Senator Torricelli (D ñ New Jersey) called the September 11 attacks a ìstunning failureî of intelligence.Ý If U.S. security officials had sufficient information, they could prevent terrorist plots before they were actually carried through.Ý But, how can more intelligence be obtained without also invading the individual right to privacy?Ý One facet of this problem involves monitoring private communications in case of suspicious activity. It is an issue which raises controversy about the ambiguous definitions of what actually constitutes suspicious activity and who should be watched.
The U.S. along with its allies maintains several networks that monitor most electronic forms of communication.Ý The FBIís Carnivore and NSAís Echelon systems1 are capable of monitoring emails, phone calls, Internet traffic and other forms of electronic communication.Ý Echelon, originally intended to monitor the communications of terrorists and enemies, indiscriminately intercepts and analyzes messages in search of suspicious words like ìbombî or ìterrorist.îÝ These messages may be marked for follow-up investigations.Ý The troubling fact is that these systems watch all exchanges on a network, including those who have no bad intentions.Ý All these systems are highly secretive and are thus not open to public scrutiny.Ý While the courts restrain the police before allowing a wiretap on a phone, these systems have no such separate entity and can monitor communication without oversight.Ý In fact, the U.S. government has yet to officially admit Echelonís existence2, however, the European Parliament has investigated and declared its existence.Ý The secrecy and power of these systems allows them to intrude on our privacy.
Osama Bin Laden and other groups wanting privacy can use cryptography to thwart these systems.ÝÝÝ Messages can be encrypted to prevent prying eyes from reading personal information.Ý The basis for cryptography is that one person encrypts a message using a certain piece of information, a key, and that the only way to decrypt a message is by using that same key. In this way, only people with the key will be able to read the message.Ý Of course, itís possible to derive the key but the security of cryptography lies in the difficulty for someone to guess at the key.Ý Over the centuries, many algorithms have developed to encrypt messages and as each algorithm provides more security, cryptoanalyzers develop ingenious methods that render old algorithms useless.Ý One of the simplest encryption algorithms is a called a monoalphabetic substitution cipher.
Letís say we wanted to encrypt the phrase: ìhide my secretî with the key: ìsomething.îÝ Each letter of the original phrase, or plaintext, is mapped onto the corresponding cipher letter to create the ciphertext.Ý The key is mapped to the regular alphabet with the following letters in normal order skipping previously used letters.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
S O M E T H I N G J K L P Q R U V W X Y Z A B C D F
Now itís a simple matter of substituting the letters of the plain alphabet with the cipher alphabet: ìnget pd xtmwtyî.Ý Using the English language and this alphabet, there are 26! possible keys representing all the permutations of the letters.Ý Clearly, it would be very difficult to test all these keys but this encryption is vulnerable to frequency analysis.Ý Certain letters tend to appear more often than others do.Ý For example, the letter ëeí is the most common letter in the English language so its counterpart cipher letter would also appear most commonly.Ý Since ëtí is repeated the most, frequency analysis would lead us to believe it corresponds to ëeí.Ý Tables containing the frequencies of letters in a language are readily available.Ý For a sufficiently long encryption, the letters appear at a regular frequency and it is easy to derive the cipher alphabet rendering this algorithm useless.Ý More complex variations of the substitution cipher are also prone to this fault.
