| Date post: | 14-Apr-2018 |
| Category: |
Documents |
| Upload: | saimadhav-mamidala |
| View: | 222 times |
| Download: | 0 times |
of 21
7/29/2019 Law_Enf
1/21
p
e
rf
orm
an
cean
d
i nnovat
ion
uni
t
A PERFORMANCE AND INNOVATION UNIT REPORT MAY 1999
CABINET
OFFICE
Encryption and Law Enforcement
7/29/2019 Law_Enf
2/21
FOREWORD
by the prime minister
I am determined to ensure that the UK provides the best environment in the world forelectronic business. Only by taking a lead to promote electronic business will we reap thepotential economic and social benefits. But I am equally determined to ensure that the UKremains a safe and free country in which to live and work.
The rise of encryption technologies threatens to bring the achievement of these twoobjectives into conflict. On the one hand, business has delivered a clear message thatencryption is essential for developing confidence in the security of electronic transactions.And lack of confidence is often cited as one of the main brakes on electronic commerce.People also want to enhance the security of their personal communications through theuse of encryption. To meet these needs, the Government is keen to support the strongand growing market in encryption products and services.
On the other hand, the use of encryption by major criminals and terrorists could seriouslyfrustrate the work of the law enforcement agencies. Indeed there is already evidence thatcriminals, such as paedophiles and terrorists, are using encryption to conceal their activities.It is a little known fact that on average one in every two interception warrants issued results
in the arrest of a person involved in serious crime. If powers of interception and seizure arerendered ineffective by encryption, all society will suffer. So it is vital that in our support forthe use of encryption we limit the damage to our ability to protect society.
In February 1999, I asked the Performance and Innovation Unit (PIU) to consider the issue ofencryption, e-commerce and law enforcement and a task force was established to look quicklyat the problem. This report draws on the findings of this PIU task force and on the work ofthe Units wider e-commerce project. It sets out the issues surrounding encryption and lawenforcement and the encryption task forces recommendations to achieve better-balancedGovernment policy in this area.
I see this report as a way of securing greater public understanding of some of the issues atstake. The value of interception as a law enforcement tool is one such issue. Clearly, sensitive
operational techniques need to be protected because of national security concerns. But thisreport sets out as fully as possible the findings of the PIU task force in demonstrating theGovernments intention to encourage a public debate.
I particularly welcome their recommendations for moves towards closer co-operation betweenGovernment and industry to ensure that together we achieve our twin aims: a continued safesociety for all and the best environment in the world for electronic business.
Tony Blair
p
e
rf
orm
an
cean
d
i nnovat
ion
uni
t
Encryption and Law Enforcement
7/29/2019 Law_Enf
3/21
CONTENTS
1. Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1
2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3
Remit of the PIU study . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Methodology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Developing electronic commerce in the UK and the role of encryption . . . . 4
Government policy on e-commerce . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
The importance of encryption to e-commerce . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
4. Law enforcement issues raised by encryption . . . . . . . . . . . . . . . . . . . . . . . . . 6
The importance of interception for effective law enforcement . . . . . . . . . . . . . . . . . . .6
Government policy on interception . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7
The impact on interception of developing encryption technologies . . . . . . . . . . . . . . 7
A shared international problem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8
5. Government consideration of encryption policy . . . . . . . . . . . . . . . . . . . . . . . 9Public Key Cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Digital signatures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Key escrow and licensing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
6. Analysis of key escrow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
The merits of key escrow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
The limitations of key escrow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Conclusions on key escrow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
7. A new approach . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
A new Government/industry joint forum . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Establishment of a Technical Assistance Centre . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15Legislative issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
International issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
ANNEXES
Annex A: role of the Performance and Innovation Unit . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Annex B: law enforcement requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
7/29/2019 Law_Enf
4/21
Top ics Covered i n t his sect ion :
INTRODUCTION
Encryption
and
Law
Enforcement
1
1. SUMMARY
Developments in encryption technology, products and services carrysignificant benefits in increasing consumers levels of trust in theInternet, and particularly in e-commerce. However, they also give riseto a number of challenges for law enforcement, where it will becomemore difficult to derive intelligence from lawfully interceptedcommunications and retrieved data. This report considers theGovernments response to the issues of encryption, e-commerce andlaw enforcement. The report is framed by two key objectives forthe Government:
to make the UK the best environment in the world in which to tradeelectronically; and
to ensure that the UK remains a safe country in which to liveand work.
The task force concluded that no single technique or system was likelyto be enough to sustain law enforcement capabilities in the face ofrising use of encryption by criminals. This being the case, a packageof measures was needed to mitigate the consequences as set out below.
RecommendationsThe voluntary licensing of providers of encryption services, proposed in therecent DTI consultation document on the forthcoming Electronic Commerce Bill,will help improve consumers confidence and therefore support the developmentof e-commerce in the UK. However, these licensed providers should notberequired to retain decryption keys or to deposit them with third parties
(i.e. no mandatory key escrow). Whilst the introduction of a mandatory linkbetween licensed providers of services and key escrow would provide the besttechnical solution to many of the problems caused by encryption, in practiceit would not support achievement of both of the Governments objectives.
The Government should adopt a new approach based on co-operationwith industry to balance the aim of giving the UK the worlds bestenvironment for e-commerce with the needs of law enforcement. There is nosilver bullet policy that guarantees that the development of encryption will notaffect law enforcement capabilities.
A new Government/ industry joint forum should be established to discussthe development of encryption technologies and to ensure that the needs oflaw enforcement agencies are taken into account by the market. This new
co-operation should also be promoted at the international level. The forumshould consist of a high-level group to discuss policy issues and be supportedby specialist technical and legal groups.
