1994-03-03 - D.Denning Reply

Header Data

From: bsteve@zontar.attmail.com (Steve Blasingame)
To: cypherpunks@toad.com
Message Hash: 38d7f2d512d3448a2c43f8762fb08f417cdb56f95671234dc5336e06ce1c47f2
Message ID: <9403031641.AA27701@zontar.attmail.com>
Reply To: N/A
UTC Datetime: 1994-03-03 18:24:51 UTC
Raw Date: Thu, 3 Mar 94 10:24:51 PST

Raw message

From: bsteve@zontar.attmail.com (Steve Blasingame)
Date: Thu, 3 Mar 94 10:24:51 PST
To: cypherpunks@toad.com
Subject: D.Denning Reply
Message-ID: <9403031641.AA27701@zontar.attmail.com>
MIME-Version: 1.0
Content-Type: text/plain


Here is Dorothy Denning's reply to my response to her Newsday article. The
shocking features are that she does not seem able to differentiate legality
from morality, and doesn't seem to believe that law should flow from a popular
majority, but from the state. Sure sounds like she wants a police state to me.

  Steve Blasingame
  bsteve@zontar.com


--------------------
  From daemon Mon Feb 28 09:06:58 1994
  Date: Mon Feb 28 11:25:34 -0500 1994
  From: netcomsv!chair.cosc.georgetown.edu!denning
  Subject: Re: Newsday Editorial
  To: internet!attmail!zontar!bsteve
  Reply-To: netcomsv!chair.cosc.georgetown.edu!denning (Dorothy Denning)
  
  Thanks for your comments.  I have tried to address the law enforcement
  issues you raised in a more thoughtful way in the attached.
  
  Dorothy Denning
  ---------------
                       Encryption and Law Enforcement
  
                             Dorothy E. Denning
                            Georgetown University
                                      
                              February 21, 1994
  
  
  
  Summary
  
  Although encryption can protect information from illegal access, it can
  also interfere with the lawful interception of communications by
  government officials.  The goal of this report is to describe the
  effect of encryption technology and the government's new Escrowed
  Encryption Standard [EES] on law enforcement, mainly from the
  perspective of law enforcement.  The information presented here was
  obtained from public documents and testimonials by law enforcement
  officials, from private conversations with people in the FBI and other
  law enforcement agencies, and from comments I received by people in law
  enforcement on an earlier version of this report.  Some of this
  research was performed in conjunction with my earlier study of the
  FBI's proposal on Digital Telephony [DT, Denning].
  
  The following summarizes the key points, which are discussed in greater
  depth in the sections that follow:
  
     1. The need for wiretaps: Court-authorized interception of
        communications is essential for preventing and solving many
        serious and often violent crimes.  Electronic surveillance not
        only provides information that often cannot be obtained by other
        means, but it yields evidence that is considerably more reliable
        and probative than that obtained by most other methods of
        investigation.  No other investigative method can take its
        place.
  
     2. The threat of encryption to lawful surveillance:  Because
        encryption can make communications immune from lawful
        interception, it threatens a key law enforcement tool.  The
        proliferation of high quality, portable, easy-to-use, and
        affordable encryption could be harmful to society if law
        enforcement does not have the means to decrypt lawfully
        intercepted communications.  Although encryption of stored files
        is also of concern, 99% of the issue is telephone communications
        (voice, fax, and data).
  
     3. Digital Telephony:  Encryption is not the only threat to lawful
        electronic surveillance.  Advances in telecommunications also
        threaten the ability of law enforcement to conduct authorized
        interceptions.
  
     4. Encryption policy and the EES:  The government's Escrowed
        Encryption Standard offers a balanced solution to the encryption
        problem that takes into account the equities of public safety,
        effective law enforcement, and national security along with those
        of privacy, security, and industry success.  The technology and
        accompanying procedures provide strong encryption and a high
        level of security, while accommodating the need for real-time or
        near real-time decryption of intercepted communications.  The
        program is the best known solution, at least for the intended
        initial application, mainly voice, fax, and data encryption over
        the public switched network.
  
