A beginner's guide to keys and crypto

Chris Hanretty writes a book, goes back to school and makes sure he doesn't forget his keys.

Contents

Those of you who can remember when the Web was still a twinkle in Tim Berners-Lee's eye may be more au fait with this hotly-contested subject than most of us relative newbies. Although cryptography has been in use since Man had alphabets to play around with, the 'net veterans have staunchly supported use of crypto on the net: which leads to interesting confrontations when government steps in...

1 Encryption and all that jazz

We all need a little bit of privacy now and then. I myself suffice with locking myself in my room, turning the music on, and knocking up some HTML. This approach may not work for your credit card details though.

So, encryption is needed. For a very basic example of encryption, cast your minds back to your school days. For some this might take a bit more effort than others. We'll wait.

Remembered? Good.

Do you remember passing notes? If you were a particular trusting person, you wrote them in English. If you're like my friend Marie¹, you write them in extremely cryptic codes. The most basic of course, is just shifting the letters along a bit, so that

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

becomes

J K L M N O P Q R S T U V W X Y Z A B C D E F G H I

This approach is one of the easiest to crack though. Frequency checks, common three letter words, number of vowels or consonants, etc. all play a part. The upside is that it's relatively easy to encode. No one wants to spend hours writing a little note.

But if you were a really quick thinker (and a quick writer), you could use more complex encryption routines in less time. And, in effect, that's what your computer can do for you.

Returning to the school analogy, you can't pass your note along to your friends unless they know how to decode it, so you had to tell your friends the code. Which was okay, since your friends could recognize you by sight, and it's very rare for kids to use sophisticated eavesdropping technology to try and crack codes.

Leaving the school analogy (I can't promise I won't return to it!), in cyberspace, you may not even know what your friend looks likes IRL. You may not be able to jet across to the other side of the world just to give them your key to decode your messages. You may not trust the postal system, if it's that important. So how do you get your key to them?

So, an ingenious solution was chanced upon by Whitfield Diffie and Martin Hellman. Instead of having one key which could not be revealed to third parties, why not have two? At first, this seems to only complicate matters: now one has to keep two keys secret.

Yet, this is the beauty of Diffie-Hellman: one key is public. This public key is used to encrypt the message. You'll probably have seen links to PGP keys (PGP is discussed below) on people's web sites. Usually, people wish to publicize their public keys as widely as possible.

The second key is kept private though. It is imperative that the secret key cannot be derived or worked out from the public key. In order to decode a message encoded with the public key, its corresponding private key must be used.

Example:

Say you want to send details of your latest international espionage "incident" to Martin. Martin will have given you his public key: it's no secret. You encode the message with Martin's public key, and this way, only Martin can decode the message, because it's encrypted with his other key.

2. RSA

One of the most succesful encryption algorithms of this kind is RSA, named after Mr Rivest, Mr Shamir and Mr Adleman, all clever guys at MIT who invented it.

An RSA key pair is created by multiplying two randomly chosen and very large (100+ digit) prime numbers to arrive at their product (the modulus) and working from there. The two prime numbers are used with the modulus to create the private and public keys. The key to RSA's strength is that it is far easier to multiply two numbers than it is to factor them. For example, it is easy enough to multiply 11 x 27 to arrive at 297. It would take far longer to work out that 297 is the product of those two numbers (and only those two numbers, since they are both prime numbers). RSA Laboratories currently estimate that a 512-bit RSA key could possibly be broken by a large company in a reasonable time, and a 1024-bit key might be broken by government-sized resources in a few months, but a 2048-bit key is well beyond current computer technology.

The above is taken from a JILT report²

At this point, everything seems to have been wrapped up neatly: I've got your public key, you've got your secret key with which to decode my messages meant for you, and it's all fairly secure. Yet there's one bugbear that still remains. How do I know I have your public key and not one planted by a lurker?

This is where Trusted Third Parties come in. How do I know the email sent to me, with attachment, saying `Here is my public key' is really from the sender I think it's from?

A TTP is basically as it says: the exact role of such a TTP is being threshed out by civil libertarians and authorities.

American export controls

Another thorny topic is that of American export controls on encryption software. It seems quite perverse that the country which leads the Information Revolution by far is doing so much to hinder the technology industry. You can blame Janet Reno for that.

