Esa Eklund
eklund@niksula.hut.fi
Biplane Productions Oy
Palokuja 5 C 19
FIN-04250 Kerava, Finland
Tik-110.501 Seminar on Network Security
Information processing plays a major role in today's society.
People communicate with electronic mail, cellular phones and via
newsgroups. Cryptographic techniques are applied to secure sensitive
data and electronic money is starting to more and more common.
All these everyday tools present risks for individuals personal
privacy and anonymity. This paper describes these risks and possible
solutions.
What is personal privacy? Or are there situations in which one would find being anonymous useful? Given a few moments to think, one could probably give answers to these questions and present examples from anyone's everyday life. However, in today's society, which functions on information processing and flow, these concepts get a whole new meaning.
Webster's NewWorld Dictionary gives the following meanings to privacy: 'Secrecy; or one's private life or personal affairs'. In practice this means that there is information a person is not willing to share with other people or institutions or wants to limit the distribution of that information.
Information itself does very seldom have any real value alone, but it's value becomes imminent when it is used. This applies to bank account numbers, business plans, opinions and knowledge. However, to be able to use information one needs to communicate it with other partners. So when the concept of privacy is translated to the to information age terms, it can be seen to constitute of the ability to store and communicate information in a secure manner.
However, this is only one side in the relation between the information and the owner. Being able to control information is not the same as to control what kind of information is associated with one's persona.
There is always some public information associated to any persona and likewise we forced to constantly communicate information. The issue becomes a question of what kind of information we allow to be associated to our persona and what kind of information do we prefer to publish of our persona.
In these cases the owner of the information often needs a mechanism to prove that the information is really connected to his or her or its persona, or the owner needs to communicate information without revealing the association. There can also be attempts to associate undesired information to the persona without permission and a mechanism is needed for the counterattack.
This paper will describe some of the mechanisms which are available
to control and secure information in the information society.
Today many are constantly surrounded by information age data processing
equipment that they are accustomed to use without hesitation and
doubt. Unfortunately most of these modern tools allow ways of
intrusion we are totally unaware of to our personal information
privacy .
Electronic mail is widely used every day by hundreds of thousands of people. Unfortunately e-mail can be a very insecure way of communication. As an Silicon Valley CEO commented on using e-mail: "Hell no ... Half the nerds in my company can hack e-mail. E-mail is a party line!" (Bacard, 1995a)
Motivations to read and forge private e-mail can be numerous. Someone wants to spy the professional secrets. Management wants to make sure employees are not planning anything. Someone may be trying to play people against you. There can be a blackmailer at work. For as always, information is power.
Electronic mail is notoriously unprivate. When an e-mail message is sent it travels from the originating host computer to the destination and often passes through several relaying hosts. Administrators of any these hosts can easily eavesdrop the mail traffic. If the mail bounces because it can't reach the addressee, a copy of the message is often sent to the postmaster of the originating system who can read the e-mail addresses of the sender and the addressee and the contents of the mail.
In the local area networks such as small offices where groupware products are used the network administrator has all the possibilities to change users passwords, and then read, delete and modify their messages. The administrators may also have access to network- monitoring tools which allow reading of any files sent over the network.
Electronic mail can be less secure than discussing your private
matters via postcards. Automatic techniques are available for
monitoring you e-mail and messages originating from you can be
easily forged.
Usenet newsgroups are known for their wide diversity of subjects and worldwide circulation. Many people follow intently the discussions running wild in these groups, sometimes actively taking part in threads or posting a question or a comment once in a while.
There exists several newsgroups dealing with delicate personal matters such as finding a mate or support for people who are trying to recover from crises like divorce or war trauma. In some newsgroups strong personal convictions are discussed, regarding politics, religion and sexual behavior.
Posting an article to these newsgroups can be compared to calling a talk-radio program thousands of people are listening to and recording on a tape. It is clear that in some cases it is preferable to remain anonymous while posting because revealing one's identity could mean publicly discussing one's private matters or putting the poster's social or academic reputation or even life at risk.
Even if there is no risk, there is no reason why one should as a default always let his identity be known and offer his neighbors, work mates and superiors a possibility to observe what one's opinions and convictions are. On the contrary there are several good reasons why one should remain anonymous while participating in public forums such as newsgroups.
Posting non-anonymously to newsgroups is same as advertising one's electronic mail address and computer account. The header of the article can also contain information about the organization one is working at. There have been cases - though rare - where this information has been used for serious harassment, such as making phone calls to the poster's superiors and attempts of braking the computer account. There has also been lynch mob cases where someone has inaccurately or maliciously been accused of committing questionable deeds. These accusations with the identity of the target of the accusations have been spread in the newsgroups creating angry responses flooding the mailbox of the target of the harassment.