     5. Criminal use of Non-EES Encryption:  Although some criminals may
        seek to use other forms of encryption, the escrowed encryption
        standard may succeed and become ubiquitous as the chief form of
        encryption, making it much harder for criminals to evade
        interceptions by using non-standard, non-interoperable
        encryption.
  
     6. International problem:  The impact of encryption on law
        enforcement is an international problem.  The U.S. government
        exercised strong leadership by recognizing the problem and
        developing a solution before it becomes serious.
  
  
  1.  The Need for Wiretaps
  
  Law enforcement views court-authorized interception of communications
  as essential for preventing and solving many serious and often violent
  crimes, including terrorism, organized crime, drugs, kidnaping, major
  white collar crime brought against the government, and political
  corruption [DT, DT Cases, Kallstrom].  In testimony before the Computer
  Systems Security and Privacy Board, James Kallstrom, former Chief of
  the FBI's Engineering Section, estimated that wiretaps are used in
  excess of 90% of all cases involving terrorism, often with the result
  of preventing a terrorist act.  For example, in a Chicago case
  code-named RUKBOM, the FBI successfully prevented the El Rukn street
  gang, which was acting on behalf of the Libyan government, from
  shooting down a commercial airliner using a stolen military weapons
  system [Kallstrom, DT Cases].  Examples of other terrorist attacks
  successfully prevented with the help of electronic surveillance include
  the bombing of a foreign consulate in the U.S. and a rocket attack
  against a U.S. ally.
  
  Electronic surveillance is used against organized crime, widespread
  fraud, bribery, and extortion.  It was used to help solve a case
  involving corruption associated with organized crime control of the
  International Longshoremen's Union, which cost the citizens of New York
  city 10-12 cents on every dollar spent on consumer items coming through
  the port of New York, and to help solve another case involving
  organized crime control over the construction trade of New York City,
  which had led to 3-5% of all construction contracts being escalated by
  that percentage [Kallstrom].  Evidence obtained from electronic
  surveillance in a case involving the Concrete and Cement Workers Union
  prevented an economic loss to the public of $585 million [DT Cases].
  According to the FBI, the hierarchy of La Cosa Nostra has been
  neutralized or destabilized through the use of electronic surveillance,
  and thirty odd years of successes would be reversed if the ability to
  conduct court-authorized electronic surveillance was lost.
  
  Almost two thirds of all court orders for electronic surveillance are
  used to fight the war on drugs, and electronic surveillance has been
  critical in identifying and then dismantling major drug trafficking
  organizations.  In an operation code named "PIZZA CONNECTION," an FBI
  international investigation into the importation and distribution of
  $1.6 billion worth of heroin by the Sicilian Mafia and La Cosa Nostra
  resulted in the indictment of 57 high-level drug traffickers in the
  U.S. and 5 in Italy [DT Cases].  The FBI estimates that the war on
  drugs and its continuing legacy of violent street crime would be
  substantially, if not totally, lost if law enforcement were to lose its
  capability for electronic surveillance.
  
  Wiretaps are used for cases involving murders and kidnapings.  As the
  result of wiretaps, sufficient evidence was obtained to arrest and
  convict a serial-murderer who had been operating for three to four
  years, and to locate and subsequently convict two other persons who had
  been involved with the murders [DT Cases].  By intercepting voice, fax,
  and communications on a local bulletin board system, the FBI prevented
  the proposed kidnaping and murder of a young child for the purpose of
  making a "snuff murder" film [Kallstrom].  Through wiretaps, the FBI
  prevented a group from bombing a man's house and killing him and his
  family [Kallstrom].
  
  Electronic surveillance has been used to investigate aggravated
  governmental fraud and corruption.  A recent military-procurement fraud
  case ("Ill-Wind") involving persons in the Department of Defense and
  defense contractors has so far led to 64 convictions and about $260
  million in fines, restitutions, and recoveries ordered.  In another
  case, U.S.District Court Judge Robert Collins was convicted of
  soliciting and accepting bribes [DT Cases].  John Kaye, Prosecutor for
  Monmouth County, New Jersey, reported that almost every police officer
  indicted in his county has been indicted because of a wiretap [Kaye].
  