Encryption and Law Enforcement
7/29/2019 Law_Enf
5/21
A new Technical Assistance Centre should be established, operating on a 24-hourbasis, to help law enforcement agencies derive intelligence from lawfully interceptedencrypted communications and lawfully retrieved stored data. The Technical AssistanceCentre will also be responsible for gaining access to decryption keys, where they exist,under proper authorisation.
The task force welcomes the intention to include in the forthcoming ElectronicCommerce Bill provisions to allow lawful access to decryption keys and/or plain textunder proper authority. The task force also recommended that further attention shouldbe given in the Bill to placing the onus on the recipient of a disclosure notice to proveto the authorities that the requested keys or plain text are not in his possession, andto state to the best of his knowledge and belief where they are.
The UK should encourage the development of an international framework,including a new forum, to deal with the impact of encryption on law enforcement.
Encryption
andL
aw
Enforcement
2
7/29/2019 Law_Enf
6/21
Remit of the PIU study
2.1 The creation of the Performance andInnovation Unit (PIU) was announced by thePrime Minister on 28 July 1998. Its aims areto improve the capacity of government toaddress strategic, cross-cutting issues andpromote innovation in the developmentof policy and delivery of the Governmentsobjectives. The PIU acts as a resource forthe whole of government, tackling issueson a project basis. Annex A provides moreinformation on the role of the PIU.
2.2 In February 1999 the Prime Minister
asked the PIU to consider the issue ofencryption and law enforcement. The PIUwas already conducting a project to examinehow the Governments objective of makingthe UK the worlds best environment forelectronic commerce would most effectivelybe achieved (as announced by the PrimeMinister in December 1998). It then becameclear that more detailed work was neededon whether and how to regulate the useof encryption in the DTIs ElectronicCommerce Bill.
2.3 The remit given to the PIU was:
to study the needs of law enforcementagencies and of business;
to examine the merits of the currentencryption policy (and in particular keyescrow, which is explained in chapter 5);and, if necessary,
to identify proposals that would satisfyboth the need to promote encryptionfor electronic commerce and the
Governments duty to ensure that publicsafety is not jeopardised.
Methodology
2.4 To handle this remit, the PIU establisheda joint Government/industry task force toexamine the issue and to recommend a wayforward. The task force was led by DavidHendon, Chief Executive of theRadiocommunications Agency, and workedalongside the existing PIU electroniccommerce project team, led by Jim Norton.Its membership was drawn from:
the Home Office;
the National Criminal Intelligence Service;
GCHQ Communications-Electronics
Security Group;the Department of Trade and Industry;
the Cabinet Office;
British Telecommunications; and
IBM.
2.5 The PIU task force had a very short timeto complete its work and was tasked withidentifying the broad strategy rather than thedetail of implementation. Over the six-week
period of its creation and work, the taskforce had discussions with 23 companiesand organisations and with five overseasgovernments. The task force reported to thePrime Minister at the end of March 1999.This report draws on the findings of thetask force and on the work of the PIUswider e-commerce project. It sets out theissues surrounding encryption and lawenforcement and the encryption task forcesrecommendations to achieve better-balancedGovernment policy in this area.
Top ics covered in t his sect ion :
Remit of t he PIU study
Methodology
2. INTRODUCTION
Encryption
and
Law
Enforcement
3
7/29/2019 Law_Enf
7/21
Government policy
on e-commerce
3.1 The Government is committed topromoting electronic commerce in the UK.The cost savings available from streamliningbusiness processes and supply chains usinge-commerce techniques are dramatic:reduced time to market, lower stock holdings,reduced transaction costs. All these offersubstantial benefits to industry and consumeralike. Entirely new ways of doing businessare also enabled, such as holding electronicauctions for airline tickets or hotel rooms.The pace of development around the world
is unprecedented, but much depends onensuring trust in this new medium and hereencryption technologies have a vital roleto play.
3.2 The Governments broad electroniccommerce agenda was published in October1998 in Net Benefit: the electronic commerceagenda for t he UK.1 Further to this, in theWhite Paper Our Compet it ive Future: Build ingthe Knowledge-Driven Economy,2 publishedin December 1998, the Government set out
the ambitious goal of developing the UK asthe worlds best environment for electronictrading by 2002. The PIUs electroniccommerce project team has been taskedto identify the strategy necessary to meetthis objective and is due to report bySummer 1999.
3.3 The DTI continues to work activelyin this area, driving forward competition,meeting with the e-commerce supply sectorsto tackle barriers to growth, and helping small
businesses take full advantage of the explosionof new ways to access, use and send
information. The Governments commitmentto e-commerce in its widest sense was furtherspelled out in the March 1999 White PaperModernising Government. Chapter 5 ofthe White Paper makes it clear that theGovernment will use new technology to helpmeet the needs of citizens and business inthe provision of public services, and not trailbehind technological developments.
The importance of
encryption to e-commerce
3.4 Encryption can be used to provide a
variety of security services for commercialtransactions. Principally these are integrity,authentication and confidentiality. Integrityservices can guarantee that data has notbeen accidentally or deliberately corrupted;authentication guarantees that theoriginator or recipient of material is the personthey claim to be; and confidentialityensures that data cannot be read by anyoneother than the intended recipients.
3.5 All of these services are important to
overcome the lack of trust felt by manypeople in the security of information sentover the Internet. This lack of trust is oftencited as one of the most significant barriersto the increased use of electronic commerce.
3.6 Encryption can be used by business, forexample, to guarantee:
that contracts have not been improperlyaltered, and have been signed byauthorised personnel;
that funds are transferred securely, byreplacing information like credit card
Encryption
andL
aw
Enforcement
4
Top ics covered in t his sect ion :
Government policy on e-commerce
The import ance of encryption t o e-commerce
3. DEVELOPING ELECTRONIC COMMERCE
IN THE UK AND THE ROLE OF ENCRYPTION
1 URN 98/8952 CM 4176
7/29/2019 Law_Enf
8/21
details or account numbers in such a waythat they cannot be used fraudulently; and
that market sensitive information flowing
between different parts of an organisationcannot be accessed by anyone other thanthose entitled to see it.
