ENCRYPTION Encryption
ENCRYPTION
WHAT DOES IT MEAN IN TODAY’S COMPUTING?
First we must start with a full understanding of what the word encryption means. As you
will find when looking the word up in the dictionary – it's not there. This is the first step to knowing your on the trail of an illusive prey. What we should actually be looking for is the definition of the word cryptogram: a communication in cipher or code. The problem is we are really talking about a code within a code. Let me explain, the code which your computer runs-on, or its language, is one code, while the encryption we wish to use within the code is another. Confused yet ? Well, it gets even better.
Cryptography -- the coding and decoding of secret messages dates back to the Egyptians and their use of cuneiform. The true encryption of written language is an enigma – it can not be achieved . The reason for this lies in the basis for all written languages --- trying to make someone understand what you are attempting to convey, does not make for very good encryption . The only true encryption – " that is an unbreakable code " --
was achieved during W.W. II by the Navaho, and Cherokee code talkers of the U.S. Marines Corps.
There are, however, levels of encryption , which can be achieved and that we should be made aware of.
We should consider these questions:
What do I need to know about Encryption?
Every day, private communication, business transactions, and sensitive medical and financial information traverse global information networks – flowing freely through computer databases, across the Internet and telephone lines, and between cellular phones,
fax machines, and pagers.
Even if you don’t use a computer or the Internet everyday, information about you is moving through the global Net: your bank records, insurance and medical information, your credit card transactions, and much more.
While the ability to move information quickly and easily around the world is critical to the future of our economy, it also raises important privacy and security concerns.
Who should be holding the keys to Encryption?
The United States Government, in the early seventies, accepted an encryption algorithm designed by IBM as the national standard for encrypting data. This standard is known as DES. DES uses the same fifty-six bit key to encode and decode messages. The original version of DES used over one hundred bits.
There is much controversy surrounding DES. Many experts claim that the reason the algorithm is kept secret is because there is a glitch in it that was purposely put there to make it easier for the NSA to decrypt transmissions. Another claim is that the bit length of the keys used in DES was reduced so it wouldn’t be very hard for the NSA to crack thus making it "exportable," (Metaphor is the key 736).
Most encryption algorithms use a key of fixed length to encode data. Many algorithms
use keys as long as 128 bits or longer. The longer the key is the harder it is to decode the information.
Current United States Government policy puts no regulations on the use of the strongest types of encryption within the U.S. However, there are policies severely restricting the export of any algorithm that is more than 56 bits. Because companies in other countries are able to use much stronger encryption globally than the U.S., the U.S. is losing business and jobs in an ever-growing electronic global economy.
The FBI and the U.S. Government have valid reasons to be concerned about the use of strong encryption. They fear that the encryption will be used for criminal purposes that may not only threaten individuals in the United States, but the country as a whole. Rather than view encryption as a tool to protect one’s privacy, the FBI sees it as a way for criminals and terrorists to communicate plans of crime or terrorism without being caught.
FBI Director Louis Freeh is the man leading the parade to government regulated encryption. He claims that "unbreakable encryption will allow drug lords, spies,
terrorists and even violent gangs to communicate about their crimes and their conspiracies with impunity " in a statement he made before the House Permanent
Select Committee on Intelligence. Freeh and the FBI are afraid of foreign terrorism.
"Law enforcement is in unanimous agreement that the widespread us of robust unbreakable encryption ultimately will devastate our ability to fight crime and prevent terrorism" Freeh states in the aforementioned address.
The FBI makes very strong arguments for the regulation of encryption. They make statements such as "The FBI cannot and should not tolerate individuals or groups...
which would kill innocent Americans, which would kill ‘America’s Kids.’" They play on the heartstrings of the people to push their legislation through. They say that unrestricted encryption will lead to the rise in crimes against American people, including children, (EPIC Cyber Wire dispatch/Brock N. Meeks).
A far greater argument may be made against restricted encryption than for it.
The Government wants to be able to have every encryption key stored with third party
agencies, available to the FBI or other Government agencies by court order.
This policy is very similar to the current wiretap policy, allowing the FBI to listen in on our phone conversations. The trouble with the encryption policy is the severe violation of our fourth amendment rights. The fourth amendment clearly states that "The right of the people to be secure in their persons, papers and effects, against unreasonable searches and seizures, shall not be violated... ." Other countries don’t have restrictions on their encryption algorithms, so why should we?