  In the decade from 1982 to 1991, state and federal agencies were
  granted 7,467 court orders for interceptions under Title III of the
  Omnibus Crime Control and Safe Streets Act and equivalent state
  statutes.  At the end of 1991, these had led to 35,851 arrests and
  19,259 convictions.  Convictions resulting from interceptions conducted
  in the last few years are still accumulating, as trials regarding those
  subjects are held.  Because the number of arrests associated with
  wiretaps is a small fraction of all arrests each year, some people have
  questioned whether wiretaps are necessary or worthwhile given the
  availability of other investigative techniques.
  
  By law, wiretapping cannot be used if other methods of investigation
  could reasonably be used instead.  Such normal investigative methods
  usually include visual surveillance, interviewing subjects, the use of
  informers, telephone record analysis, and Dialed Number Recorders
  (DNRs).  However, these techniques often have limited impact on an
  investigation.  Continuous surveillance by police can create suspicion
  and therefore be hazardous; further, it cannot disclose the contents of
  telephone conversations.  Questioning identified suspects or executing
  search warrants at their residence can substantially jeopardize an
  investigation before the full scope of the operation is revealed, and
  information can be lost through interpretation.  Informants are useful
  and sought out by police, but the information they provide does not
  always reveal all of the players or the extent of an operation, and
  great care must be taken to ensure that the informants are protected.
  Moreover, because informants are often criminals themselves, they may
  not be believed in court.  Telephone record analysis and DNRs are
  helpful, but do not reveal the contents of conversations or the
  identities of parties.  Other methods of investigation that may be
  tried include undercover operations and stings.  But while effective in
  some cases, undercover operations are difficult and dangerous, and
  stings do not always work.  Law enforcers claim that no other method
  can take the place of wiretaps [Kallstrom].
  
  Each court order must provide evidence for the need to wiretap by
  demonstrating that normal investigative procedures have been tried and
  have failed or reasonably appear unlikely to succeed or would be too
  dangerous [USC 18, DDKM].  This does not mean that the other methods
  are not used in those cases, as indeed they are, but only that they are
  inadequate to successfully investigate and prosecute the cases.
  Wiretaps not only provide information that cannot be obtained by other
  means, but yield evidence that is considerably more reliable and
  probative than that obtained by most other methods of investigation.  A
  wiretap is also less dangerous than sending in a civilian informant or
  undercover agent who is wired since the risk of discovery puts that
  person's life in jeopardy.  Finally, a wiretap may be less invasive of
  privacy than placing a bug in a subject's home or using an undercover
  agent to establish an intimate relationship with the subject.
  
  Although the number of arrests from wiretaps is relatively small
  compared to the total of all arrests, those criminals that are arrested
  and convicted with the aid of wiretaps are often the leaders of major
  organized crime, drug trafficking, and terrorist groups.  In reviewing
  a proposal for a wiretap, law enforcement agencies determine whether
  the subjects of the proposed interception are worthy targets of
  investigation and whether the interception is worth doing.
  
  The law enforcement community views electronic surveillance as
  essential to effective law enforcement, and law enforcement as
  essential not only to public safety and our economic well-being, but to
  a free society.  In his remarks at the Computer Ethics Conference, Alan
  McDonald of the FBI summed it up:  "We have been fortunate as a society
  to enjoy unparalleled freedom.  It has resulted because we live under a
  compact of ordered liberty.  One need only consider the number of
  countries where law enforcement is ineffective and where the violence
  and corruption of organized crime reign to see true diminishments of
  freedom, liberty, and personal privacy" [McDonald].
  
  2.  The Threat of Encryption to Lawful Surveillance
  
  Encryption has been available to criminals for a long time.  Until
  recently, however, voice encryptors were extremely bulky and the
  quality of the voice low, so criminals who tried encryption would
  typically cease using it [Kallstrom].  But recent advances in
  encryption technology are leading to products such as the AT&T 3600
  Telephone Security Device that are small, portable, easy-to-use,
  affordable, and have high quality audio.  Law enforcers expect that
  criminals will flock to such devices, not only to hide their
  communications from the government, but to safeguard them from their
  competitors [Kallstrom, Meeks].  The effect could be that criminals are
  able to make their communications immune from government search and
  seizure even under probable cause of criminal activity.
  
