy

Conflicting rights in a world full of thieves

Although data security and personal privacy do not have the topical sex appeal of, say, “interactive television,” what many people refuse to acknowledge is that the success of most of today’s up-and-coming digital media technologies — including the hottest buzzword, interactive TV — are completely dependent upon it.

The communications battleground.>> Joseph Swyt, president of Macrovision, set the stage for this session by discussing data security in the context of a larger and growing tension among contending interest groups in our society.

Each group, he said, is legitimately trying to fulfill its role and will properly assert itself in the defense of its rights. In this case, the main players are:

• National government, which is charged with protecting us from enemies, both external and internal. It argues that wiretaps can lead to the capture of terrorists, spies and criminals. To preserve everyone’s collective right to national security, it may have to encroach on the other players’ rights to privacy.

• Businesses, which have discovered that the trans-border flow of information has changed the concepts of labor and capital. Corporations need to protect trade secrets, get paid for their services and invest in new business opportunities regardless of national boundaries. In protecting their financial interests, they may come in conflict with both the governments they deal with and their own employees.

• The public — folks who obey the law, pay their taxes and consume digital services — which wants the benefits of national security, artistic creativity and reliable access to information services. U.S. citizens also want privacy for personal data and protection against electronic fraud.

• Creative individuals who have rights in their creations through copyright laws. But digital copies cannot be distinguished from originals, and in fact the act of copying is an essential step in using digital information. New laws may be needed, supplemented by digital security techniques, to protect intellectual property rights.

THE CLIPPER CHIP INTENSIFIED THE DEBATE

The recent debate over the U.S. government-proposed Clipper encryption chip pitted national security against commercial and individual privacy. Often, though, the struggle is between businesses and individuals; for example, the phone companies say toll fraud is a $4–5 billion annual loss of revenue, which must be made up by law-abiding customers. Software publishers, cable operators and credit card issuers have similar complaints.

Theft is a fact of life, so data security schemes must be employed and must stay ahead of anyone’s ability to crack them. (The government may not like this, but as we shall discuss below, the cat is already out of the bag.) We may see data security services become a viable industry, charging higher prices for greater degrees of security. One can envision a world in which all information is encrypted and keys are sold, moving the legal debate from the realm of copyright law to contract law.

Public keys, private secrets.>> Jim Bidzos, president of RSA Data Security, described exactly how the cat got out of the bag. As he pointed out, every cryptographic technique relies on keeping a secret: the decryption key. With symmetric approaches, such as DES and Clipper, the encryption and decryption keys are the same. This means that at least two parties must share the secret, and either party can compromise the other.

The only alternative to date is public-key cryptography. The mathematics for public key encryption was invented in the late 1970s and is based on the difficulty of factoring huge numbers. In a public-key system, there are two keys. One, which is published, is used to encrypt a message; the other, which is secret, is used to decrypt the message. (See Vol. 3, No. 1, p. 6–7, for more on public-key cryptography.)

In a widely deployed public-key system, public keys could actually be published and anyone could look up your public key and use it to encrypt a message to you. But only you would have the matching secret key, so only you could read the message. No secrets are shared, and thus no outside party can compromise your security.

“Digital signatures.” The same technique could be used as a “digital signature” to authenticate the identity of the sender of a message. The sender merely applies a second level of encryption with his secret key; upon receipt, you decrypt with his public key to remove the outer level of encryption — which will only work if he is who he says he is — and then decrypt with your secret key to see the message.

The best-known product for public-key cryptography uses the RSA algorithm (named for the initials of the inventors). A wide range of computer companies, including Apple and Microsoft, have licensed the RSA system. However, there are many other algorithms, such as the ANSI standards X930 and X931, which have been adopted by the financial community for secure electronic fund transfers. The Internet has a standard for privacy-enhanced E-mail, including a way of publishing a “white pages” directory of public keys. ISO and CCITT have begun deliberating on international standards for encryption.

THE KEY TO ENFORCING INTELLECTUAL PROPERTY RIGHTS

Encryption has obvious applications for enforcing intellectual property rights. For example, a company like 3DO could embed decryption keys in its game players, and only those software houses that had licensed the encryption could sell games. Getting a virus from downloaded software could become a thing of the past, because you could pinpoint responsibility for malicious code; the digital signature would serve as a tamper-seal for software.

The technology is already being used by cable companies that need to activate or deactivate access to premium channels based on whether a customer’s bill is paid up, and is likely to be deployed by the new digital direct broadcast satellite (DBS) delivery systems — particularly prone to clever thievery and tampering — as well.

Bidzos acknowledged that the government and the military would prefer that you not have this technology. But it’s too late; the techniques and the benefits are both widely understood within the U.S. and overseas. The potential for harm is present, as with any technology, but the good clearly outweighs the bad.

SUN’S GAGE ASKS: WHO DO WE WANT TO HAVE ACCESS?

That’s all very well as a theory, said John Gage, the director of the science office at Sun Microsystems. But if you look around at today’s world, you see computers and networks being implemented with scant thought for security. “When Geoffrey Holmes said earlier this morning, ‘We want you to be able to tap into our servers,’ my heart took a flipflop,” said Gage.

Open access may be wonderful for responsible citizens and businesses, he said, but what about those 13-year-olds whose sole mission in life is to break things, let alone the crooks and terrorists? Lots of them have powerful computers and time on their hands. Do we really want to give them open access to the servers?

Russian satellites in Congress.>> Consider the FBI’s demand for tappable networks. A drug kingpin need not use the phone company’s lines. Instead, he can put up a phased-array satellite antenna (less obtrusive and more steerable than a dish) and use a satellite. There are plenty of low-orbit satellites; the Russians loft them because they are cheap.

In fact, Gage told a rapt audience, he had installed the necessary equipment on the roof of the building in which the Commerce Committee was holding its hearings on communication security in less than a day, and had established a link to a Russian satellite while the Committee watched.

Tracking you via cellphone.>> Cellular phones have no security at all. Despite a federal law making it illegal to sell scanners for cellular frequencies, a cellular phone is by its very nature a scanner. When you move to a different cell, the device automatically hunts for an open channel.

However, by entering the key sequence that puts the phone into “debug” mode, you can take control of the scanning process and listen to any of the conversations floating through the ether — and you can even track the location of the cell they’re talking from. The proof that people are already doing this is that recordings of famous people’s cellular calls are readily available.

CABLE AND ENTERTAINMENT ONLY A FRACTION OF THE PROBLEM

When it comes to security needs, the entertainment and cable industries are small potatoes, said Gage. The financial industries, which move trillions of dollars each day, have real security concerns. Before bankers will trust wireless PDAs for financial transactions, they need to be very sure that it’s not easy to steal money by eavesdropping. Bankers have no reason to trust anyone — not even federal bureaucrats — with the keys to their digital coffers.

“Hoover Inside.” The computer industry, which sells a substantial fraction of its goods to foreign nations, is particularly offended by the proposal to make the Clipper chip a mandatory standard. Gage said, “It’s like putting a sticker on every computer that says, ‘J. Edgar Hoover Inside’.” (We suspect he was taking a poke at the “Intel Inside” ad campaign.)

Gage pointed out that by using good public-key encryption, we might once again trust the communication system for personal conversations and for financial transactions. However, as a member of the audience noted, we would still have to trust someone to supply reliable public and private keys.

Peter Dyson