ÝÝÝÝÝÝÝÝÝÝÝ Of course, more advanced cryptography methods have replaced substitution ciphers.Ý One of the chief difficulties facing cryptographers is key distribution.Ý Before two people can securely communicate, they must each have the appropriate keys.Ý Suppose you want to send a secure email to all your friends. You could use one key for all your friends, but youíd have to somehow make sure that the key was not intercepted over the network.Ý Also, each of your friends would be able to read email sent out to all your other friends.Ý A solution could be to give each of your friends a unique key, but this makes the key distribution even more burdensome.Ý The keys must be transported from one person to the other without being intercepted en route.Ý You could encrypt the key, but that would require having another key to encrypt the first key.Ý The most important achievement of modern cryptography is overcoming this puzzle. RSA Encrpytion
One extremely popular (and efficient!) algorithm is the RSA encryption algorithm, named after RL Rivest, A Shamir and LM Adelman. RSA and its derivatives are several algorithms that allow secure key distribution and communication. In RSA encryption, a public and a private key are chosen.Ý The public key encrypts while the private key decrypts messages.Ý If two people, John and Mary, wanted to securely communicate John would use Maryís public key, which is publicized and widely available, to send a message.Ý
ÝÝÝÝÝÝÝÝÝÝÝ If that message were intercepted by anyone other than Mary, it would be meaningless since only Maryís private key can decrypt the message.Ý To create the public key Mary chooses two very large prime numbers and multiplies them together.Ý This new number then becomes part of the public key, but for someone to decrypt the message, the two prime numbers must be known.Ý Mary keeps the original prime numbers secret as the private key.Ý
ÝÝÝÝÝÝÝÝÝÝÝ Even though the key is actually available since the public key has only two prime factors, the security in RSA arises from the fact that it is hard to factor very large numbers into their primes, for decryption, and very easy to multiply two numbers, for encryption.Ý The prime numbers may be hundreds of digits in length and are limited only by how much security one wants.3
ÝÝÝÝÝÝÝÝÝÝÝ RSAís main flaw is that it is computationally intense to encrypt and decrypt messages.Ý The average user wanting to avoid this problem and to have secure communication can use Pretty-Good-Privacy (PGP).Ý This algorithm uses a mix of RSA encryption to transfer the key from one user to another and then encrypts messages using a less computational intensive algorithm called IDEA.Ý PGP solves the key distribution problem and is easy without needing a high-end computer.Ý Perhaps the most compelling reason to use PGP is not that it will protect against a malicious hacker or Carnivore but that it is free (available at www.pgpi.com).
Steganography is a more subtle form of hiding meaning than cryptography, which conceals robustly encrypted text.Ý Instead of encrypting messages, a ìsecretî in the previous sentence was hidden in the first letter of each word. Perhaps, youíll be able to find it. A more ingenious stenographer could hide messages in an image or mp3 file.Ý
ÝÝÝÝÝÝÝÝÝÝÝ Computers represent images in sets of bits.Ý A single pixel could be represented by as many as 36 bits. For example, a message could be encoded by modifying the last two bits of each pixel in an image.Ý This modification is so slight that it is nearly impossible to detect.
Ý Figure 1 and 2 have barely noticeable differences, but in the graininess of Sage Hallís roof, the image of the flowers is hidden.Ý Unless there is a reason to suspect that steganography is present, these differences would go unnoticed.Ý
Suppose we wanted to encrypt this image
Figure 1: The original image
Figure 2: The image with the encrypted picture. Can you tell the difference?ÝÝÝÝÝÝÝÝÝÝÝ The government warned against showing Bin Ladenís videotaped responses to the bombings for fear of hidden messages in the tapes.ÝÝ As these pictures show, it is not difficult to accomplish as the methods are fairly straightforward and various free programs are available to perform steganography.
Cornell has an active community for information security.Ý The Information Assurance Institute (IAI) develops systems to increase network reliability and security.Ý A secure network allows privacy by allowing those with authority to send and receive messages.Ý The Cornell On-Line Certification Authority (COCA), a project of the IAI aims to improve the security of a network by authenticating the source of communication.Ý COCA validates certificates so that when a shopper is sending credit card information to an online store, itís not actually being sent to a server imitating the original.Ý Dr. Fred Schneider directs the IAI4 and also teaches CS5135.Ý For those interested in computer security, this graduate level course covers system security and cryptography.Ý
ÝÝÝÝÝÝÝÝÝÝÝ ÝThe recently enacted anti-terrorism laws enhance government agenciesí authorization to gather information.Ý The passage most infuriating civil liberties groups is one allowing interception of communication if the interceptor ìhas reasonable grounds to believe that the contents of the computer trespasserís communications will be relevant to the investigation.î (Sec 216, USA Patriot Act of 2001)ÝÝ This definition leaves the interpretation of what ìreasonableî and what ìrelevantî is on the actual agent doing interception effectively leaving out the judicial branch.Ý Thus, the judicial branch has no ability to check the power of the executive branch in an area affecting anyone who uses the Internet to communicate with friends or coworkers.Ý
ÝÝÝÝÝÝÝÝÝÝÝ In the aftermath of the attacks, the government has drastically increased its monitoring activities.Ý This power may prevent further terrorist attacks but undue power has a tendency to be misused.Ý The European Parliament expressed concerns that the Echelon system performs industrial espionage in addition to searching for terrorists.Ý Cryptography offers a certain degree of protection against interception for private citizens, corporations, but also for terrorists.Ý The problem lies in finding the delicate balance between public safety and privacy.