  The proliferation of such encryption products ultimately could be
  harmful to society if government officials do not have the means to
  decrypt lawfully intercepted communications, at least in most cases.
  On behalf of the National District Attorney's Association, President
  Robert Macy writes: "In an increasingly dangerous world, law
  enforcement cannot afford to be blindfolded by advanced technologies
  including encryption devices" [Macy].  Roy Kime, Legislative Counsel
  for the International Association of Chiefs of Police, makes the
  analogy that people in law enforcement are being "outgunned" by the
  criminals with respect to advances in technology [Kime].  In testimony
  before Congress, Donald Delaney, Senior Investigator with the New York
  State Police, said he believed that if we adopted an encryption
  standard that did not permit lawful intercepts, we would have havoc in
  the United States [Delaney].  Although there are no "dead bodies" as
  yet, Kallstrom believes there will be a "horror show" if the encryption
  that proliferates in the market does not factor in an equity for law
  enforcement [Kallstrom].
  
  Criminals can use encryption to conceal stored information as well as
  communications.  In a child pornography case on the West coast,
  encrypted data files have slowed down the investigation of a large
  international ring dealing with child pornography and the possible
  smuggling of children [Kallstrom].  However, although law enforcement
  is concerned about the use of encryption to conceal computer files,
  their primary concern is with communications, particularly telephone
  conversations.  This is because intercepts play a much more important
  role in investigations than documents.  Real-time intercepts pick up
  the criminal dialogue, the plotting and planning that glues crimes
  together.  By revealing conversations about possible future activities,
  wiretaps also may be used to prevent crimes from occurring. Thus, while
  being able to decrypt files is valuable, 99% of the issue today is
  telephone conversations [Kallstrom].  In addition, while communications
  over high speed computer networks are expected to become an issue, the
  primary concern today is with voice, fax, and data over the public
  switched network (telephone system).
  
  3.  Digital Telephony
  
  Encryption is not law enforcement's only concern about wiretaps.  They
  are also concerned about changes in telecommunications technologies.
  Many of the new digital-based technologies and services such as ISDN,
  fiber optic transmissions, and the increasing number of mobile
  telecommunication networks and architectures cannot be tapped using the
  traditional methods used to intercept analogue voice communications
  carried over copper wire.  In addition, increases in transmission speed
  have made interceptions more difficult.  Although it is technically
  feasible to intercept the new communications, not all systems have been
  designed or equipped to meet the intercept requirements of law
  enforcement.  According to the FBI, numerous court orders have not been
  sought, executed, or fully carried out because of technological
  problems.  To address these problems, the Department of Justice
  proposed Digital Telephony legislation [DT] that would require service
  providers and operators to meet their statutory assistance requirements
  by maintaining the capability to intercept particular communications.
  So far, the proposal has not been introduced in Congress.
  
  4.  Encryption Policy and the EES
  
  Law enforcement seeks an encryption policy that takes into account the
  equities of public safety, effective law enforcement, and national
  security along with those of privacy, security, and industry success
  [Kallstrom].  They support the use of encryption by law abiding
  citizens and organizations to protect sensitive information, and
  recognize the importance of encryption to safeguarding information
  assets [Settle].  They generally favor strong encryption over weak or
  "dumbed down" encryption [Kallstrom].  To implement lawful
  interceptions of encrypted communications, they need a real-time or
  near real-time decryption capability in order to keep up with the
  traffic and prevent potential acts of violence.  Since there can be
  hundreds of calls a day on a tapped line, any solution that imposes a
  high overhead per call is impractical.
  
  These requirements for strong encryption and near real-time decryption
  led to the Escrowed Encryption Standard [EES] and its related key
  escrow system.  Upon receiving a chip's unique key components from the
  two escrow agents, law enforcers can readily decrypt all conversations
  encrypted with the chip until the wiretap terminates, at which time all
  chip-related keys are destroyed.  The escrow agents need not get
  involved in the decryption of each conversation, which would be overly
  cumbersome.
  
