[Click Here] [Click Here] [Image] | home | subscribe | [Image] jobs | [OPINION] Confidentially yours [INTERVIEW] Everyone's doing it. Banks, shops, governments, even the British Civil Service--they're all trying to put services online. Unfortunately, e-commerce and e-government are nothing without e-trust. How will you know who you're really dealing with when you buy that holiday or fill in that form online? At Cambridge University, Ross Anderson and his team are trying to create the ultimate instruments of online confidence in the shape of software tools that encrypt information so strongly it can be read only by people who hold the right decoding keys. But, as Anderson tells Ehsan Masood, we'll only get the e-world we want if governments regulate encryption wisely You say you are not a typical cyberlibertarian. How do you define this term? And why don't you see yourself as one? Cyberlibertarians tend to see the Internet as leading to the abolition of governments. Their idea is that given the advent of anonymous e-mail, digital cash and so on, the state will no longer be able to support itself by raising revenue through taxation. I don't think this is likely or desirable. Think what England was like when the government didn't really exist: anyone with any wealth or property had to design their house to withstand infantry-strength assault. That's not efficient. National governments and policemen will survive the electronic revolution because of the efficiencies they create. Because your team is a world leader in research into computer security, you've been chosen as one of the finalists to design a new encryption standard for the US. Do you think you'll win? The Data Encryption Standard currently used by the US banks and other organisations is no longer secure enough from attack. The US government invited the crypto community to develop what they're calling the Advanced Encryption Standard. Along with Eli Biham from the Technion in Israel and Lars Knudsen from the University of Bergen in Norway, I've invented a cipher that's been selected for the final. People are sceptical about whether the US government will pick a non-American winner, but I think there's a general perception that our system is the most secure of the finalists. It's not the fastest. But then we designed ours on the assumption that it needs to keep stuff secret for the next hundred years-- despite advances in technology and in the mathematics of cryptography. Politicians and others have expressed alarm at the prospect of criminals using encryption to keep their e-mails secret and evade detection. You say this concern is bogus--why? It's based on a misconception of what law enforcement operations are like. At present, the police have little interest in intercepting and reading the transcripts of phone conversations. It's costly and tedious and rarely justified except in serious, high-budget investigations. Instead, what the police are mostly after is traffic logs--information on who called or e-mailed whom, at what time and for how long. Criminals understand this and try to make their communications as unobtrusive as possible. In Britain, the main threat to police intelligence gathering comes from the prepaid mobile phone, not e-mail encryption, because you can buy one without giving out your name and address. In other words, the users of these devices can't be traced, so they're ideal for running an operation such as drugs dealing. But what about terrorists? The idea that information technology has revolutionised the way terrorists run their operations has been exaggerated. Take the IRA. We know from a recent court case that this organisation still writes down the orders for its active service units on pieces of cigarette paper, which they wrap in cling film so the courier can carry the orders through customs in his mouth. That's how real terrorists keep information to themselves. But isn't the point that the terrorists will soon be abandoning the cling film and using cleverly encrypted e-mails instead? Encryption alone won't help them. If I were to hold a three-hour encrypted conversation with someone in the Medellín drug cartel, it would be a dead giveaway. In routine monitoring, GCHQ (Britain's signals intelligence service) would pick up the fact that there was encrypted traffic and would instantly mark down my phone as being suspect. Quite possibly the police would then send in the burglars to put microphones in all over my house. In circumstances like this, encryption does not increase your security. It immediately and rapidly decreases it. You are mad to use encryption if you are a villain. You're a well-known critic of the suggestion that governments should have access to the keys needed to decode people's encrypted messages and duplicate their electronic signatures. Why are you so opposed to such "third-party" access schemes? It's a flawed idea designed for a world which no longer exists, where the main users of encryption were the military, the intelligence services and the diplomatic corps. Now encryption is widespread and used largely in systems whose security is in the interests of law enforcement, such as cash machines and burglar alarms. The authorities are going to have terrible difficulty in trying to draft any third-party legislation that blesses encryption applications that are good for law enforcement and curses those that aren't. The argument that criminals will use encryption is bogus. The argument that governments need to hold keys to unlock