3.7 Encryption also has benefits inhelping to protect the privacy of personalcommunications. Whether individuals arecorresponding with friends using e-mail,or electronically booking appointmentswith their doctor, some people will wishfor the added security that comes fromusing encryption.
A FAMILIAR USE OF ENCRYPTION
IN THE HOME
One familiar commercial use of encryption is to
prevent free reception of satellite TV. Without
advanced encryption devices, programmes
delivered into homes could be viewed by anyone.
Encryption allows only the person who has paid
to view the programmes to watch them. The
technology also makes it virtually impossible to
tamper with a decoder to extract and copy the
key, which is supplied over the air.
A BUSINESS USE OF ENCRYPTION
The world-wide Automotive Network Exchange
(ANX) is a system being developed collectively
by vehicle manufacturers. It is a private network
using Internet technologies (an Extranet). The
network binds together manufacturers,
contractors, sub-contractors and component
suppliers throughout the industry supply chain.
Through this network flow computer-aided
design information and manufacturing files,
purchase orders, shipment details, electronic
payments and a wide variety of other business
information. Encryption technology is used in
a variety of ways:
integrity services assure that order informationhas not been corrupted;
authentication services assure that orders and
invoices are genuine; and
confidentiality services protect proprietary
design information.
Encryption continues to make a significant
contribution to areas such as the 72% reduction
in error rates experienced since the introduction
of ANX.
Encryption
and
Law
Enforcement
5
7/29/2019 Law_Enf
9/21
4.1 The development of encryptiontechnology gives rise to a number ofchallenges to law enforcement, securityand intelligence agencies. In particular, itswidespread use will have an effect on theability of these agencies to make use oflawfully intercepted communications andretrieved data for law enforcement purposes.This chapter assesses the importance ofinterception for law enforcement andconsiders the impact of encryption onlaw enforcement capabilities.
The importance of
interception for effective
law enforcement
4.2 It is sometimes claimed thatinterception has rarely led to the successfulprosecution of a criminal and that equallygood intelligence can be gained by othermeans. This is simply untrue. Interceptionof communications has long been anessential tool in the fight against seriouscrime and threats to national security. It islong-standing policy not to disclose details
of interception operations so as not toundermine its value as an intelligence source.But the following figures give an idea of thevalue of the existing arrangements. During1996 and 1997, lawful interception ofcommunications played a part often thecrucial part in operations by police andHM Customs which led to:
1,200 arrests;
the seizure of nearly 3 tonnes of class Adrugs;
the seizure of 112 tonnes of other drugswith a combined street value of over600 million; and
the seizure of over 450 firearms.
4.3 During this period, around 2,600interception warrants were issued by theHome Secretary. This means that on averageone person involved in serious crime wasarrested for every two warrants issued.
4.4 In addition to being highly effective,interception also gives many advantagesover other investigative methods, such assurveillance and the use of informants.Surveillance is extremely expensive in its use ofresources compared with interception. To worksuccessfully it must be targeted very carefully,usually in conjunction with some other formof intelligence gathering mechanism such as
interception. The use of informants often failsto give the direct and unbiased access whichcan be gained by interception. Informants arenot always available, cannot always be reliedupon and seldom offer the kind of directcoverage provided by interception. In manyinvestigations, interception may be the onlypossible means of access to a target who isalert to surveillance and against whom noinformants can be recruited.
4.5 The task force noted that there is a
general public acceptance of the use oftelephone and mail interception underwarrant with the aim of protecting society.Yet there appears to be a very strong aversionin some quarters to law enforcement agencieshaving similar warranted access to theelectronic communications that are thecommon currency of the Internet community.The task force therefore felt it important toemphasise to this community the importanceof lawful interception in protecting societyfrom crime and terrorism. They believed itwas important that the development of
electronic communications, which promisesmany benefits to businesses and individuals,should not also give assistance to those whoare engaged in serious crime.
Encryption
andL
aw
Enforcement
6
Top ics covered in t his sect ion :
The importance of int erception for effective law enforcement
Government policy on interception
The impact on in terception of developing encryption t echnologies
A shared international problem
4. LAW ENFORCEMENT ISSUES
RAISED BY ENCRYPTION
7/29/2019 Law_Enf
10/21
Government policy on
interception
4.6 Under the Interception ofCommunications Act (IOCA) 1985,interception of any communication (including
e-mail) on a public telecommunicationsnetwork requires a warrant to be signed by aSecretary of State. Interception may only beauthorised where the Secretary of Stateconsiders that it is necessary in the interestsof national security, for the purpose ofpreventing or detecting serious crime, or forthe purpose of safeguarding the economicwell-being of the United Kingdom. IOCArequires the Secretary of State to consider,before authorising an interception, whetherthe information could reasonably be obtained
by any other (less intrusive) method. Anindependent Commissioner keeps underreview the exercise of the Secretary of Statespowers under the Act. The Commissioner
EXAMPLES OF ENCRYPTION USED IN
SERIOUS CRIME
In 1995 two suspected paedophiles were
arrested by police in the UK on suspicion of
distributing child pornography on the Internet.
Their computer systems were found to contain
pornographic images of children and, in the
case of the leading suspect, a large amountof encrypted material. The indications were
that the suspects had used encrypted
communications to distribute child
pornography to contacts around the world
via e-mail. Although both paedophiles were
subsequently convicted of distributing child
pornography, the police investigation into
the leading suspect was severely hampered
by the fact that he had used encryption.
In late 1996, a police operation culminated
in the arrests of several leading members of a
Northern Irish terrorist group and the seizureof computer equipment containing encrypted
files. The files held information on potential
terrorist targets such as police officers and
politicians. The data was eventually retrieved
but only after considerable effort.
