Privacy on the Line: The Politics of Wiretapping and Encryption
Author: Whitfield Diffie and Susan Landau
Publisher: Cambridge, MA: MIT Press, 1998
Review Published: September 1998
This timely and important book gives a comprehensive historical overview of technologies and practices of wiretapping and encryption.
Telecommunications are notoriously susceptible to interception and invasions of privacy. Now, as telecommunication replaces face to face communication in virtually all aspects of life, what once was taken for granted - the simple ability to physically move away from others for private conversation - must be defended through technological practice and explicit social philosophy. By presenting a historical overview of the law and practice of wiretapping and encryption, this book provides a framework for the critique of current policy initiatives. Such a framework is essential as the fact of inviolably private communications is replaced by negotiations over the "right to communicate privately."
This book provides not only an accessible description of encryption technologies, it also provides a history of the use of wiretapping and encryption by social institutions, especially law enforcement and national security agencies. From this historical perspective, it questions and evaluates the policy initiatives that these agencies are pursuing in reaction to current trends in telecommunication and cryptography.
On the whole, the authors have succeeded admirably. They give readers unfamiliar with these controversies a thorough and accessible overview; more familiar readers will benefit both from the book's scope and from the new insights and facts brought by the authors, one of whom is a co-inventor of public key cryptography, a seminal innovation in the field.
Cryptographic systems consist generally of a standard encryption/decryption algorithm, shared by all users, and a secret key used in the coding of specific messages. Cryptographic systems are used both to authenticate messages and to ensure their privacy. Cryptography ensures authenticity because a message encoded with a secret key can be assumed to come from someone with access to that key. It ensures privacy because a message encoded with a secret key can only be read by someone with access to that key.
The authors' synthesize the political and technical evolution of cryptographic systems. Until the 1970s, all cryptographic systems were symmetric key systems. That is, the same key was used to encrypt and decrypt messages. Because keys had to be shared among the senders and receivers of messages, the role of key generation and distribution was crucial, and cryptographic systems generally operated under highly centralized authority. In the 1970s, however, a mathematical breakthrough was discovered which obviated the need for centralized key management. This was public key cryptography, a method for generating two keys, each the mathematical inverse of the other, so that anything encrypted with one key could be decrypted only with the other, and vice versa. Users would keep one key secret, while publishing the other. If Alice wants to send a private message to Bob, she would look up his public key, encrypt the message with that key, and send it to Bob, who would decrypt it with his private key. To send a signed message to Bob, Alice would encrypt it with her own private key. When Bob receives it, he looks up Alice's public key and decrypts the message.
Key pairs are generated by each user, public keys are freely distributed, and private keys are stored only on the user's machine. The role of a key management authority reduced to managing the link between public keys and individuals: to ensure that the key listed as belonging to Alice in fact belongs to the Alice you know, and not to some other Alice or to someone impersonating Alice.
In the U.S., the National Security Agency (NSA), a division of the Department of Defense established in 1952, has been the central authority in the development and deployment of all aspects of cryptographic systems. Until the late sixties, cryptographic systems were used almost exclusively in military contexts, and NSA had virtually uncontested control of cryptographic expertise. Then, as banks and other businesses became more dependant on computer networks, and the computerization of public records gave rise to privacy concerns, non-military organizations became interested in cryptography. NSA for the first time became involved in the setting of non-military cryptography standards. When public key cryptography was invented, NSA was adamant in attempting to block its dissemination. Cryptographic systems were classified as munitions, and their international trade was controlled. Federal funding of cryptographic research was channeled through NSA, which insisted on prior review and classification of results. In the most public attempt to assure that government agencies would retain access to civilian communications, the National Institute of Standards and Technology (NIST), with the strong support of NSA, established the Escrowed Encryption Standard (EES) for all encrypted communication with the government. All EES compliant appliances would incorporate, on a tamper-proof chip, a secret encryption algorithm developed by NSA. Moreover, the decryption keys unique to each device would be escrowed with U.S. government agencies. This proved unacceptable to the banking industry, to computer manufacturers interested in an international market, and to civil rights activists. A political tug of war developed between industry, Congress, NSA, and the administration.