Addresses of participants of newsgroup discussions have been collected for commercial purposes. There have been compilations of addresses of people interested in certain topics and these mailing lists have been for sale for direct marketing purposes.
One should also be careful when using world wide web browsers.
The WWW servers that store the homepages can also create extensive
log of the users who are accessing the web services. It is possible
to record the address of the user connected to the service and
also the previous web address from where the user connected to
the service. Several WWW service providers actively collect this
information to create market surveys of the users or sell it for
direct marketing operators.
Telephones have been wiretapped almost since the ages they have been in existence. Today wiretapping is performed by governments and private citizens both in air-waves and cable - European successors to the throne can give a good testimony on this one. Fortunately the new digital Global Mobile Phone standard is more secure than the old analog cellular telephone system. GSM connections can not be tapped using the old methods, because each handset encrypts the signal using an encryption algorithm called A5.
The problem with A5 was that it was a too good encryption algorithm that it could not be exported for strategic reasons under COCOM agreement. Therefore a new weaker version of A5 encryption technology was developed. This algorithm called A5X is easier to crack. There has been hints that several European police forces and security organizations would be happier if A5X standard was adopted also in the old continent. Recently Racar, British cellular network manufacturer specified A5X standard for a network sold to Australia.
In most countries legal authorities can grant a permission for police forces or national agencies to wiretap telephone conversations for national security reasons or when a crime is suspected. In US Congress enacted a so called 'Digital Telephony' bill. This bill requires telephone firms to make it easy for the FBI to wiretap the nation's communication system automatically. Reports show that the FBI expects to simultaneously monitor 1% of all communications in some regions of the country.
Telephones can be a risk to one's privacy even if they are not
wiretapped. For every call that is made in Finland, the numbers
which are connected during the call are recorded for permanent
storage. If this data is analyzed, it is easy to spot clusters
of people who communicate together. The Germans used a similar
method to find Jewish underground networks during the second world
war.
For years people have used credit cards to pay for their purchases. This has made it possible for the card companies to create extensive models of the user consumer habits. This information has been used to identify stolen cards by detecting abnormal purchase events. Some companies have also sold these user models to companies which want to perform targeted marketing for a well defined audience.
It is expected the credit card companies operating in Europe give the finishing touch to the specifications of electronic card money by the end of 1995. Depending on the implementation of the electronic money it can be possible to trace every purchase that is made. This technique may not be applied to the card money, but it has many useful applications in Internet, where a method for the authentication of the money is needed.
An excellent discussion on electronic money can be found in Saarela
and Aukia (Saarela, 1995; Aukia, 1995).
Fortunately there are strong effective methods available for secure electronic mail. The major step is to use cryptographic applications to encrypt your e-mail messages and or sign them with the same method. There exists several cryptographic techniques of which the most secure ones are based on public-key cryptography.
Public-key cryptographic method was first outlined by W. Diffie and M. Hellman in 1976 and it was later refined for practical purposes by R. Rivest, A. Shamir and L. Adleman. This scheme, known as RSA public-key cryptosystem after the initials of its inventors, is based on the use of a pair of keys, which are the public key and the private key. The public key can be widely known, it could even be published in a same manner as telephone numbers are listed in a directory. On the contrary the private key is not known to anyone else than the holder of the key.
In the RSA scheme a message can be encrypted by either one of the keys and then decrypted by the pair of the encryption key. This means that when someone is sending a private mail, he can look up the public key of the recipient and use that key to encrypt the message. Only the recipient can decipher the message by using his private key. Sender can also use the RSA method to sign the message with his own private key to guarantee the receiver of the sender's identity and that the contents of the message are not altered.
The main importance of the RSA method is that it effectively has eliminated the need to exchange private keys between the parties before a secure communication channel can be opened. Because the method is based on arithmetic algorithms performed on very large numbers, which can be 200 digits long, the system is very secure. To date no-one has demonstrated skill to crack the method.
There are several applications available implementing the RSA method. The RSA algorithms are patented and licensed to RSA Data Security, which has sold the product to several businesses such as Apple, Novell and AT&T. Unfortunately because the export of the RSA algorithm is restricted from the US in name of the national security it has had some problems of gaining commercial popularity because software companies are hesitant to create two different versions of their products, one for domestic and one for abroad sales.
However, there are RSA-based applications available worldwide for personal use. The PGP (Pretty Good Privacy) package has become the de facto world standard of these. PGP is a public domain implementation of the RSA algorithm originally created by Philip Zimmermann. It is available for PC-, Macintosh- and Unix-based platforms free of charge. PGP can be used to encrypt both data and mail files. PGP offers private citizens the same levels of security that governments and national agencies are used to.
RSA Data Security has recently released a software development library RSAREF and Privacy Enhanced Mail (PEM) application RIPEM/SIG which uses the RSAREF cryptographic toolkit. RSAREF can be used to create application in C programming language which support the RSA public-key cryptography. Unfortunately because of the export limitations RSAREF library is limited to be used only in US and Canada.