In 1998, police enquiries into a case of
attempted murder and sexual assault were
impeded by the discovery of encrypted
material on a suspects computer. The
investigation was able to proceed only after
the relevant decryption key was discovered by
the police amongst other material seized fromthe suspect.
submits an annual report to the PrimeMinister who lays it before Parliament.It is open to anyone who believes that hisor her communications may have beenintercepted to apply to the InterceptionTribunal established under IOCA whichinvestigates complaints.
4.7 The proposals contained in this reportare, therefore, not about increasing thescope of interception, or access tostored data. They are designed to ensurethat lawfully intercepted and retrievedmaterial can continue to provide intelligenceto the law enforcement agencies in orderto assist the investigation of serious crimesand terrorism.
4.8 The PIU task force suggested that thelaw enforcement agencies should adopt amore pro-active approach to making peopleaware of the value of interception in thefight against serious crime, to the extentpossible whilst not compromising thetechniques effectiveness.
The impact on interception
of developing encryption
technologies
4.9 The widespread deployment ofencryption means that it will becomeincreasingly difficult for law enforcementagencies to make use of communicationswhen they are lawfully intercepted.
4.10 The problem is urgent. There is ageneral acceptance that encryption willbecome a more generic technology, andthus integrated into an ever larger numberof applications and products. For example,there are indications that some Internet
Service Providers in the UK will makestrong encryption tools available on theirintroductory CDs, giving many Internetsubscribers the opportunity, at little costto themselves, to use strong encryptiontechniques for both their stored andcommunicated data. The advent of Internettelephony and of encrypted mobile phonesalso has the potential to reduce theinformation that can be derived by lawenforcement agencies from interceptionunder warrant.
Encryption
and
Law
Enforcement
7
7/29/2019 Law_Enf
11/21
4.11 Much of the encryption used when
communicating or storing data will beeffectively unbreakable by the authorities. Forexample, readily available strong encryptiontechnology means that many billions ofdifferent combinations potentially need to betried before a code can be broken. The timeand computer resources needed to do thismake the code unbreakable in a reasonabletime. For most police operations, informationis needed as soon as possible; mostencryption would take far too long to crackfor the decoded information still to be of use.A fuller account of the requirements for law
enforcement when dealing with encryptedmaterial is at Annex B.
INTERNET TELEPHONY
Voice and data are increasingly converging onto
a single, Internet Protocol (IP) based, transport
network. Currently, telephone calls use the
(circuit-switched) Public Switched Telephone
Network where a path is opened across the
network between the calling parties for the
duration of the call. In an IP communication, onthe other hand, the call is divided up into many
small packets, which are sent individually by any
number of different routes and reassembled at
the other end. Both circuit-switched telephony
and IP data are conveyed in a digital form,
and digitisation of the network has allowed
telecommunications operators to offer many new
services to users. A technology known as Voice
Over IP is increasingly being suggested as a
replacement for Public Switched Telephone
Network voice calls, as rationalisation of switching
methods leads to savings for operators. Technical
change in telecommunications is further
accelerated by new service providers entering the
market and improving competition. Operators
wishing to attract new customers, or to earn
additional revenue from existing customers, are
increasingly likely to offer encryption services as
value-added services, especially as encryption is
more readily applied to digital rather than the
older analogue transmissions.
A shared international
problem
4.12 Whilst the study has largelyconcentrated on the domestic scene, the PIUtask force also took account of the views andexperiences of the Governments of the USA,Canada, Sweden, France and Germany. It isclear that law enforcement agencies in allthese countries, and many others, are facingsimilar problems. Although the degree of lostlawful interception currently caused by theuse of encryption in different countries isvariable, there is a general expectation thatthe problem posed by encryption for law
enforcement can only get worse. All thecountries with which this issue was raisedexpressed a desire to co-operate with othergovernments and with industry to tackle theimpact of encryption on law enforcement.
CODE BREAKING (BRUTE-FORCE
ATTACKS)
How easy is it to crack an encrypted message?
Digital encryption keys are classified according
to how may bits they have. To take the example
of a readily available 128-bit key; using a brute
force approach with a billion computers
that are able to try a billion keys per second(which is far beyond anything available at
present) it would still take the decrypter
10,000,000,000,000 years to try all of the
possible combinations. That is something like
a thousand times the age of the universe.
Encryption
andL
aw
Enforcement
8
7/29/2019 Law_Enf
12/21
5.1 In chapter 3, the importance ofencryption to the development of electroniccommerce, as a means of guaranteeingintegrity, authentication and confidentiality,was demonstrated. Chapter 4 assessed theimpact of encryption on law enforcementcapabilities and, in particular, on the abilityof law enforcement agencies to deriveintelligence from seized and interceptedmaterial. Taken together, these two precedingchapters make clear that there is a balance tobe struck between the needs of business andlaw enforcement. This chapter goes on to setout the Governments recent approach toregulating providers of encryption serviceswith the aim of striking that balance. It also
considers the likely way in which encryptionservices will be provided to customers acrossthe Internet, specifically explaining thestructure of Public Key Cryptography, asthe most likely form of service provision.
Public Key Cryptography
5.2 The widespread use of cryptographyhas only become feasible because of theinvention of what has become known as
Public Key Cryptography. In such a system,users keys come in pairs, known as publicand private keys. As the names suggest, theprivate keys are only known to their owners,whereas public keys can be made available toanyone. A private key cannot be derived fromthe corresponding public key.
5.3 Messages can now be enciphered usingthe intended recipients public key. Theprivate key needed to decipher the messageis known only to the recipient. Therefore,
only the recipient can decipher the messagecontent. It is obviously important for thesender of the message not only to be able togain access to the recipients public key, but
also to be confident that it does indeedpertain to the correct and intended recipient.Public keys are very often made accessibleto all; they are bound to the identity of theirindividual owner by wrapping them in adigital certificate, signed by a recognisedand trusted Certification Authority (CA).This important supporting infrastructureis commonly known as a Public KeyInfrastructure (PKI).