Anyway, last count was that it was illegal to export any software that deals with keys above 40-bit, because they are classified, as, wait for it, munitions under the International Traffic in Arms Regulations (ITAR) and the Arms Control Export Act (ACEA)

3. Anarchy Forever!

Are Net users anarchic? Perhaps it is the essentially unregulatable nature of the internet, in which there is no central power base, and would require a vast amount of resources to control.

Historically though, the message given to governments when legislating on technology matters is "hands off" - you need only spectate on the Microsoft - DOJ débacle to see how firmly MS wishes to repeat that message!

So government seems to face an uphill battle in any attempt to enforce any kind of crypto legislation. But why would they wish to?

Conspiracy theorists among you will already have spotted this one: the goverment wishes to spy on us. Due to the immense threat the intelligent computer literate people on the web are, the US government has a feed into every Usenet post, every mail message sent, every file downloaded, and so on.

I like this idea. It lends everyone on the net a certain amount of importance if the US Govt. reads everything. However, it's fanciful to say the least.

The most oft-given reason is that powerful user-friendly accessible cryptography software presents a problem to law enforcement agencies: their power to wiretap has been severely curtailed. Under ths scenario, it is entirely plausible that organised crime may be able to communicate details that organised crime needs (I don't know!) under the digital eyes of a law enforcement agency, and that agency being powerless to do anything about it.

Indeed, the FBI maintains, and I quote:

The other reason is that governments like money. No, really, they do. And they don't want you hiding taxable transactions by using encryption. With Internet commerce due to explode "any day now" government is not willing to give up revenue. Hey, I wouldn't!

So, with the aim of allowing easy government access to encrypted files, governmental encryption policy has in the USA and now the UK, included what is known as key recovery or key escrow.

4. Key Recovery/Escrow

Key escrow / Key Recovery has been given a bad name over the net because, to cut to the chase, it allows governments a backdoor into your encrypted information. The USA was first in on the act, with the Clipper chip.

4.1 The Clipper Chip And American Legislation

Basically, the Clipper chip is (or was) a hardware encryption dongle. This chip would be fitted into every modem, fax, telephone or other item of communication equipment manufactured in the good ol' US of A. Apart from the obvious expense of hardware encryption, there's the small proviso that the US Government can access any Clipper encrypted material using their own back door key.

Obviously, this didn't go down well with, well, basically everyone. The original Clipper idea was just about scrapped, but amended legislation (in Dec95 and May96) encompasses all that is bad about key escrow, or key recovery as it has now been labelled in the amended legislation.

The amended legislation would allow the development and export of encryption systems (albeit with low key length) as long as the manufacturers allow the US Govt. back door access. Any system which doesn't allow this back door access would become illegal.

More recently however, the present administration has moved to tackle domestic use, where governmental "key management infrastructure" or KMI would be put in place. This would necessitate that purchases made over the internet were made by those in the KMI, and those people would have their keys in the government KMI, again another back door to accessing keys.

4.2 Recent DTI Proposals

A recent DTI consultation paper; "Licensing of Trusted Third Parties for the Provision of Encrytpion Services", takes a slightly different tack. If these proposals were implemented, use of TTPs would not be compulsary, but licensing of TTPs would be. In effect, any organization which wishes to be a licensed TTP must comply with the government, and this entails handing over keys when the Government asks for them. Moreover, this can be done without knowledge of the user.

As shown above, TTPs are rather necessary in electronic commerce. Naturally, people will wish to use licensed TTPs, and therefore, their keys in escrow are accessible by the authorities.

4.3 Within the EC

The Organisation for Economic Co-Operation and Development (OECD)'s guidelines on Control of Encryption have been watered down a bit from earlier drafts. Here are the most significant principles:

Principle 2: Users have a right to choose any crytographic method, subject to applicable law

Principle 5: The fundamental rights of individuals to privacy, including secrecy of communications and protection of personal data, should be respected in national cryptography policies and in the implementation and use of cryptographics methods.

There is also a qualifier to Principle 2 saying that the phrase "subject to applicable law does not means countries should change their laws to outlaw specific methods of encryption!

Conclusion:

With the software industry still in relative infancy, at least to the politicians, many of whom are older than the silicon chip, government seems to have muddled in with strong arm² politics. I hope those of you who didn't know before are a bit clearer about the issues, and I hope that those of you who are intimately familiar with the whole encryption entanglement are already firing up your mailers to complain about the technical inaccuracies in this article.