Interesting People mailing list archives
IP: UK Government Launches HMS Clipper (ASCII 1 of 2)
From: Dave Farber <farber () central cis upenn edu>
Date: Tue, 18 Jun 1996 12:29:58 -0400
Hi: Here is a message, with attachment from Dr Brian Gladman <gladman () euronet nl> that you will I think find interesting, and might wish to pass on further.
You might be interested in the attached MS Word 6 document in which I comment on the recent press release made by the DTI on encryption on telecommunications networks. I am concerned that the policy has been largely developed in secret and an effort may be made to get it through to law with insufficient public awareness of what is happening. Anyway, if you feel inclined, I would be grateful if you could pass it on to any colleagues who may be interested. My aim in asking you to do this is simply to ensure that the maximum number of people get to know what is going on - I am not seeking to influence anyone to be for or against the government position although I personally think that the govt has underestimated the complexity and difficulty of its TTP ideas given the problems of software intensive systems.. In particular it seems to me very silly to introduce a policy and then test whether there is a practical way of implementing it! I would be interested in your views here as I suspect that there is now going to be some interest in this subject!
Cheers
Brian Randell
PS Being set again in ASCII this time, by popular demand! (Indented text is
Brian
Gladman's commentary. His emphasis shown *THUS*.)
==========
***********Dr Brian Gladman <gladman () euronet nl>*******************
UK POLICY FOR ENCRYPTION ON PUBLIC TELECOMMUNICATIONS NETWORKS
THE DEPARTMENT OF TRADE AND INDUSTRY PRESS RELEASE
ENTITLED:
'GOVERNMENT SETS OUT PROPOSALS FOR ENCRYPTION ON
PUBLIC TELECOMMUNICATIONS NETWORKS'
HAS THE UK GOVERNMENT LAUNCHED HMS CLIPPER?
The comments provided here are a refinement of those which I first
published to the 'talk.politics.crypto' Internet newsgroup on
14th June 1996. The additions and changes are the result of some
further thoughts and a number of responses which I received
subsequent to my original posting. I gratefully acknowledge the
contributions of the people who responded. I emphasise that I am
making these comments as a private citizen of the United Kingdom *AND
IN NO OTHER CAPACITY*.
The text of the press release on TTP services in the UK is appended
below with my comments interspersed. I have not seen a copy of the
paper referred to in the text and it may be that the issues involved are
better covered there.
It is important to recognise that this announcement by the UK
Government represents a significant and positive shift in policy in that it
has recognised, for the first time, that there is a legitimate requirement
for the exploitation of cryptography for information protection beyond
Government in the UK. In my view this realisation has come far later
than it should have done but the delay makes it no less welcome.
What we now have to determine is whether these words, and the
thinking which lies behind them, represent a balanced approach which
fair minded people in the UK will accept as reasonable or whether the
UK Government has secretly designed and now launched HMS
Clipper.
GOVERNMENT SETS OUT PROPOSALS FOR ENCRYPTION
ON PUBLIC TELECOMMUNICATIONS NETWORKS
To meet the growing demands to safeguard the integrity and confidentiality of
information sent electronically over the public telecommunications networks,
the Government has today published a paper on the provision of encryption
services.
These services cover the digital signature (an electronic equivalent of a hand-
written signature) of electronic documents and the protection of the accuracy
and the privacy of their contents. In recognition of the need to set the right
balance between commercial and personal confidentiality and the continuing
ability of the law enforcement agencies to fight serious crime and terrorism,
the Government proposes to introduce the licensing of Trusted Third Parties
(TTPs) to provide such services.
Licensed TTPs are the way to offer encryption services to the public.
Ultimately, it is for organisations or individuals to consider whether or
not the
benefits of such licensing will outweigh any existing arrangements that they
have.
The use of the phrase '...any *EXISTING* arrangements that they have.'
suggests that there may be choice only for those who already have
arrangements. Since the press release will have been carefully staffed
we have to assume that this phrasing is deliberate and this may mean
that the UK Government is contemplating the regulation of the future
use of encryption in business and commerce. The phrasing 'any
alternative arrangements which they either have or may wish to make in
future' would be better. More on this later.
In a written answer to a parliamentary question from Peter Luff MP
(Worcester), Science and Technology Minister Ian Taylor said:
"Following the discussion between Departments to which I referred in my
replies to the hon Member for Brigg and Cleethorpes of 6 March, Official
Report column 229 and 25 March, Official Report column 411, I am today
publishing a paper outlining the Government's policy on the provision of
encryption services on public networks. Copies of the paper are available in
the library of both Houses."