ENCRYPTED MESSAGES AND PUBLIC KEY
INFRASTRUCTURE
This example illustrates data confidentiality.
The same PKI can be used to support secure
electronic signatures. Different keys are typicallyused for the different services.
If two people, A and B, want to send each other
encrypted messages:
1. A arranges to have a key pair certificated by
the Certification Authority providing the Public
Key Infrastructure service. A must prove his
identity to the Certification Authority who
then vouches for the fact that A indeed has
the private key corresponding to the
certificated public key.
2. A keeps the private key securely, whilst thepublic key is published complete with its
certificate attached.
3. B uses As public key to encrypt his message,
having first verified for authenticity the
associated certificate for A.
4. B then sends the encrypted message to A (in
some cases enclosing his own public key
where this is necessary).
5. A uses his private key (and if necessary Bs
public key) to decode the message.
Not e: In key escrow both A and Bs private dat a
encryption keys (but not their signature keys) would
be stored (escrowed) wit h a Trust Service Provider.
Top ics covered in t his sect ion :
Public Key Cryptography
Digital signatures
Key escrow and licensing
5. GOVERNMENT CONSIDERATION
OF ENCRYPTION POLICY
Encryption
and
Law
Enforcement
9
7/29/2019 Law_Enf
13/21
Digital signatures
5.4 Public Key Cryptography can alsobe used to guarantee the integrity andauthenticity of data, whether the data itselfis to be enciphered or not. (The signing ofa bank cheque is often regarded as a helpfulanalogy.) With encryption, this is done by
a process that combines use of a privatesignature key with the data that is to besigned to construct a (message dependent)digital signature. This signature can bevalidated with knowledge only of theassociated public key. Hence anyone canbe confident that the owner of the key pairconstructed both the signature and the datato which that particular signature is attached.
5.5 Again, for this to work it is essential forverifiers of the signature to be confident that
the relevant key pair is properly identified toits real owner. So in these circumstancesaccess to the public key would normally beachieved via a digital certificate, itself signedby a trusted CA. Attaching such a digitalsignature to an electronic document hassignificant benefits for engendering trust inelectronic commerce. When they receive adocument with such a signature, a recipientwill know that the document has genuinelycome from the claimed originator. Digitalsignatures have the potential to open up new
areas of business to electronic commerce, forexample by making a reality of electronicsigning of contracts.
5.6 Digital signatures do not pose the sameproblem to law enforcement. They couldeven bring significant law enforcementbenefits, as they would help an individualsender or recipient to be positivelyidentified and may also help cut downon fraudulent transactions.
Key escrow and licensing
5.7 In 1996, the Government proposed thatproviders of data encryption and digitalsignature services should be obliged to applyfor official licensing as Trusted Third Parties.Such mandatory licensing would be designedto help establish the market by guaranteeingto consumers that certain standards wereadhered to by the service providers. For lawenforcement purposes, an importantcondition of the proposed licensing regime
was that service providers would be requiredto keep copies of their customers privatedata encryption keys (but not signature keys),so that, if required, law enforcement agenciescould access them under warrant.
5.8 Key escrow is the arrangementwhereby a copy of the key that enables thecontent of a document to be subsequentlyrecovered is held securely by a third party.Licensed key escrow refers to a system wherea copy of the key is held by a trusted thirdparty, who has satisfied the stringentregulations concerning maintenance and
custody of client keys, generally but notalways the company that is providing theencryption service.
5.9 Industrys response to these proposalsincluded a concern that mandatory licensingfor encryption service providers would slowthe take-up of electronic commerce. It wasalso argued that criminals would avoid thecontrols by making their own arrangements,while British business and commerce wouldbe competitively disadvantaged by having
to build their e-commerce systems in theparticular way that the Government required.
5.10 In April 1998, the Government decidedthat policy should be relaxed. Instead ofmandatory licensing for encryption anddigital signature service providers, itproposed that licensing would be voluntary.However, the requirement to operate dataencryption key escrow remained for thosecompanies that wished to exploit the cachetof being licensed.
5.11 Digital signatures supported byproviders who met the regulatoryrequirements were thought likely to carrya greater legal presumption of authenticitythan those issued by unlicensed providers.This would be an encouragement for peopleto use licensed providers. Companies hopingto avoid key escrow would not be allowed togain the benefits of licensing for operatingjust a signature service. The proposal wasthat there should be an all or nothing
approach, i.e. companies licensed to providedigital signatures that also wished to provideencryption services could only do sounder licence.
5.12 Government trailed a change to thispolicy, in the DTIs latest consultationdocument on the Electronic Commerce Bill,Build ing Confidence in Electronic Commerce,issued on 5 March 1999. This consulted onthe basis that key escrow or third party keyrecovery would not be a requirement for
licensing, and that licensing itself wouldin any case be voluntary.
Encryption
andL
aw
Enforcement
10
7/29/2019 Law_Enf
14/21
6.1 As stated above, the PIU task forcewas to examine the merits of the originallyproposed linkage between licensing andkey escrow. This chapter assesses the meritsand limitations of key escrow, from theperspective of industry and consumers.It also considers the extent to which keyescrow, or other forms of third party keyrecovery, would address the law enforcementconcerns raised by encryption.
The merits of key escrow
6.2 For business and consumers, a
system of Government-licensed providersof encryption services, together withlicensed Trust Service Providers holdingcopies of encryption keys, carries a numberof potential benefits:
the licensing of Trust Service Providerswould provide reassurance to users thattheir confidentiality requirements arebeing met by a company that meetscertain minimum standards of serviceprovision (analogous to a British Standardkite mark);
a properly implemented and managedthird party key recovery system would helpincrease users confidence that their keysare properly maintained and access tothem is given only to those having aproper, lawful permission; and
a Key escrow (or key recovery) systemwould permit the retrieval of importantdata by users themselves, for example ifconfidentiality keys were accidentally lostor perhaps destroyed by a departing ordisaffected employee.