  Law enforcers consider the EES to be the best known approach for
  addressing the dual need for secure communications and court-ordered
  access, at least for the intended initial application, namely voice,
  fax, and data encryption of telephone communications transmitted over
  the public switched network.  The EES will significantly enhance
  communications security by making strong encryption available in a way
  that makes illegal wiretaps virtually impossible, while permitting
  those that are lawfully authorized.  The key escrow mechanisms and
  procedures are being designed to provide a high level of protection for
  keys and to protect against compromises or abuses of keys, thereby
  assuring that no person or entity, including government, can improperly
  access one's EES communications.  Although there is no evidence of
  widespread abuse of wiretaps by law enforcement officials, the EES will
  effectively thwart any potential abuse, thereby providing greater
  protection from illegal government wiretaps than currently exists.
  
  The Presidential Decision Directive [PDD] on escrowed encryption is
  viewed as offering a balanced solution to the encryption problem that
  is consistent with basic tenets found in the Constitution and in the
  Bill of Rights, which does not grant an absolute right to privacy, but
  rather seeks to balance individual privacy with the need to protect
  society as a whole [McDonald].  William A. Bayse, Chief Scientist of
  the FBI, observed: "It is well recognized that Anglo-American law has
  historically balanced the personal privacy of the individual with the
  legitimate needs of Government. ... As can be seen from a review of the
  Fourth Amendment to the U.S. Constitution ..., an individual's privacy
  rights are not absolute, and they give way to more compelling
  Governmental rights when criminality is demonstrated or suspected."
  [Bayse].  Similarly, Alan McDonald noted "... the dictum of the Bill of
  Rights, and the Fourth Amendment in particular, is a balance between
  individual liberty and privacy and the legitimate need of Government to
  protect society as a whole -- a balance to prevent the tyranny of
  absolutist Government and the tyranny of lawlessness and anarchy. ...
  The electronic surveillance statutes, like the Fourth Amendment, are
  founded on the concept of balancing fundamental individual and
  governmental interests -- personal privacy and the public safety. ...
  Encryption technology creates no legal rights under our Constitution,
  the Fourth Amendment, or under our electronic surveillance statutes"
  [McDonald].
  
  5.  Criminal Use of Non-EES Encryption
  
  Some people have argued that criminals will not use EES, but rather
  will use encryption methods that defeat law enforcement.  While
  acknowledging that some criminals may use other means, law enforcers
  assume most vendors will not manufacture an encryption device unless
  they perceive a large, legal market [Kallstrom].  The hope is that the
  EES, or some other approach that takes into account the law enforcement
  equities, will proliferate in the legitimate encryption market in this
  country and become transparent, thereby cutting down on the
  availability and use of encryption that does not include the law
  enforcement equities [Kallstrom].
  
  There is some evidence that through market forces and government
  purchasing power, the EES may become the de facto national standard for
  telephone encryption.  When AT&T announced its 3600 Telephone Security
  Device in Fall 1992, the device used a DES chip for encryption, and did
  not include a capability for law enforcement access.  Priced at $1200,
  it would have been attractive to criminals, and could have led to the
  promulgation of encryption technology that would have posed a major
  threat to law enforcement.  However, when the government announced the
  key escrow initiative on April 16, 1993, AT&T simultaneously announced
  that the TSD would use instead the new Mykotronx MYK-78 chip, aka
  "Clipper", which uses the EES.  The government ordered several thousand
  of the modified devices.
  
  Since EES products can be exported to most places, there is an
  additional incentive for vendors to incorporate the EES into their
  products rather than, say, the DES, which is subject to stricter export
  controls.  However, there are other factors relating to the nature of
  the technology and to public acceptance that could interfere with
  widespread adoption of EES by vendors.
  
  Criminals need to talk with many people outside their circle in order
  to carry out their activities, for example to rent or purchase needed
  goods and services.  To conduct those conversations, which may be
  incriminating, they will either need to use an encryption method
  identical to that used by the other parties or else forego encryption
  entirely.  Assuming EES dominates in the legitimate market, criminals
  may prefer to use it over communicating in the clear since the EES will
  at least protect them from their competitors.  Criminals are often
  sloppy in protecting their conversations from law enforcement, making
  incriminating statements over the phone while acknowledging their
  phones may be tapped.
  