"The Government aims to facilitate the development of electronic commerce
on the emerging global information infrastructure. This is of significant
importance in maintaining the UK's competitiveness and is a component of
the Department's Information Society Initiative. There is a growing demand
for encryption services to safeguard the integrity and confidentiality of
electronic information transmitted on public telecommunications networks.
The Government therefore proposes to make arrangements for licensing
Trusted Third Parties (TTPs) who would provide such services. These TTPs
would offer digital signature, data integrity and retrieval, key management and
other services for which there is a commercial demand. The licensing policy
will aim to protect consumers as well as to preserve the ability of the
intelligence and law enforcement agencies to fight serious crime and terrorism
by establishing procedures for disclosure to them of the encryption keys,
under safeguards similar to those which already exist for warranted
interception under the Interception of Communications Act."
This is an important sentence in that it limits the use of disclosed keys
by intelligence agencies to 'fighting serious crime and terrorism'. I am
not familiar with the Interception of Communications Act (which may
also contain this limitation) but it will clearly be important to ensure
that
this sentiment is reflected in any legislation which is developed.
Another issue here is that disclosure of keys, not the protected
information, is called for, a requirement which will have major impact
on design in order to ensure that the scope of information access
provided by such key disclosure does not extend beyond that permitted
by the warrant(s) involved.
A third issue is that, some computer data is not similar to that for which
warranted interception is designed and is hence not necessarily amenable
to analogous safeguards. An example here is that of system management
and control data which is protected with cryptography in order to protect
the safe operation of the system involved. Disclosure of keys for such
applications could put the operation of the systems involved at risk and
this in turn could have extremely serious safety implications for some
classes of system. The liability issues here are not obvious since the
impact of key disclosure leading to system penetration and failure could
be extremely serious.
"Officials within my department have held preliminary discussions with
industry groups on the concepts set out in the paper. The Government intends
to bring forward proposals for legislation following consultation by DTI on
detailed policy proposals."
Good, although it is a pity that the views of the UK public at large seem
to have played no part in the formulation of this new Government policy
even though it is presented as being in their interests
NOTES FOR EDITORS:
1. Encryption is the process of transforming a document or message text
into an unintelligible form that can only subsequently be recovered by
someone possessing the corresponding decryption key.
2. TTPs are trustworthy commercial organisations that can provide
various information security related services to enable transactions to be
conducted securely. Typical services are management of cryptographic
keys, time stamping of electronic documents and arbitration of repudiation
claims regarding the origin, receipt, delivery and submission of electronic
documents.
3. Copies of the Paper are available from the DTI Commercial IT
Security Unit on 0171 215 1399 or Fax 0171 931 7194.
PAPER ON REGULATORY INTENT CONCERNING USE OF
ENCRYPTION ON PUBLIC NETWORKS
SUMMARY
1. The Government recognises the importance of the development of the
Global Information Infrastructure (GII) with respect to the continuing
competitiveness of UK companies. Its aim is to facilitate the development
of electronic commerce by the introduction of measures which recognise
the growing demand for encryption services to safeguard the integrity and
confidentiality of electronic information transmitted on public
telecommunications networks.
2. The policy, which has been decided upon after detailed discussion between
Government Departments, involves the licensing and regulation...
Note here that the policy *HAS BEEN* decided - that's it folks - we
know what is best for you - you know that you can trust us and we
certainly don't want you to think for yourselves - good gracious,
that's how revolutions start! What did you say, its all about democracy,
Governments serving their citizens, achieving open Government,
freedom of information and all that? You mean that we should actually
seek views before we set our policy?? No, no, we can't possibly do
that - if we did that people might disagree with us and we might then
find it difficult to have the policy we want - OOPS, I mean the policy
that we have decided is best for you. Any other way would be like
having hospitals for the benefit of patients, or trains for the benefit of
passengers, and we don't want any of that - Government for the
people is OK for the United States but its far too crude an idea for the
UK!
... of Trusted Third Parties (hereafter called TTPs) which will provide a range
of information security services to their clients, whether they are corporate
users or individual citizens. The provision of such information security
services will be welcomed by IT users, and will considerably facilitate the
establishment of, and industry's participation in, the GII, where trust in the
security of communication has been acknowledged to be of paramount
importance. The licensing policy will aim to preserve the ability of the
intelligence and law enforcement agencies to fight serious crime and terrorism
by establishing procedures for disclosure to them of encryption keys, under
safeguards similar to those which already exist for warranted interception
under the Interception of Communications Act.
