The Hazards and Vulnerabilities of the Digital Age

A pair of Israeli mathematicians developed a code-breaking method that combines a simple desktop computer with a microwave generator. They call it Differential Fault Analysis. Their technique is effective no matter the length of the secret prime number "keys" used to encrypt data and it doesn't require knowledge of the encrypting system

PETER B. MARTIN © 2000, Valprionde, France

Secrecy and Sub Rosa Is Over

With the evolution of electronic communications the Gilded Age of secrecy and sub rosa is all but over. It is harder and harder to keep secrets secret. Security is somewhat a misnomer now. The White House leaks; the State Department is losing its statecraft; CIA's private world is almost public; and the "Puzzle Palace" (National Security Agency) is downright puzzled. Our dependence on the digital age jeopardizes our national security and our right to privacy. This paper examines the problems and proposes some possible answers; please keep in mind that simplification is adopted, whenever possible, to interpret the complex details of this subject, and that the author is not an expert in the field of data processing.

One can't write about the loss of secrecy without mentioning Echelon, the Cold War surveillance system that is still in existence. This array of "ears" that spans the globe, is part of the UKUSA intelligence alliance and consists of deep space satellites and intercept stations that receive all communications, whether cellular, microwave, fiber-optic or satellite and processed by powerful computers that aren programmed to pick up key words and phrases, suspect address and specific individuals voices. Certain non-member European countries have recently protested that the system is being abused and used for economic espionage. Their complaints are hard to take seriously as many of these countries have extensive electronic espionage networks of their own which are put to a good deal of questionable use.

Compromised By The Israelis

For example, the Clinton Administration, which never took security very seriously from the outset, recently found that White House, State Department and other high-level government offices communications systems were thoroughly compromised by the Israelis. Worse, Israel's clandestine intrusions might have been picked up a lot sooner had the administration been more serious about security procedures and if Attorney General, Janet Reno had not been reluctant to seek an indictment against a suspect, an Israeli businessman working for the DC phone company. The FBI had been tracking him and his wife for over a year and was pretty certain she was a Mossad agent under diplomatic cover at the Israeli Washington, DC embassy. The FBI investigation found her husband had even penetrated the Bureau's telephone system, including the most secret and sensitive communications, even those involving this highly classified counterespionage operation. Besides lax telephone security procedures in the White House, (many people just don't bother using a secure line), the key to the intrusion against the White House supposedly secure $30 million computerized communication system, appears to be the software installed by the local telephone company for their billing process. It was this software, which was connected to the White House database link, that was used to access classified and regular communications. Another technical security lapse, unearthed during the investigation, was the fortuitous discovery that the "electronic back door" used by technicians to service the system, had been left wide open.

The fact that some parts of telecommunication information, such as "secret" phone numbers, trunk lines, remote sites and passwords are accessible to anyone with some computer knowledge is a major security hazard. Spies, with a detailed knowledge of computer codes that are used to route telephone traffic, pose a grave security risk since these software codes are a means of access that enables conversations to be monitored and even remotely transcribed to another location - as was the case involving our government's communications system.

The Power of DFA

As an example of the security issues we are confronted with, a pair of Israeli mathematicians, Eli Biham and Adi Shamir, have discovered a code-breaking method that only needs a simple desktop computer and a microwave generator. They call it Differential Fault Analysis (DFA). Their technique is effective no matter how long the secret prime number "keys", used to encrypt data, happens to be and it doesn't even require knowledge of what system is being used to encrypt. It is based on the study that microwaves can subtly corrupt the data stored in a micro chip and incite it to make errors in encrypting information. The errors are the means of revealing the secret of the key system used. It has been well demonstrated by a team of computer and encryption experts that this odd, new technique can break virtually any code system, including Data Encryption Standard (DES) the system most employed in the world. Furthermore, the same encryption attack can even break triple DES which, with its 168 bits of key, was thought to be unbreakable. Moreover, this can be done without an overload of text or a massive amount of computers.

Here is how it works: An encryption device encrypts the original text, then the same text is fed into the device again, but this time the device is exposed to a burst of electromagnetic radiation, i.e.: microwaves from a high-frequency radio transmitter. This activates random errors in the circuitry storing the secret keys. The process is repeated several times giving a series of encrypted messages, each one produced by progressively corrupted numerical keys. Then, by using an ordinary PC to compare the messages with the original, one can figure out the form of the original key, which once discovered, can be fed into a computer simulation of the encryption system which in turn reveals the content of the message.

The Impregnable System

Kill the messenger. Human beings are the weak link in the computer and communication security chain. They often describe the security measure taken for all to hear, and being the ones that program the systems, hold the ultimate master key to their secrets systems. We tend to put our confidence blindly into a subject just to get what we think is the consummate solution to a difficult problem, and damn the consequences. The quintessential example would be the former major in the KGB, Victor Sheymov, who defected 20 years ago and went to work for NSA trying to find techniques to break into the KGB communication systems he had designed. Eventually he left the government agency because of a dispute over money that he insisted was owed to him by the U.S. Government as part of the defection agreement he had accepted. He then worked up a set of programming instructions based on his own algorithm procedure, which he claims makes any machine hacker-proof. His former NSA colleagues supposedly tested his invention and found the system impregnable. He is now the owner of his own cyber security company outside Washington, DC and government offices are interested in his discovery. Of course the vulnerability of the security system Mr Sheymov invented lies in the integrity of the man.