On the other hand RIPEM/SIG has received a "commodities jurisdiction" ruling from the US Commerce Department which allows it to be exported abroad. RIPEM/SIG can be freely distributed. It is applicable for creating digital signatures for messages. However, it can not be used for encryption.
Privacy Enhanced Mail PEM is an emerging Internet standard for secure electronic mail communications as well as digital signatures. This standard uses both public key technology along with traditional private key encryption technology. In this standard the mail message is first encrypted with DES encryption algorithm in CBC mode. The key used for encryption is a random number, which is further encrypted with RSA algorithm using the recipient's public key. When the message is received, the recipient first decrypts the DES key by using his own private RSA key and then decrypts the actual message with the DES key.
It can be speculated why DES has been chosen as the encryption algorithm. DES is significantly faster - four magnitudes - to use than RSA. Unfortunately it is a weaker algorithm than RSA and leaves a backdoor for anyone with required present-day supercomputing power, such as governmental agencies and large corporations, to crack the coded message.
An excellent discussion on secure electronic mail can be found
in Heikkinen's paper Secure E-Mail (Heikkinen, 1995).
Anonymous remailers and servers provide a solution for those who wish to use e-mail or news services without revealing their identities. They can be used for one- or two- way anonymous communication while keeping the identities of the participants secret.
User who wants to use an anonymous server needs first to contact the server to establish an `anonymous ID' that is unique to the person requesting it. The server responds by creating the anonymous ID and linking the user's address to the ID. From now on every message coming from the user's e-mail address is automatically translated to the anonymous ID. User can also set up a password, which will protect the anonymous ID from anyone who is posing to send mail from the users address.
When the user wants to send anonymous mail, he sends the message to the server and supplies the possible password and the address where the mail should be sent in the beginning of the message. The server will strip the sender's address in the from -field of the message header and replace it by the anonymous ID so that the message seems to originate from the anonymous server. If the recipient answers to the anonymized mail by replying to the anonymous address, the server will automatically translate the ID to the real e-mail address and forward the message there.
Anonymous servers can also be used to post articles in the newsgroups. The mechanism is otherwise the same as when sending mail, only the recipient's address is replaced by the name of the newsgroup. There may be differences between anonymous servers how they support posting anonymous messages to newsgroups. Some servers are specialized to send mail to only certain newsgroups or newsgroups in a certain domain. Others may support posting any newsgroups which are not moderated or specifically haven't forbidden anonymized messages.
There are several weaknesses connected to anonymous servers. Several servers have been quite short-lived, because they have been forced to shut down by local administrators or pressure from network or government agencies. More serious concerns center the security of the provided anonymous service and the trust the users place on it.
Some service providers are very strict to not to hand over the identity of the anonymous users under any circumstances while others openly reveal the identities in the case of malpractice's. Because of the nature of the service the server maintains a mapping between real addresses and anonymous IDs. This information can be confiscated by a court order. The traffic to these sites can be monitored to deduce the real identities. In all cases, a high degree of trust is placed in the anonymous server operator by the user.
Another approach to anonymize mail is to use remailers. These are programs that can be set up on a regular user account without the help or knowledge of the system administrator. The remailer process reads the incoming mail, strips the address of the original sender and resends the message.
The problem with remailers is that the services seem to be somewhat unstable. They may be operating without the system administrator's knowledge and therefore remailers come and go. Generally remailers don't support anonymous return addresses either.
There are also less formal ways of achieving anonymous mailing
or posting to newsgroups. Generally these involve connections
to Unix communication ports using SMTP mail or NNTP news protocols
to submit a message directly to a server with arbitrary field
information. Most system administrators view these practices in
a hostile way . The mechanism is quite rarely used and sometimes
it is possible to track down the originating site.
There is presently no totally safe way of using telecommunication
devices such as telephones. Write letters instead.
There exists solutions for electronic money that can be used anonymously.
Chaum describes in his paper (Chaum 1992) a mechanism called blind
signatures. It is based on signing notes by the public-key cryptography
method. These notes can not be traced to the user, nor can they
be used twice. There have been trial runs of this system running
since 1993 in Netherlands and it is operated by DigiCash.
Individual privacy is a complex issue. There are always some authorities who think or want to know certain things about every individual. On the other hand the tools to protect one's privacy can be used to violate another's privacy or used in criminal acts. These reasons have left governments to create legislation concerning cryptography and surveillance. Private citizen often feel that these laws narrow their possibilities to protect their privacy. Unfortunately there are several examples where this is exactly true.
1993 the Clinton Administration announced the Clipper Chip Directive. The initiative introduced the Clipper Chip, a high-speed and high-security encryption device with applications in telephones and other network devices, and the US government is committent to installing it in future select government telephones with potentially much more widespread penetration.