3. The Government intends to bring forward proposals for legislation
following consultation by the Department of Trade and Industry on detailed
policy proposals.
Good, but are things *REALLY* going to change I wonder?
BACKGROUND
4. The increased use of IT systems by British business and commerce in the
last decade has been a major factor in their improved competitive position in
global markets. This reliance on IT systems has, however, brought with it
increased security risks; especially concerning the integrity and
confidentiality
of information passed electronically between trading bodies. The use of
encryption services on electronic networks can help solve some of these
security problems. In particular TTPs will facilitate secure electronic
communications either within a particular trading environment (eg between a
bank and its customers) or between companies, especially smaller ones, that
do not necessarily have any previous trading relationship.
The enthusiasm for TTPs in Europe is strong on idealism but weak on
any practical understanding of the legal or the technical issues which
will be involved in bringing them into existence. Considering just the
technical issues, if two people want to exchange secure information,
their respective TTPs must reach a bilateral agreement before they can
do so and if no such relationship exists they simply cannot communicate
securely. Since the number of bilateral arrangements between N parities
grows at an N^2 rate, a world with a large number of TTPs will simply
not be practical. Thus, for example, with 30 countries each with about
30 TTPs would involve 1000 TTPs in total and of the order of a million
individual bilateral arrangements. It is thus evident that the TTP
approach does not scale well and will only likely to be effective with a
relatively small number of TTPs. (Dorothy Denning has correctly
pointed out that this is not an inherent feature of TTPs but rather a
feature of a particular system design being studied by the UK
Government)
Since it is implied that TTPs will hold keys for their customers, a small
number of TTPs will mean that each TTP will hold an enormous
number of keys and hence a very large amount of data which is
extremely security sensitive. In this situation a TTP could be managing
millions of keys; however, it is hard to conceive of a computer and
management regime which would be capable of achieving such a task.
Anyone who doubts this should read back issues of comp.risks and
the work done by Ross Anderson at Cambridge on security in banking.
By and large I trust my bank to manage my money but I would not
currently trust them to manage my keys by using computers. There is
simply no evidence to suggest that there are any organisations, banks
included, which are currently capable of undertaking a task which
involves the use of computers to handle such extreme security
requirements. Despite the local risks, therefore, I prefer to manage my
own keys. In saying this I would be happy to use key recovery
techniques to guard against inadvertent key loss and to provide for
information disclosure in response to a search warrant.
Small numbers of TTPs will lead to other dangers in that there may be
little or no choice of the architecture of the schemes available in the
market. The scenario in which the UK Government licences a small
number of TTPs could easily lead to a situation where there is
effectively no market for alternative ways of achieving security and
hence no real choice. In this situation the idea that the scheme is
voluntary would be rather hollow. Of course the Government could
claim that this is true and in one sense they would be right - you could
have TTP based security or none at all.
5. In developing an encryption policy for the information society, we have
also considered how the spread and availability of encryption technology will
affect the ability of the authorities to continue to fight serious crime and
terrorism. In developing policy in this area, the Government has been
concerned to balance the commercial requirement for robust encryption
services, with the need to protect users and for the intelligence and law
enforcement authorities to retain the effectiveness of warranted interception
under the Interception of Communications Act (1985).
6. Consideration by Government has also been given to the requirement for
business to trade electronically throughout Europe and further afield. The
inter-departmental discussions have therefore taken into account draft
proposals by the European Commission, concerning information security
(which include the promotion of TTPs), and discussions on similar issues
taking place within the OECD.
THE GOVERNMENT'S PROPOSALS
(a) Licensing
7. By their nature, TTPs, whatever services they may provide, will have
to be trusted by their clients. Indeed in a global trading environment
there will
have to be trust of, and between, the various bodies fulfilling this function.
To engender such trust, TTPs providing information security services to the
general public will be licensed. ...
It is not obvious that licensing will be better than regulation in providing
TTPs which can be trusted. It is almost certain, however, that this will
result in far fewer TTPs and this will have benefits in reducing diversity
but disadvantages in reducing competition and freedom of choice. A
careful analysis will be required to determine whether licensing or
regulation offers the better approach.