Congressional debate continues on various bills regulating the development, sale, and use of cryptographic systems. Not only do these bills together comprise a wide range of policy possibilities, but each is regularly subjected to amendments fundamentally altering its intent. It is not at all clear which direction Congress is heading.
The FBI has long used wiretaps in its investigations, and in the early 90s, NSA recruited them as a political ally. This alignment of national security interests with law enforcement interests resulted in the passage, in 1994, of the Communications Assistance for Law Enforcement Act (CALEA). This act specified that telecommunications configurations deployed after January 1, 1995 had to be configured to meet law enforcement interception requirements. The exact standards, developed by the FBI after the bill's passage, call for the capacity to intercept simultaneously four times as many calls as are now tapped annually.
Diffie and Landau give a fascinating account of these political negotiations, as well as a compelling critique. They note that decryption itself is just one part of the intelligence gathering process, which also includes identifying targets, intercepting their communications, and isolating interesting messages for further analysis. Traffic analysis, the analysis of the patterns rather than the content of communication, is the backbone of this operation. The ability to perform traffic analysis is threatened less by cryptographic systems than by other new technologies such as fiber optics, dynamic message routing, and the transmission of message signaling information apart from the message itself.
Moreover, they argue that national security is about more than military and intelligence operations. It also includes the maintenance of an industrial base capable of supporting essential government activities. They argue that in focusing on military intelligence, it has neglected this other aspect of security.
Diffie and Landau point out that historically, wiretapping is a relatively new police tactic, enormously expensive, of questionable value in either investigations or prosecutions, and has often been viewed by law officers themselves as a "dirty business" (165) and an "outrageous tactic" (170). Moreover, widespread cryptography will not alter the availability of third party records, consensual overhears (in which one party to the conversation records the entire conversation), and electronic bugs.
The authors also offer a laundry list of instances of illegal invasions of privacy by state agencies, from the Census Bureau illegally abetting Japanese internment in World War II to the wholesale bugging and wiretapping of Hoover's FBI. They point out that "attacks on privacy are not an anomaly" (148) and that "in an era when technology makes the government ever more efficient, protection of [privacy] rights becomes ever more important" (149).
However, while the authors' analysis and critique of the arguments put forth by government agencies are detailed and convincing, their analysis of privacy interests is rather mundane. They cite only two interests in privacy. These are that "privacy is at the very soul of being human" (126) and that privacy is essential to political discourse. While these are certainly reasonable claims, they do not get us very far in a world of genome mapping, DNA testing, and expansive data bases. Far more intricate analyses of the relations among privacy, communication, information, identity, and power can be found in Marx (1988), Lyon (1994), and Gandy (1993), among others.
Further, the book suffers from poor structure. So much information is presented that it is unclear what is central and what is peripheral. A more dynamic presentation is required. Chapter summaries would help not only to shape a clearer and more forceful argument, but to rid the book of many redundancies.
On the whole, though, this book is by far the most complete and readable analysis of cryptography in the United States yet available. It is essential reading for anyone concerned with how social struggles over the control of information systems will shape the fabric of our economic, personal, and political lives.
Gandy, Oscar H. The Panoptic Sort : A Political Economy of Personal Information. Boulder, CO: Westview, 1993.
Lyon, David. The Electronic Eye: The Rise of Surveillance Society. Minneapolis, MN: University of Minnesota Press, 1994.
Marx, Gary T. Undercover : Police Surveillance in America. Berkeley: University of California Press, 1988.
David J. Phillips:
David J. Phillips is a Post Doctoral Fellow at the Annenberg School for Communication at the University of Pennsylvania. He is the author of "Cryptography, secrets, and the structuring of trust" in Technology and Privacy: The New Landscape, ed. Phil Agre and Marc Rotenberg (MIT Press 1997). <mailto:firstname.lastname@example.org>
|HOME INTRO REVIEWS COURSES EVENTS LINKS ABOUT|
|©1996-2007 RCCS ONLINE SINCE: 1996 SITE LAST UPDATED: 12.10.2009|