6.3 In terms oflaw enforcementrequirements, the merits of key escrowwould to some extent depend on the ease
with which it could be avoided, nationallyor internationally. This is considered furtherbelow. However, if key escrow was widelyadopted and implemented, then the taskforce concluded that, in terms of the publicpolicy response to developing encryptiontechnologies, no other technique wouldgive anything like the same functionalityin meeting the needs of law enforcementin their task of ensuring the UK is a safe placein which to live and work.
6.4 Having obtained the particular keywarrant, in addition to the authority tointercept the communications of a suspected
serious criminal, key escrow would allow thepolice and law enforcement agencies todecrypt such communications cheaply andeasily, thereby retaining similar levels ofintelligence to those they currently have.Seized encrypted material might besimilarly examined.
6.5 The obvious question is why criminalswould use a key escrow system which madekeys available to the police and otherlaw enforcement agencies. The PIU task
force took the view that this is not apersuasive argument against key escrow,concluding that:
criminals generally use technology thatis readily available. Indeed, criminalscontinue to use landline telephones,even though it is well known that theircommunications can be intercepted; and
criminals have to deal with legitimatebusinesses including travel agents, car hirecompanies and others who will not beinterested in evading normal commercial
arrangements.
The task force did, however, recognise andagree with the Governments previous
Top ics covered in t his sect ion :
The merits of key escrow
The limitat ions of key escrow
Conclusions on key escrow
6. ANALYSIS OF KEY ESCROW
Encryption
and
Law
Enforcement
11
7/29/2019 Law_Enf
15/21
assessment that a proportion of moresophisticated criminals would be unlikelyto use any Government-sanctionedencryption system.
The limitations of
key escrow
6.6 The task forces in-depth interviewswith industry highlighted a number of criticalconcerns about key escrow. These can bedivided as follows:
concerns as to the viability of key escrowas a technique in providing electronicconfidentiality products and services. Asthere is no large-scale working model of anescrowed Public Key Infrastructure, theseconcerns as to scalability and securitycannot be resolved at present;
commercial problems affecting theextent to which market forces couldbe expected to drive key escrow as anindustry standard;
difficulties arising from the global natureof e-commerce which would interact withthese technical and commercial problemsif the UK adopted a stand-alone keyescrow policy.
6.7 These issues are explored further in theboxes below.
STATED TECHNICAL OBJECTIONS
TO KEY ESCROW
An escrowed Public Key Infrastructure may
not scale to millions of users because of its
inherent complexity; it is untried technology.
A key store would represent a single
concentration of vulnerability, which may
be subject to sophisticated attack by hackers.
However, an advantage is that this risk is more
easily addressed by implementing strong
security at a single location.
Adoption of key escrow could cut UK industry
off from the mainstream development of new
encryption protocols, with consequential cost
and functionality limitations.
Some technologies make use of a new key
for each message (known as session keys).
Because of the potential number of them,
these keys are not suited to storage.
DIFFICULTIES WITH KEY ESCROW ARISING
FROM THE GLOBAL NATUREOF E-COMMERCE
The task force considered that the range of
technical and commercial objections to key
escrow were such that adoption of key escrow
would be unlikely to take place solely through the
action of market forces it could only be driven
by legislation. Domestic legislation in the UK
alone would raise further difficulties:
the Internet does not respect national
boundaries. A potential user of encryption
services would be able to choose from all
those offered commercially, regardless of
where they originated;
it is probable that UK users would opt for
simpler, cheaper encryption services located
outside the UK if key escrow imposed
additional costs on domestic providers;
a market might well develop outside the
UK for services that offered themselves as
defending the individuals right to privacy
by avoiding key escrow; and
COMMERCIAL CONCERNS WITH
KEY ESCROW
Companies interviewed by the task force raised
the following problems with key escrow:
Key escrow is perceived as adding costs to
a Public Key Infrastructure supporting public
confidentiality services;
potential UK Trust Service Providers would
be reluctant to be licensed under a regime
that mandated key escrow as a condition
of licensing;
Key escrow could be expected to involve
some additional capital and running costs that
would have to be passed on to customers; and
it would be difficult to react quickly to the
changing Internet business environment if it
was also necessary to meet the UKs unique
escrow requirements.
For key escrow to be successful in meeting the
law enforcement requirements, it would need
to become the industry standard and blue chip
service providers would need to lead the way
in marketing licensed services. The lack of
commercial enthusiasm to be licensed represents
a major hurdle which would need to be overcome.
Encryption
andL
aw
Enforcement
12
continued >
7/29/2019 Law_Enf
16/21
Conclusions on key escrow
6.8 In the abstract, key escrow and otherforms of third-party key recovery have anumber of attractions as a public policyresponse in meeting the concerns of law
enforcement in the face of developingencryption technologies. However, a systemof key escrow with Trusted Third Parties couldonly be effective if it was widely adopted inthe UK and international marketplace.
6.9 In assessing likely domestic andinternational developments in encryption,the task force concluded that:
widespread adoption of key escrow wasunlikely in the current industry and public
climate. It was evident that the opportunityto put in place a single Public KeyInfrastructure incorporating key escrow hadpassed. Many different products andservices are already being introduced intoa market that is changing rapidly;
the proposed voluntary licensing ofproviders of electronic encryption serviceswould help improve consumersconfidence and would therefore supportthe development of e-commerce in the UK;
implementation of mandatory key escrow
would significantly impair the ability of theUK to become the leading environment inthe world in which to trade electronically.It would be shunned by UK business whichhas to compete in world markets andagainst competitors established in othercountries; and
in the light of the above, key escrow asa condition of licensing would not deliverto law enforcement agencies even areasonable amount of assured access todecrypted communications.
on the basis of discussions with other
countries, and in particular with EU member
states, there would be a danger of driving the
UKs encryption market overseas if key escrow
was implemented in the UK alone. UK firms
would, of course, be free to market their
services back into the UK from any EU country.
