Hashing - Computer Science

Download Report

Transcript Hashing - Computer Science 

Government and
Cryptography
Sandy Kutin
CSPP 532
8/14/01
We, the people, ...
How, and why, does government get
involved in cryptography?
Role of government:
Establish justice
Ensure domestic tranquility
Provide for the common defense
Promote the general welfare
Secure the blessings of liberty to ourselves
and our posterity
in order to form...
Provide for the common defense
National Security: Import/export restrictions
Ensure domestic tranquility
Law enforcement: Key escrow
Secure the blessings of liberty
Encryption does this through confidentiality
Government restrictions can be restrictive
a more perfect union
Establish justice
Contract law: what is a signature?
Digital copyright laws, patent law
Balance rights of software/hardware companies,
content providers with rights of consumers
Standard or approved algorithms
Legal standards
Also affects national security: infrastructure
Promote the general welfare
Dan Bernstein vs.
the Department of Justice
In 1990, Dan Bernstein wrote a paper
Showed how to use one-way hashes for
encryption; included source code
1992: tried to get permission to publish
1995: with EFF, sued the government
Case is still being appealed
May be made irrelevant by changes to the
export laws
Current Export Laws
January, 2000: U.S. eased restrictions:
Can’t export cryptanalytic materials
Strong products exportable with a license
Exports not allowed to Cuba, Iran, Iraq, Libya,
North Korea, Syria, Sudan
Posting on web sites could still be a problem
Europe is less restrictive
Wassenaar agreement:
DES decontrolled, stronger systems controlled
Pros & Cons
Harder for terrorists to Approval process
get sensitive material
complicated
NSA keeps its edge
“Bad guys will have
crypto anyway”
Now, U.S. companies
can compete
Infringes on free
speech, academics
Key Escrow
Technical issues: secret-sharing schemes
Clipper (voice), Capstone (data)
Algorithm is Skipjack, designed by NSA
Each chip has a unit key, KU, held in escrow
Law Enforcement Access Field (LEAF):
session key encrypted with KU
U encrypted with KF (fixed key)
16-bit checksum; invalid LEAFs disallowed
Proposal never really caught on
American Standards
Government standards: AES, SHA, HMAC
Helps large companies choose secure
systems, defend national infrastructure
Bank doesn’t care whether NSA can break in
If you don’t trust government, don’t use them
What key length corresponds to “beyond
reasonable doubt”?
Expert witnesses, or government standards?
What’s your sign?
What is a signature?
Electronic Signatures in Global and
National Commerce Act (E-Sign)
Contract can’t be rejected because it’s digital
Doesn’t apply to checks, wills, court filings,
…
Problem: as we’ve said, there are lots of
ways to attack a digital signature scheme
Courts will work this out, eventually
Divorce in Dubai
Divorce in traditional Islamic law:
Husband makes declaration to wife
Let’s avoid religious argument; assume we live
in a country in which this is the rule
Dubai (in United Arab Emirates):
16 recent divorces by cell phone text message
Singapore, last week:
Islamic authorities declared such divorces illegal
Issues of authentication
©: All Rights Reserved?
Can someone copyright encryption?
Can you reverse-engineer your own
hardware or software?
What if encryption, digital watermarks
interfere with fair use?
Digital Millenium Copyright Act (DMCA)
1998: Work which could be used for
copyright violation is an illegal “circumvention
device”
DVD encryption: theory
Decryption key stored on DVD
Not directly accessible by player
But: piracy easy (copy DVD, key included)
2-way authentication with player’s key
Each player uses one of 408 keys
If one player is compromised, phase it out of
future releases
How secure is it?
What if I want a Linux player?
DVD encryption: practice
40-bit keys
One player was weak, key was broken
Weakness just made attack even faster
Scheme published; 216 attack found
Can break encryption in 20 seconds
MPAA prosecuting people who write,
distribute tools to break encryption
Last week: Pavlovich (lost jurisdiction
battle)
Felten vs. SDMI
1999: Secure Digital Music Initiative
Record companies, RIAA, some techs
Verance Corp. developed watermarking
9/00: SDMI announces hack challenge
11/00: Fentel et al. (Princeton, Rice)
Broke the encryption; decided to publish
Accepted for April conference, then pulled
Slated for tomorrow at USENIX
eBooks
eBooks: convenient, easy to use, but
easy to copy; publishers nervous
Adobe provides a solution: locking
Pro: can’t make illegal copies
Con: fair use: extra copies, excerpts, resale
You can resell or upgrade computers, but
you have to contact the publisher
What if the publisher no longer exists?
Adobe vs. Sklyarov
Elcomsoft (Russian) broke encryption
Legal in Russia; right to make backup
PhD student Dmitry Sklyarov wrote code
Elcomsoft sold 7 copies in US
7/17: FBI arrested Sklyarov in Las Vegas
Adobe has since dropped suit, but
Sklyarov still charged with federal crime
Sklyarov released on bail last week
Around the World
European Software Directive (1993)
User has right to make back-up
Reverse-engineering permitted if it is
“indispensable” for the purpose of achieving
interoperability; may not be used to infringe
copyright or conflict with the program owner’s
“legitimate interests”
Canada working on a DMCA-like law
Recommended Reading
Discrete Logarithms, Diffie-Hellman
Stallings, Section 6.4
Elliptic Curves
Stallings, Section 6.5
Import/Export Laws
http://www.rsa.com/rsalabs/faq/
DMCA cases
http://www.eff.org/