... The licensing regime would seek to ensure that organisations and bodies
desiring to be TTPs will be fit for the purpose. The criteria could include
fiduciary requirements (eg appropriate liability cover), competence of
employees and adherence to quality management standards. TTPs would also
be required to release to the authorities the encryption keys of their clients
under similar safeguards to those which already exist. We would expect
organisations with existing customers, such as banks, network operators and
associations (trade or otherwise) to be prime candidates for TTPs.
See earlier comments. In view of:
+ the regularly reported difficulties which large organisations have in
the design, development and operation of large, software intensive
computer based systems;
+ the very limited availability of practical and affordable high
assurance
computer systems products suitable for the implementation of
extremely challenging key generation, management and storage tasks;
+ the well known failures of banks, and at least one network operator,
to effectively maintain the security of their computer based
information;
it would be helpful if the Government could set out its reasons for
believing that such organisations are capable of undertaking the full
range of TTP tasks envisaged for them.
8. The Government will consult with organisations such as financial
services
companies, who have made existing arrangements for the use and provision
of encryption services, with the intention of avoiding any adverse effects on
their competitiveness. It is not the intention of the Government to
regulate the
private use of encryption. It will, however, ensure that organisations and
bodies wishing to provide encryption services to the public will be
appropriately licensed.
This paragraph contains the seeds of many difficulties since the
definition of 'private use' of encryption is very unclear. If a company
uses encryption on a single geographic site is this 'private' use? If this
is extended to more than one site using some form of communications,
would this be 'private' or 'public' use? If several companies agree to
use a common encryption approach among themselves is this 'public' or
'private' use? What if an organised group of individuals does this -
does this change the answer?
PGP is already in widespread use on the Internet and this could easily
be interpreted as 'public' rather than 'private' use. On the other hand
PGP is often used to protect the privacy of individuals not involved in
business or commerce and this could be interpreted as 'private'.
What will be the status of the many PGP 'key servers' on the Internet if
all 'encryption services' are to be licensed? In practice it seems very
difficult to distinguish between a TTP offering keys to its clients and a
PGP key server doing almost the same thing. Taking the press
statement at face value, therefore, it would seem that PGP key servers
may be at risk if the Government intends to licence all encryption
services. Beyond this, if a person publishes their PGP public key, or
signs someone else's PGP key, are they providing an 'encryption
service'?
It seems inevitable that the definition of the boundary between 'private'
and 'public' encryption services is going to be very difficult to define.
There is also a lack of clarity in the Government's intent in respect of the
*USE* of encryption and encryption services as distinct from their
provision. Provision and use are intertwined in the press release and
need to be separated so that the Government's intentions in respect of
each of these are clarified. Much is said about regulating service
provision, and the intention not to regulate 'private' use is set out, but
the statement is very imprecise in respect of regulation intentions in
respect of 'public' *USE*.
This whole area will be one which needs to be monitored with great care
during the legislative process. Although the wording throughout the
press release is clever, it seems plausible that the Government is
considering the possible regulation of *THE USE OF ENCRYPTION IN
BUSINESS AND COMMERCE*.
If this is correct then the Government is seeking to remove the existing
freedom which industry, commerce, businesses and private citizens in
the UK have to use whatever cryptography they choose in going about
their daily lives (except in very limited areas - amateur radio, for
example - I do not believe that there are any current restrictions on the
use of cryptography in the UK). If this is the intention then this
proposal is HMS Clipper, albeit in a well disguised form.
It will thus be essential that this area of the policy is set out with great
clarity and precision if existing freedoms in the *use* of encryption are to
be preserved. *IN PARTICULAR IT WILL BE IMPORTANT TO OBTAIN AN
UNEQUIVOCAL COMMITMENT FROM THE UK GOVERNMENT THAT THE
USE OF TTP BASED ENCRYPTION SERVICES WILL BE VOLUNTARY AND
THAT NO RESTRICTIONS OF ANY KIND WILL BE PLACED ON THE
DESIGN, DEVELOPMENT, SALE OR USE OF CRYPTOGRAPHIC PRODUCTS
AND SYSTEMS WITHIN THE UK*.
Attachment Converted: C:\WINDOWS\Desktop\attachments\ukcrypol1.doc
Dept. of Computing Science, University of Newcastle, Newcastle upon Tyne,
NE1 7RU, UK
EMAIL = Brian.Randell () newcastle ac uk PHONE = +44 191 222 7923
FAX = +44 191 222 8232 URL = http://www.cs.ncl.ac.uk/~brian.randell/
Current thread:
- IP: UK Government Launches HMS Clipper (ASCII 1 of 2) Dave Farber (Jun 18)