These concerns suggest that a stand-alone UKregulatory framework for encryption would be
unlikely to be effective.
6.10 The PIU task force thereforerecommended that the Governmentshould reform policy so that licensedproviders should not be required todeposit data encryption keys withthird parties (i.e. no mandatory keyescrow). The introduction of amandatory link between licensed
providers of services and key escrowwould not support the Governmentstwin objectives on e-commerce andlaw enforcement.
Encryption
and
Law
Enforcement
13
7/29/2019 Law_Enf
17/21
7.1 In the absence of key escrow, the taskforce recommended that the Governmentshould adopt a new approach based onco-operation with industry to balance theaim of giving the UK the worlds bestenvironment for e-commerce with the needsof law enforcement. The task force identifiedno silver bullet policy that would guaranteethat the development of encryption did notaffect the capability of law enforcement toderive intelligence from interceptedcommunications. In future, a package ofmeasures will be needed in developing acredible strategy to limit the harm doneby encryption and to maintain public safety.The main elements of this strategy are
recommended below.
A new Government/industry
joint forum
7.2 The PIU task force found that, to someextent, the development of a more crediblestrategy had been hampered by poorGovernment/industry co-operation. In largepart the debate has focused on key escrowto the detriment of everything else. And yet
co-operation between Government andindustry is vital to:
help industry understand the threats to lawenforcement from emerging technologies;
enable law enforcement to understandmarket trends and realities; and
allow Government and business to worktogether in order to achieve a workablebalance between commercial and lawenforcement interests, leading to theadoption of appropriate practices and
standards in the provision of Internet andtelecommunications services.
7.3 This co-operation would need to bebased on trust between the parties. The taskforce hoped that this will be helped by theunambiguous statement that key escrow isnot to be an element of the licensing regime,reflecting the concerns of industry. Greaterco-operation would also expose business tothe important public safety interests at stake.
7.4 As a focus for this newco-operative approach, the PIU taskforce recommended the establishmentof a joint Government/ industry forum.This idea was warmly welcomed by thecompanies the task force spoke to. The forum
would include the Cabinet Offices Central ITUnit, representing government as a purchaserand user of IT products and services.
7.5 The forum might have a high-level policygroup with a subordinate specialist technicaland legal structure. The purpose of the forumwill be to ensure that industry is consultedon, and given a structured opportunity tocontribute positively to, Government policyin this area. The chairman of the high-levelpolicy group should be a senior official from
the Department of Trade and Industry.When established, this co-operation shouldbe promoted internationally. It is proposedthat the forum should be assisted by theestablishment of an encryption co-ordinationunit within the Home Office. This unit willprovide assistance on matters connectedwith policy, technology and standards, andact as a secretariat and as a focal point forinternational liaison.
Encryption
andL
aw
Enforcement
14
Top ics covered in t his sect ion :
A new Government/ industry joint forum
Establishment of a Technical Assistance Cent re
Legislative issues
Internat ional issues
7. A NEW APPROACH
7/29/2019 Law_Enf
18/21
Establishment of a Technical
Assistance Centre
7.6 There is currently no dedicated resourceto assist law enforcement agencies withaccessing plain communications or textfrom encrypted material. The PIU taskforce therefore recommended the
establishment of an operationalTechnical Assistance Centre in securepremises, operating on a 24 hour basis.This would, where possible, carry outdecryption of lawfully intercepted orrecovered material not supplied in plain-textformat, seeking assistance from industrywhere necessary. Such decryption wouldinvolve the routine application of appropriatemethodologies, where the keys are available.It would provide a means of rapidconsultation with industry where access
to plain text is hindered by the need toidentify the communications or storageprotocol structures.
Legislative issues
7.7 The task force found that currentlegislation is inadequate to deal with thechallenges for law enforcement that are likelyto arise as a result of the increasing use ofencryption. In this respect, the task force
welcomes the intention to include inthe Electronic Commerce Bill provisionsto allow lawful access to decryptionkeys and/ or plain text under properauthority. The task force alsorecommended that further attentionshould be given in the Bill to placingthe onus on the recipient of adisclosure notice to prove to theauthorities that the requested keys orplain text are not in his possession, andto state to the best of his knowledgeand belief where they are.
7.8 During the course of the study, thetask force found that industry shares manyof the concerns of Government with respectto the misuse of encryption for criminalpurposes. For business, this is particularlyrelevant to cases of fraud and intellectualproperty theft. In this respect, the view ofsome of the countries and organisationsconsulted was that it should be made acriminal offence to use encryption in thefurtherance of a crime. In other words there
would be a penalty (of a nature to be
determined) if encryption for confidentialitywas used by an individual or a body in eitherplanning or carrying out a crime. The taskforce considered the option of such anapproach, but concluded that this shouldnot be pursued. It was unlikely to be of anypractical benefit in deterring the criminaluse of encryption and risked being seen
as criminalising the use of encryption.
7.9 The task force noted that a review of theInterception of Communications Act 1985was under way within the Home Office.It was recognised that the findings of thisreview would have an important read-acrossto the Governments policy on encryption.
International issues
7.10 The task force considered that asencryption, like electronic commerce, is aworld-wide phenomenon, there must be agreater degree of international co-operation particularly in relation to setting agreedstandards. To be effective, solutionsconcerning the regulation or use ofencryption must be made to workinternationally. However, apart from theOECD Guidelines on Cryptography Policy,3
there has been remarkably little co-ordinationof policy on encryption matters. The result
has been a degree of misunderstanding andsuspicion as to the rationale behind attemptsto regulate, or influence, the domestic use ofencryption. The real case for law enforcementhas not been made effectively.
