- 3 months ago
Category
📺
TVTranscript
00:00This
00:29This man is under investigation by the FBI.
00:33He is suspected of illegally exporting military equipment from the United States.
00:37In this case, a computer program which allows people to send messages in code.
00:42The program is called Pretty Good Privacy or PGP and the code is so powerful that even
00:48the US government is unable to crack it.
00:55People want their privacy back and PGP gives it back to them.
00:58I should be able to whisper something in your ear even if your ear is a thousand miles
01:01away.
01:04Copies of PGP have spread all over the world and are now preventing governments from eavesdropping
01:10on telephone and computer communications.
01:13Governments meanwhile are fighting back.
01:16Equinox has discovered that British intelligence agencies are secretly working on a system to
01:21help them crack encoded communications.
01:25Scientists fear that this will give them unprecedented powers of surveillance over our everyday lives
01:30and could even threaten our democratic freedom in the next century.
01:34This system is called Key Escrow.
01:39Key Escrow is already being debated in classified settings in the United Kingdom amongst representatives
01:47of the National Security Agency, GCHQ, MI5, MI6 and that you'll probably have Key Escrow before
01:54you know it in the United Kingdom.
01:56And you may have it already without you even knowing about it.
02:02Just the idea that I might be snooped on bothers me a lot.
02:07This isn't being taped, is it?
02:09It is.
02:11Don't tape it, please.
02:15Don't tape it, please.
02:19Don't tape it, please.
02:23When people want to communicate with each other they usually want to do so in private.
02:28The trouble is, there is always the danger that someone is listening in.
02:33For centuries, the way around this has been to send messages in code, so even if they
02:40are intercepted, they can't be understood.
02:51Unless that is, someone manages to break the code.
02:55This strange science of code making and code breaking is called cryptography or encryption.
03:10Encryption technology is the technology of privacy.
03:13It's the way that ordinary citizens, it's what ordinary citizens will use in order to
03:19protect their privacy in communication, their privacy in cyberspace, their privacy when they're
03:25on the telephone.
03:28People have been sending messages in code for many centuries.
03:31Julius Caesar invented his own code to keep his communications secret.
03:36What I have here is the Caesar wheel, which contains the alphabet written twice, one on
03:40an inside circle and one on the outside circle.
03:42Suppose you wish to send the message Bay secretly.
03:45You choose your key, let's say the number two, and you rotate the inner ring twice, once,
03:51twice.
03:52Now you replace each letter by the one outside it, so Bay becomes D-C-A.
04:01The Kama Sutra lists code making as one of the 64 arts that women are advised to study
04:06and practice.
04:14Perhaps the most famous moment in the history of cryptography was in the Second World War,
04:19when Alan Turing and his team of cryptographers at Bletchley Park built the world's first modern
04:24computer, the Colossus, which allowed them to crack Germany's Enigma code.
04:29This meant the British were able to read the communications of Germany's high command.
04:36But the Enigma story didn't end there.
04:39After the war, the British didn't let on for some time that they had broken the Enigma code.
04:44Instead, they gave away German Enigma machines to their Commonwealth allies, making out that
04:50Enigma was a safe way to encrypt sensitive communications.
04:54It wasn't until the 1970s that the Commonwealth countries realised that Britain had been able to decode their communications all along.
05:02The golden rules to remember are, firstly, lift the handset and wait for the dialing tone.
05:09Secondly, make sure of the number and dial it carefully.
05:13The advent of modern communication technology has increased the demand for cryptography enormously.
05:19Not only is everyone communicating more than they ever have before,
05:23but the nature of these communications makes them more vulnerable to interception.
05:28Twenty years ago, you might have found a very important message in the Middle East travelling securely on camelback.
05:34Today, you're very likely to find it travelling by a satellite channel.
05:37So, messages that would never have been vaguely accessible to intelligence twenty years ago
05:43are now readily accessible to intelligence.
05:46The coming of the information age has brought us a lot of conveniences, but it's also eroded our privacy.
05:52Computers and modern communication technologies have eroded our privacy, and people feel uncomfortable about this.
06:01From alarm clocks to car keys, digital technology has entered our everyday lives in many forms.
06:09But to a modern cryptographer, it's all just digital data, and anything digital can be encrypted.
06:19This key transmits a security code without which the car won't start.
06:24Each time it's turned, the code changes to one of 79,000 billion billion possibilities.
06:31And cryptographers say the growing use of digital technology leads inevitably to the growing use of encryption.
06:39We're living in a digital age, and in this age, a lot of our information, a lot of new goods and services are being put onto an information superhighway.
06:48We have to keep that information secure, and the way that's done is through encryption.
06:52Every day, we find encryption coming into our day-to-day lives using cash cards, credit cards.
06:59You find encryption in car keys, cable and satellite television, on the telephone system, mobile phones for example.
07:06It's everywhere.
07:07We're in a world where information is one of the major things that we buy and sell, and we look to buying and selling more of it.
07:15So people want to rent you movies over cable.
07:18They want to sell you marketing information about your customers.
07:21They want to sell you or rent you computer code.
07:25They want to sell and rent by dribs and drabs all sorts of information out of databases.
07:30So information itself is the commodity, and so we need security measures that are adapted to protecting information.
07:38National security depends, for example, on keeping information secure.
07:43That's why encryption is so valuable.
07:45Without it, so many of the pillars of the society that we've been brought up in would crash.
07:49Telephones and computers are now closely interlinked.