The Clipper Chip is a state-of-the-art microcircuit that has been developed by government engineers to be used in telephones. The chip is said to use an encryption algorithm more powerful than most commercial encryption devices have. The technology incorporates a key escrow system by which government is left with the backdoor to open the encrypted messages. Escrow keys are released from the escrow agencies to "government officials with legal authorization to conduct wiretap".
The motive behind the plan is to "help companies protect proprietary information, protect the privacy of personal phone conversations and prevent unauthorized release of data transmitted electronically" while preserving "the ability of federal, state and local law enforcement agencies to intercept lawfully the phone conversations of criminals".
The Clipper initiative has received lots of criticism. It represents a fundamental switch in the government's role in wiretapping from passive to active. Potentially criminals won't use the technology and will easily evade it, while law-abiding citizens will be inconvenienced and sacrifice rights. Clipper initiative would be effective only if other stronger encryption techniques were not allowed to be used. It has been suspected for some time that US government might have such plans. The EPIC organization has recently discovered declassified government documents which show that this is indeed the case.
Several governments already apply restrictions on cryptographic applications. France has forbidden cryptography for general use. Companies need to request a permission to use it and have to assign a person who is responsible of managing the encryption keys and delivering them to authorities at a request.
It is clear than some international standards are needed to guard individual electronic privacy and anonymity. Anonymous servers and remailers should be officially accepted. There should be stable and secure publicly and privately operated anonymous servers. Official standards, such as PEM, are needed for encryption and anonymity in mail and newsgroup postings. Truly anonymous protocols are needed with source and destination information obscured or absent and hidden routing mechanisms. There should be standards for anonymous e-mail addressing, embedding files, and remailer site chaining.
In general anonymity, cryptography, and related privacy shields should be recognized as legitimate, useful, desirable, and crucial for the general public and their governments. There should be a widespread use and implementation of these technologies into hardware, software and standards.
On national level there should be a shift of use and dependence
to means other than wiretapping and electronic surveillance by
law enforcement agencies. Those laws that oppose privacy should
be given more publicity and be replaced by structures that are
dedicated to strengthen and protect it.
Protecting one's privacy and anonymity are issues that are becoming alarmingly important in our society that heavily relies on information processing and where all sorts of information is readily available when one knows where to look for. There are several organizations and user groups which are dedicated to watch and report privacy issues worldwide.
Electronic Frontier Foundation EFF was established to help civilize the electronic frontier; to make it truly useful and beneficial not just to a technical elite, but to everyone; and to do this in a way which is in keeping with our society's highest traditions of the free and open flow of information and communication.
EFF was started by the multimillionaire Mitchell Kapor, founder of Lotus software, and John Barlow, lyricist for the Grateful Dead rock band. The foundation publishes EFF News (EFFector Online) electronically, send requests to effnews-request@eff.org.
The Computer Professionals for Social Responsibility CPSR have been working to protect and promote electronic civil liberties issues since 1982. It is involved in litigation against the FBI, The NSA, NIST, the Secret Service and other US government agencies to declassify and provide documentation on issues such as the FBI wiretap proposal and NSA's interference in cryptography.
CPSR has created an extensive Internet Privacy library available via FTP, Gopher, WAIS, and e-mail at cpsr.org, currently comprising the largest collection of privacy documents on the Internet.
The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues relating to the National Information Infrastructure, such as the Clipper Chip, the Digital Telephony proposal, medical record privacy, and the sale of consumer data. EPIC is sponsored by the Fund for Constitutional Government and Computer Professionals for Social Responsibility. EPIC publishes the EPIC Alert and EPIC Reports, pursues Freedom of Information Act litigation, and conducts policy research on emerging privacy issues.
There are several newsgroups which frequently deal with privacy and anonymity issues:
ftp://rtfm.mit.edu/pub/usenet/news.answers/net-privacy
ftp://ftp.csua.berkely.edu/pub/cypherpunks
Bacard, A., Frequently Asked Questions about E-Mail Privacy
, 1995a
Bacard, A., Non-Technical PGP FAQ
, 1995b
Chaum, D., Achieving electronic privacy
, Scientific American, August, 1992.
Detweiler, L., IDENTITY, PRIVACY, and ANONYMITY on the INTERNET
, 1993a.
Detweiler, L., ANONYMITY on the INTERNET
, 1993b.
Fahn, P., RSA Laboratories, anonymous ftp://rsa.com/pub/faq.ps.Z
Heikkinen, J., Secure E-Mail
, Seminar on Network Security, November 22-23, Helsinki University
of Technology,1995.
Levy, S., Crypto Rebels
, Wired 1.2, 1993.
Saarela, J., Mechanisms of Electronic Money , Seminar on Network Security, November 22-23, Helsinki University of Technology, 1995.