7.11 The task force considered that effortsshould be made to ensure that the lawenforcement requirement is recognised andaccepted by international policy andstandardisation bodies. This will involvesustained international co-operation between
HMG and other governments to promote lawenforcement access as a legitimate regulatoryrequirement. There is therefore a potentialneed for a new international framework fordealing with this issue. Following discussionswith the leading countries on encryptionmatters, the PIU task force recommendedthat the Government should continuediscussions with foreign governmentswith a view to seeking support for anew forum to promote co-operationon policy, law enforcement, andtechnical and standards matters
relating to encryption.
Encryption
and
Law
Enforcement
15
3The Guidelines on Cryptography Policy were drawn up in 1996 and published in March 1997 by the OECD.
7/29/2019 Law_Enf
19/21
The creation of the Performance andInnovation Unit (PIU) was announced bythe Prime Minister on 28 July 1998 as partof the changes following a review of theeffectiveness of the centre of governmentby Sir Richard Wilson. The PIUs aim is toimprove the capacity of government toaddress strategic, cross-cutting issues andpromote innovation in the developmentof policy and in the delivery of theGovernments objectives. The PIU is partof the drive for better, more joined-upgovernment. It acts as a resource for thewhole of government, tackling issues thatcross public sector institutional boundarieson a project basis.
The Unit reports direct to the Prime Ministerthrough Sir Richard Wilson and is headedby a Senior Civil Servant, Mr SumaChakrabarti. It has a small central team thathelps recommend project subjects, managesthe Units work and follows up projectsrecommendations with departments. Workon the projects themselves is carriedout by small teams assembled both frominside and outside government. About halfof the current project team staff are drawn
from outside Whitehall, including fromprivate sector consultancies, academiaand local government.
The first set of PIU projects were announcedby the Prime Minister in December 1998.The aim is to complete most of them by latesummer/autumn 1999. The projects are:
Developing Electronic Commerce inthe UK how to make the UK the worldsbest environment for electronic commerce,
ensuring that the UK benefits fully from thesingle fastest growing marketplace in theglobal economy;
ANNEX A:
ROLE OF THE PERFORMANCE AND INNOVATION UNIT
Encryption
and
Law
Enforcement
17
Active Ageing how to improve thewell-being and quality of life of olderpeople by helping them to remain active.The study will identify ways of increasingthe employment opportunities for olderpeople, by examining the incentives forbusinesses to employ and retain olderpeople and for individuals to remain inpaid or voluntary work;
Central Governments Role atRegional & Local Level getting theright institutional arrangements andrelationships in place for joined-up deliveryof central Government policies in regionsand communities;
Accountability and Incentives forJoined-Up Government examininghow current accountability arrangementsand incentive systems can be reformedto facilitate joined-up policy-making anddelivery, for example by promotingachievement of joint objectives whichrequire co-operation betweendepartments; and
Objectives for Rural Economies examining the differing needs of local ruraleconomies, and the key factors affecting
performance, so as to establish clearobjectives for Government policiesinfluencing the future developmentof rural economies.
The Unit is also separately identifying the keyfuture challenges that government will haveto face, as referred to in the GovernmentsModernising GovernmentWhite Paper,published in April 1999. This work will helpdepartments and other organisations to lookbeyond their existing policies towards the
Governments long-term goals.
7/29/2019 Law_Enf
20/21
Interception of
encrypted communications
The following represent law enforcementsideal requirements in order to maintain theeffectiveness of interception in the face ofcriminal use of encryption:
to be effective, interception must take placewithout the knowledge of either party tothe communication. Therefore, decryptionmust also take place without either partybeing aware that it is happening;
one of the most useful features ofinterception is that it enables information
to be gathered in real time (as it happens).Decryption of communications must takeplace as close as possible to real time tomaintain the effectiveness of the power;
there needs to be a means of identifyingthe sender and recipient of a message andthe identity of the key holder; and
law enforcement agencies require sufficientinformation in order to decrypt interceptedcommunications to and from a target. Ingeneral this will mean the provision of keysnecessary for decryption. The provision of
plain text may be acceptable if it isprovided in such a way as to ensure thatonly the law enforcement agency is awareof the content (to protect the targets rightto privacy and operational security) and itis accompanied by sufficient information toensure that the plain text provided is theoriginal content of the communication.
Access to encrypted stored
data
Similarly, a number of factors applying tolawful access to stored data must also beapplied to lawful access to encrypted storeddata, as follows:
stored data must be retrieved in such away as to ensure that its provenance canbe proved in court, and handled in sucha way as to maintain the chain ofevidence. Decryption of stored datamust therefore take place in accordancewith best practice on computer forensicevidence. In general, this may requireaccess to the decryption key rather thanthe plain text (otherwise doubt might becast in court on the authenticity of theplain text); and
access to the stored data must be within alegal time limit imposed by the instrumentunder which it is obtained (e.g. a
production order issued by a court mightrequire compliance within five workingdays). Decryption must therefore be ableto take place within the same timescale asthe statutory power.
Delivery of encrypted data to
which lawful access is given
Any data lawfully intercepted or retrieved,or requests for such data, must be passed
securely between the agency which has beengiven legitimate access and the Trust ServiceProvider, or other party providing access.Delivery must be effected in such a way thatthe data cannot be read or retrieved byanyone not having lawful access. This willprotect both operational sensitivities and theprivacy of users of encryption.
Cost-effectiveness
The current interception of communications
regime is a cost-effective use of lawenforcement resources. Ideally this wouldremain the case under a system thatincludes the decryption of lawfullyintercepted communications.
ANNEX B:
LAW ENFORCEMENT REQUIREMENTS
Encryption
and
Law
Enforcement
19
7/29/2019 Law_Enf
21/21