Many people believe that the government’s attempts to get access to all encryption keys is just another method to keep tabs on the American public. The FBI likes to know what is going on in the private lives of Americans (and everyone else for that matter) . They want to make us believe that this is "for the good of National Security." The Government
likes to keep secrets from the people of the United States, but they don’t think we should be able to keep anything a secret from them.
The FBI states that if their policies were to be implemented, they would only be able to get the keys with a court order, much like a wiretap. However, the FBI has a unique way of being able to pull strings when necessary and to acquire what they need ,when they need it. Essentially , the greatest fear in giving the keys to our encryption algorithms, is that the Government will abuse the use of these keys and read messages and memos that they have no business reading. Also, who is going to monitor the people at these third-party corporations and make sure they don’t use the keys to invade our privacy? Furthermore, what about those chosen few individuals in this great nation who hold the
purse strings to vast wealth? What’s to stop them from using that wealth to attain any encryption keys that desire?
One bill currently in congress is the Security and Freedom Through Encryption (SAFE) bill. This bill would allow the exportation of strong encryption algorithms without having to indulge the key to anyone. An amendment made to the bill by the House Commerce Committee makes it a crime for anyone that
is required by an order of any court to provide to the court
or any other party any information in such person’s possession
which has been encrypted and who, having possession of the
key or such other capability to decrypt such information into
the readable or comprehensible format of such information
prior to its encryption, fails to provide such information in the
accordance with the order in such readable or comprehensible form, (EPIC 6.10)
This amendment has raised some questions regarding the constitutional right to privacy, but is not nearly as infringing on this right as the FBI’s desire to have access to all encryption keys. The SAFE bill is highly endorsed by electronic privacy agencies and private individuals because it allows for the encryption keys and algorithms to be kept private.
The Clipper Chip, or Clipper for short, was developed in 1993 by the National Security Agency. Clipper uses an encryption technology known as Skipjack, which uses eighty bit keys, versus the fifty-six bits used by DES. The Clipper can be inserted into phones and used to scramble voice messages. Capstone, brother to Clipper, would be used to encrypt data.
Clipper uses a procedure known as "key-escrow." Each Clipper Chip has a unique key, a part or each which is kept in escrow with two different U.S. Government agencies (hence the "key-escrow procedure.") This key would be used to decrypt the Law Enforcement Access Field (LEAF). The LEAF is sent over the line before anything is encrypted and contains the key to decrypt that particular session. The FBI, NSA, and other Government organizations would like the American public to accept and use this method of encryption voluntarily.
There are many critics for the use of the Clipper chip. One fear of critics is that the keys will fall into the wrong hands. They claim that the people in charge of storing the keys could be bribed to release the keys to unauthorized individuals. According to the developers of Clipper, the keys are kept on floppy disks in double-locked safes and transported in tamper resistant packaging. Also, two people must be present in order to decode anything, as the two parts of the key are held by two separate agencies. This would make it extremely difficult for the keys to be released without authorization.
Opponents of Clipper also fear that the Government has coded a "back door" into Clipper, as is suspected with DES. They fear that the government will abuse Clipper and use it as a way to spy on unsuspecting Americans. This fear is well founded given that in the not too distant past:
persons who should be rounded up in the event of a "national emergency."
being wiretapped and watched in the 1970s, even if there was no solid
evidence of any involvement with the groups.
one in four hundred Americans.
letters to and from American citizens, and proceeded to generate a database
containing this information. Both the FBI and the NSA have exercised
similar practices.
information, but doesn’t use it for classified information, (Swiss.ai.mit.edu/6095).
These facts are more than ample evidence that the U.S. Government likes to keep tabs on its unsuspecting citizens, even if there is no true probable cause. If the Government had access to all of our encrypted messages and phone calls, this task would be even easier.
Currently, the Clipper Chip has been adopted as the new standard for secure, but not classified, transmissions with the U.S. Government, and is offered to the public as a stronger exportable method of encryption than previously allowed. Although the Government claims that Clipper will not be made mandatory, if it is not widely accepted, we may be required to use these chips for all electronic transmissions in the future.
There is a hotly contested debate being played out between the private sector and the U.S. Government. Keep yourselves apprised of these situations and exercise your right to vote and make a difference in the future of our privacy and security.
You can use encryption to protect your privacy now by utilizing PGP or Pretty Good Privacy as it is commonly known when communicating via E-mail. This device uses up to 1024 bits. Another device which you might find useful is a product developed by a company known as Zero – Knowledge. You can reach them at
Home | Hacking | Admin hacking | Sources of Information | Created by: