1996-10-06 - “Drift net fishing,” GAK, FBI, and NSA

Header Data

From: “Timothy C. May” <tcmay@got.net>
To: cypherpunks@toad.com
Message Hash: 388f05ece3a2ebd901d3776ac6a9b666c675c5ae4ddfdf671f936c4fcd642c5d
Message ID: <v03007802ae7da0d997c2@[207.167.93.63]>
Reply To: N/A
UTC Datetime: 1996-10-06 18:51:22 UTC
Raw Date: Mon, 7 Oct 1996 02:51:22 +0800

Raw message

From: "Timothy C. May" <tcmay@got.net>
Date: Mon, 7 Oct 1996 02:51:22 +0800
To: cypherpunks@toad.com
Subject: "Drift net fishing," GAK, FBI, and NSA
Message-ID: <v03007802ae7da0d997c2@[207.167.93.63]>
MIME-Version: 1.0
Content-Type: text/plain



A couple of posters have talked about "drift net fishing" of
communications, where random stuff is sampled and intelligence items
gleaned. (I think it was Ernest Hua who cited the example in a Tom Clancy
book/movie.)

Perhaps, but let's go back to the discussions at the EPIC "SAFE" conference
in Palo Alto several months ago. Some convincing evidence was presented
that the moving force behind GAK is *not* the NSA, but is rather the *FBI*.

Specifically, even 40-bit keys are probably too long for massive "drift net
fishing," in that the cost per break is probably still too high. The cost
for a "focussed attack" (I can't think of a fishing parallel...maybe "spear
fishing"?) is of course low. The speaker at SAFE pointed out that the FBI
is pushing for the 40-bit keys (and now is accepting the 56-bit keys?)
because for focussed attacks, e.g., on the communications of a person under
observation, they can call on other agencies to break the ciphers for them
(even if they don't yet have their own such machines).

In a nutshell, almost any level of encryption above, say, 30something bits,
is too much when millions of messages per day are to be "drift-netted" is
too much. (The exact number that is "too much" depends on a lot of factors,
including the cost of the cipher-breaking machines, the number of messages
to be read per day, etc. This number will change with time.)

The FBI's interest may be changing, too. Their lead role in the TWA 800
investigation may have them sorely wanting "drift net" capabilities, as all
other leads are exhausted. If we see more of these sorts of terrorist
(maybe) incidents, it may be that more "drift net" capabilities are sought.

A note on _contact analysis_. One thing the FBI probably wants badly are
databases of who has travelled where, and when, for correlation analysis.
Note that the crackdown on "valid IDs" for travel, for airlines, helps in
this regard. I would not be surprised to learn that the airline databases
are routinely fed to the Feds, so to speak. (Possibly via the FAA, acting
as a kind of cutout.) Were I the head of the FBI, this is what I would
want.

The next step will be collecting hotel reservation databases. (Unlike the
case with the FAA and the airlines, I don't know what kind of authority
would grant them access to private hotel databases, but I expect they are
working to find such authority somewhere. Maybe the infinitely malleable
"regulation of commerce" clause, even if hotel stays are canonically _not_
interstate trade!)

(They already got access to the credit card databases, decades ago, of course.)

--Tim May

"The government announcement is disastrous," said Jim Bidzos,.."We warned IBM
that the National Security Agency would try to twist their technology."
[NYT, 1996-10-02]
We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^1,257,787-1 | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









Thread