Interesting People mailing list archives
The Legal Threat to Comsec
From: Ross Anderson <rja14 () cl cam ac uk>
Date: 14 Aug 93 10:30:16 GMT
In article <hwYnt*s40 () world std com>, cosell () world std com (Bernie Cosell) writes: |> It *could* put NSA in a very unfortunate position: if they really did |> use a version of one of their super-strong, classified algorithms to |> make the civilian-available algorithm quite strong and secure, and the |> result is a series of legal challenges that threatens to compromise |> classified crypto information. In that case, the NSA should pay a bit more attention to what goes on in the real world. Banks use DES encryption boxes with their ATM systems for legal rather than military reasons; they want to be able to stonewall customers who complain about phantom withdrawals. The idea is that the key which derives your PIN from your account number is kept in this secure hardware, so no bank employee can ever find out your PIN. Thus (say the banks) the only person who knows the PIN is you (unless you've been negligent). However, about 1 ATM transaction in 10,000 still goes wrong, and then the poor customer is told that she must have been ripped off. These accusations can sometimes cause serious trouble. Last week, we got a Great Yarmouth taxi driver off a charge of theft. He had taken a customer to an ATM and she'd left her purse in the taxi afterwards. The driver handed it in to the taxi office, but a phantom withdrawal took place later that day and, as he had no alibi, he got arrested for it. We broke the case by filing for a disclosure order on the bank's computer security systems. Last month, we used the same tactic to beat a similar charge against a lady in Plymouth. In that case, one of her colleagues at work had had the phantom. The implication for the legal system appears to be that you can't convict anyone where you have to rely on a bank's computer systems, and where the defendant has a competent expert witness and a combative lawyer. Our two clients both convincingly maintained their innocence; but the disclosure tactic would work just as well for a Mafia defendant. The implication for governments is worse; they buy their comsec gear from the same firms who make the banks' DES boxes. These firms are just as vulnerable to court orders as the banks are: at any time, lawyers working on a theft or fraud case could walk into their labs and seize their design notes, schematics and source code for examination by hostile experts. Claiming a clearance mismatch won't work; one of the UK's most prominent defence contractors got raided a few years ago by lawyers looking for pirated PC software, and their security guards were not prepared to do jail time for contempt of court. I understand that the Ministry of Defence got rather upset. If a government demands a classified algorithm, it should probably insist that its comsec suppliers be separately incorporated companies, on separate sites, which do no other business at all. What this would do to their costs, though, is another matter, Ross
Current thread:
- The Legal Threat to Comsec Ross Anderson (Aug 14)