All Current Machines Are Vulnerable

It isn't only systems that are vulnerable, so are the very machines that house the systems. Spies can reassemble what is written on a computer by interpreting the intercepted radio-frequency emissions from the computer's electronics. Electronic keyboards are susceptible to eavesdropping because they rely on a scanning signal that radiates the pattern of keys being used. And a new system has been developed in the United States that allows someone to access any file on the hard drive of a targeted computer and record every key stroke made on it. It also allows someone to read any encrypted message regardless of the encryption used in near real time. Such surveillance technology makes it possible for law enforcement agencies (or criminals and spies) to

emotely monitor a PC anywhere on the globe and stealthy transmit the data back to a pre-determined covert internet address monitored and decoded by the operating system. Rather than physically having to place a chip surreptitiously inside a targeted computer, this new method allows one to monitor the computer electronically by placing covert software via the Internet into the PC.

NSA Monitoring Spots Encryption

It is an exaggeration to conclude that modern technology has revolutionized clandestine terrorist activity, aided the criminals and made our world all the more secure. For them to use encryption is a dead giveaway. Routine NSA monitoring would pick out the encrypted traffic and would flag the phone number for further monitoring. Encryption, instead of increasing one's security, lessens it. It is back to basics for the criminal world. For example, an ordinary cigarette paper is used to transmit information and orders from one criminal cell to another. The paper is wrapped in plain kitchen plastic wrap and the courier transports the message concealed in his mouth.

Cell Phones Easily Tapped

While prepaid card cell phones are anonymous and untraceable, making them useful for running illegal operations, such as drug dealing, they still can be easily tapped. And security agencies (or spies) can eavesdrop on conventional cell phone users by setting up a monitor station at the exchange where cell phone calls are connected to fixed public phones via gateways, networks, and simply tap into the link. The future harbors further risks. The new breed of "intelligent" programmable cell phones will be open to hacking and espionage like our computers are today. A virus could be easily introduced via the built-in programs, record conversations and pass them on to another phone.

Modern criminals use active scanners which have an approximate radius range of about 1 km.(actually only a modified cell phone that simulates a phone networks base station) to hack into another cell phone The criminal stations himself in a busy place such as an airport to tap into the control channel of a cell phone and within minutes can covertly identify the numbers of legitimate cell phones to then clone to his stolen cell phone. It is simpler than one would think because of the way cell phones operate. Cell phone systems constantly check the location of every cell phone in operation, so that incoming calls can be routed to the legitimate phone. This is done by a base station that sends out signals (a pair of numbers) "asking" every phone in use to reply with its number pair. All the criminal or spy has to do is to mimic this method and all the cell phones in the proximity will respond with their pair numbers. The bogus base station is connected to a conventional PC which builds a database of number pairs until a match pair is captured, usually within a matter of minutes.

The Importance of the Dongle

Our criminal or spy can also opt for a device called a dongle, if he wants to splurge about $150. The gismo isn't any larger than a large coin and plugs directly into the cell phone socket used for servicing purposes. This socket contains the chip that stores the control software. Once the dongle is plugged into the socket anyone can manipulate the stolen phone into a clone of a legitimate one, simply by keying in a new identity number on the phone's keyboard. To counter stolen cell phones, a new generation of phones have a chip incorporated in them that makes them act like a microphone, allowing someone to receive your conversations and trail your movements. Even after being turned off, the system works for a while, taking its power from the cell phones battery. Ironically, cloned phones and prepaid ones are probably the only secure phones around today; at least the caller's identity can be kept secret even if his location can be known.

You are not only being overheard, you are being increasingly watched by high-tech hidden surveillance cameras that actually do more than just film you. People's ordinary behavior is surprisingly alike, almost mathematically predictable. A new generation of computers have been programmed to spot deviate patterns that imply criminal activity, focus in on the subject and record on film the criminal act, such as planting a bomb, stealing a car or picking someone's pocket. In the future, an array of cameras on the street and in public buildings, tuned to your gestures, gait and facial recognition (called threshold values in computerspeak) will be able to follow your every move. Comforting thought.

Privacy Has Been Diminished

So where is this invasion of privacy leading us to? Ironically, not to more security but to diminished security. It is increasingly more difficult to safeguard our own security secrets because clandestine intrusions have gained the upper hand. Something has to be done to redress the situation.

Trying to build leak-proof firewalls, safe areas protected by codes and protocols that are hacker resistant doesn't seem to be the way forward. As we have seen, codes can be unlocked and firewalls can be by-passed and protocols can be corrupted. Rather than trying to fence off areas to a computer attack, an in-depth defense, made up of several layers and lying in ambush for an intruder, might prove more efficient. The countermeasures would begin once an intruder has broken into the system; he could be given false data from bogus files or be ensnared by a virus that would counter-attack the intruder. Sensitive files could be camouflaged behind phony codes and hidden in unlikely, pedestrian places. A new breed of hypersensitive microchips used in quantum cryptography could help in securing optic-fiber communications. Scientists have discovered how to detect a single photon using this new chip. They argue that if an encryption key is superimposed on a single photon, any hacker intercepting the photon in an optical-fiber communication would alter its quantum state, alerting the receiver to the interception, who could then change the key. Another principal liability, and the vectors of electronic viruses, are the programmable devices that have a link to one another. Modern phones with built-in programs should have their programs separated so that one program can't self-start another one. If the virus can't get out of the program it can not be spread elsewhere. Some experts think the future is in mathematical proofs that confirm when a system is secure. The dilemma is that people want more functions and ease of operation built into their communications systems but not the liability of viruses and eavesdropping that goes with it. A choice has to be made; it doesn't look like we can have both. Security or insecurity.

 Peter B. Martin was born in New York in 1942. He studied biology and fine arts and worked for the American Museum of Natural History for several years doing research in mammalogy. He married a French citizen and moved to France in 1968. He has an abiding interest in natural history and the arts and professional experience in both security and intelligence.