people's encrypted files to solve crime is bogus. The real issues are more complex and much nastier. So what sorts of issue should we be worried about? Here's one example. Britain's Civil Service is adopting an e-mail security protocol called "cloud cover". In this scheme, departmental security officers will get copies of the electronic keys that are used not just to de-crypt messages, but also to create the digital signatures on them. This will enable ministers to plausibly deny any responsibility for information that leaks from their department. They can simply claim that the message was forged--and by the very official whose job it was to stop leaks. But as far as freedom of information goes, this scheme is a disaster. If in a decade's time you are awarded access to an embarrassing government document, the officials of the day could use the keys they hold to substitute a forgery and you'd never be able to know. Even if they gave you a genuine document, you couldn't be sure it hadn't been forged. This is the sort of horrible complexity that third-party key schemes bring into real systems. Something else to worry about is the digital election, in which people vote for political candidates electronically via a polling system made secure by encryption. The British government seems keen on this idea but the potential for fraud is unbelievable. If we get a national election network in Britain, then under current policy GCHQ would be charged with securing it. Would you be comfortable with a system where the outcome of the election was controlled by the spooks? This already happens in Russia. Do we want it here? What about information warfare? Information warfare is not new, and terrorists aren't the only culprits. Governments have been doing it for decades. Look at GCHQ. They listen to people's telephone conversations, hack into their computer systems, jam their radar. This is information warfare. What's the worst possible outcome of a cyber attack? Suppose a Western power were to hack into Iran's national grid. There could be an electricity blackout for, say, three days. Several hundred people might die, such as those on dialysis machines. Retaliation might be expected for the simple reason that Iran is not in a position to try the head of a Western state for deliberately targeting civilians, which is a war crime. Unfortunately, this view is not shared in places like Britain's Ministry of Defence. Those engaged in information warfare tend to view such attacks on other countries as being a zero-cost way of conducting warfare. If information warfare is so easy, doesn't it make countries like Britain or the US more vulnerable to attack? Absolutely--we have more critical information technology and therefore more to lose than countries such as Iran or Serbia. But the phrase "information warfare" is also a marketing exercise by the intelligence community, who've talked it up to justify increased budgets, and redefined it to include threats to infrastructure and even spin-doctoring. This has a certain appeal to the current generation of politicians. Could information warfare ever replace conventional wars? I don't think so. Take the recent NATO action in former Yugoslavia. A team in Serbia attacked the NATO website by overloading it with requests for information. They sent so many requests that the NATO Web server couldn't provide information to anyone else. NATO's response was to bomb the Serbian satellite link and thus reduce the Serbian bandwidth to a level that NATO could cope with. So information warfare is more likely to feed into conventional warfare than replace it. Would you refuse admission to a research student from a country that the British authorities regard as "sensitive"? The Foreign Office would like universities to vet students for high-technology courses from certain countries. The leading research universities and the Committee of Vice-Chancellors and Principals view this as unacceptable. We haven't turned people down because they are backed by a government with which some people might not agree. If there's going to be vetting, it has to be done during the visa process. Intelligence agencies have long tried to prevent encryption technologies from spreading. Why are you so opposed to export controls? The UK government is currently encouraging the European Commission to introduce regulation designed to compel member states to license the export of encryption software because of the perceived threat to security. But encryption software has been available for years on the Net: the stable door is already open. If this became law, it could make it more difficult to sell software to Belgium than to sell electroshock rods to Indonesia. Worse, because the proposed regulation is not limited to encryption but affects everything the Ministry of Defence considers "high-tech" it could prevent researchers from sharing a wide range of other types of softwares, information and training skills. We'd have to keep track of what we taught to whom: we might have to get personal export licences to teach most of our foreign students. It's true that the US government also tried to control the export of technologies and information related to encryption. But American university researchers have freedom of speech rights which UK academics don't have, so the rules are not so intolerable for them. From New Scientist, 6 November 1999 ------------------------------------------- Subscribe to New Scientist © Copyright New Scientist, RBI Limited 1999