  Even if criminals do not use the EES, the government's objective of
  making strong encryption available to the public in a way that is not
  harmful to society will be achieved.  Criminals will not be able to
  take advantage of the strong algorithm to thwart law enforcement.
  Since it is extremely difficult to develop high quality, strong
  encryption products, law enforcement may be able to access many non-EES
  encrypted criminal communications.
  
  6.  An International Problem
  
  The impact of encryption on effective law enforcement is an
  international problem, and U.S.  law enforcers have observed other
  countries looking at solutions based on "dumbing down" the encryption
  or on key escrow.  The U.S. government exercised strong leadership by
  recognizing the problem and developing a solution before it became
  serious.  While the U.S.  solution will not necessarily provide an
  international solution, it as a starting point for solving a global
  problem.
  
  References
  
  [Bayse]     Bayse, William A., Written statement presented at Part I of
  	    the Forum on Rights and Responsibilities of Participants in
  	    Networked Communities, panel on Privacy and Proprietary
  	    Interests, Computer Science and Telecommunications Board,
  	    National Research Council, October 1992.
  
  [Delaney]   Delaney, Donald P., statement in "Hearings before the
  	    Subcommittee on Telecommunications and Finance of the
  	    Committee on Energy and Commerce, House of
  	    Representatives," June 9, 1993; Serial No.  103-53, pp.
  	    163-164.
  
  [DDKM]      Delaney, Donald P; Denning, Dorothy E.; Kaye, John; and
  	    McDonald, Alan R., "Wiretap Laws and Procedures: What
  	    Happens When the Government Taps a Line," September 23,
  	    1993; available from Georgetown University, Department of
  	    Computer Science, Washington DC, or by anonymous ftp from
  	    cpsr.org as cpsr/privacy/communications/wiretap/
              denning_wiretap_procedure.txt.
  
  [EES]       "Escrowed Encryption Standard," Federal Information
  	    Processing Standard Publication (FIPS PUB) 185, National
  	    Institute for Standards and Technology, 1994.
  
  [Denning]   Denning, D. E., "To Tap or Not to Tap," Comm. of the ACM,
  	    Vol. 36, No. 3, March 1993, pp. 25-35, 42-44.
  
  [DT]        "Digital Telephony," U.S. Department of Justice, Federal
  	    Bureau of Investigation.
  
  [DT Cases]  "Digital Telephony Case Examples," distributed with
  	    press packet for Presidential Decision Directive on "Public
  	    Encryption Management."
  
  [Kallstrom] Kallstrom, James K., Presentation at the Computer System
  	    Security and Privacy Advisory Board Meeting, National
  	    Institute of Standards and Technology, July 29, 1993.
  
  [Kaye]      Kaye, John, Presentation at the Computer System Security
  	    and Privacy Advisory Board Meeting, National Institute of
  	    Standards and Technology, July 29, 1993.
  
  [Kime]      Kime, Roy, Presentation at the Computer System Security and
  	    Privacy Advisory Board Meeting, National Institute of
  	    Standards and Technology, July 29, 1993.
  
  [Macy]      Macy, Robert H., Letter submitted to the Computer System
  	    Security and Privacy Advisory Board on behalf of the
  	    National District Attorneys Association for June 2-4
  	    Meeting, May 27, 1993.
  
  [McDonald]  McDonald, Alan R., Written statement presented at 2nd
  	    National Computer Ethics Conference, April 29, 1993.
  
  [Meeks]     Meeks, Bud, Presentation at the Computer System Security
  	    and Privacy Advisory Board Meeting, National Institute of
  	    Standards and Technology, July 29, 1993.
  
  [PDD]       Presidential Decision Directive on "Public Encryption
  	    Management," and Statement by the Press Secretary, The
  	    White House, April 16, 1993.
  
  [Settle]    Settle, James C., Presentation at INFOEXPO '93, Information
  	    Security and Virus Prevention Conference and Exhibition,
  	    National Computer Security Association, June 11, 1993.
  
  [USC 18]    Title 18 USC, Sections 2510-2521.  (These sections codify
  	    Title III of the Omnibus Crime Control and Safe Streets Act
  	    of 1968, as amended by the Electronic Communications
  	    Privacy Act of 1986.)
------------------------  






Thread