08:02Phone systems are run by computers, and computer networks operate over phone lines.
08:09The vulnerability of these communications to interception is highlighted by the ease with which these hackers in Chicago can gain access to telephone and computer systems.
08:20To get into these, all they need is a scrap of information, and getting this can be as easy as going through some dust bins.
08:36We got into this computer without a password.
08:38All you needed was a dial-up to get in.
08:40The telephone company uses this system to generate statistics and information about groups of phone lines that are being used.
08:47This particular one controls a Chicago suburb.
08:50You can use these computers to do more than read statistics.
08:53You can also reroute trunks, which effectively reroutes an entire group of phone lines to a different area,
08:58which would effectively shut off phone service, if you wished, to an entire area.
09:03You can do that right now?
09:05We could.
09:07To sum up the entire situation here, without a password or an account, with nothing but a phone number,
09:12we can connect to a phone company computer, change lines, reroute lines, shut off service, get information on services,
09:18get information that only phone company employees really should have access to.
09:22Another simple method of getting information is just persuading people to hand over their passwords,
09:29a method hackers call social engineering.
09:32Here, a hacker is social engineering, a branch of Blockbuster Video.
09:40Yeah, this is Mark Rottenberg from the Corporate Center.
09:44We're calling about the computers.
09:46Yeah, we've got a notice that apparently when you go into the sales section, it doesn't advance the time or something.
09:55Right.
09:56Is this a manager?
09:57If you don't mind, what's your name?
09:59Okay, do you know your user ID number?
10:03Okay.
10:04I'm going to need that.
10:0668268.
10:10What I'm doing is I'm monitoring the cellular network.
10:13We've got the cellular phone hooked up to the computer through a handy data cable and we're running a computer program
10:22that monitors the data sent back and forth between cellular phones and the base station on the cellular network.
10:30You could monitor the actual conversations, but that's against the law.
10:34People don't care about encryption partially because they're ignorant to what's going on.
10:38They don't know that their cellular phones can be monitored very easily.
10:43They don't know that their passwords could be sniffed off Unix systems very easily.
10:51They don't know that anyone would want to look through their email.
10:56But people do and it's very easy.
10:59So on balance, traffic is still becoming more vulnerable at a more rapid rate than the rate at which it's being protected by the application of cryptography.
11:10The vulnerability of digital communications affects everyone and it's not just prankster hackers who have an interest in getting access to your personal details.
11:24Employers often want to run checks on potential employees.
11:27Ex-wives and husbands want to get access to each other's bank details.
11:32Business competitors want to steal valuable commercial information.
11:36And the police want to keep tabs on criminals and even political troublemakers.
11:42Personal details such as medical records, banking transactions and criminal records and even your phone conversations,
11:49faxes and email are all open to being hacked unless, that is, the information involved has been encrypted.
11:58In this case, I'm foiled because it says begin PGP message and then it's all encrypted.
12:07But if he had typed in a message and not used encryption, it would be all right here, which would be very easily read and saved.
12:17And, uh, I would know who it was going to, who sent it.
12:21So it's a good thing he used encryption because, drat, I'm foiled, I can't do anything now.
12:27It doesn't mean anything to me, it's all just gibberish.
12:30The basic principles of cryptography haven't changed much over the centuries.
12:36The sender needs to encrypt the message using a key and the receiver needs to decrypt the message using a key.
12:43With modern codes, however, the keys consist of very large numbers and the code itself is made up of highly complex mathematical logic.
12:52This is called the algorithm, which scrambles the electronic ones and zeros which make up digital data.
13:01This can be done at such high speeds that an ordinary phone call, for example, can be encrypted and decrypted so quickly that users themselves may not even know it's happening.
13:13What's more, modern codes are so complex that scientists say they are almost impossible to crack.
13:20At the University of London, Professor Fred Piper is about to challenge one of the fastest computers in Britain to crack a simple message written in code.
13:29We are now going to try a little experiment to give some idea of how strong these ciphers are.
13:33What I'm doing is typing in a very short message, Mary had a little lamb.
13:39I then type in the key which we use to encrypt this message using one of the most popular ciphers known.
13:47This now produces a cryptogram.
13:49We will now take this cryptogram to the supercomputer.
13:53We will feed in the cryptogram to the computer and challenge the computer to crack the code by trying all keys to tell us what the message was.
14:00What I'm doing now is instructing the computer to stop the search and to give up trying to crack the code.
14:20And the reason is quite simply that it's a futile and impossible task.
14:24It would take this computer millions and millions of years to complete the search for our key.
14:29And so it's absolutely futile for it to try to attempt it in half an hour.
14:33The quickest way to crack a modern code is to get a supercomputer to search exhaustively through every possible key.
14:41If the key is long, in other words, if it is made up of a lot of binary digits or bits, then it presents the supercomputer with the daunting task of searching through many possible keys before getting to the right one.
14:52Then the way for an attacker to find the key is to try through all possible keys.
14:57So if you have a 128-bit key, then the attacker will have to try two to 128 possibilities, and that means he's got to perform a million, million, million, million, million, million trials.
15:08That's a very large number, with today's technology just infeasible.
15:11But the length of the key is only part of the problem.
15:15Before you communicate with someone in code, they have to have a copy of the key, and getting a copy to them without the key itself being intercepted is one of the hardest problems in cryptography.
15:28Because before I send the information to you, I will encrypt it with the key.
15:33And so as long as the key stays secret and the cryptographic system is of adequate quality, then the message will be secret.
15:40The trouble of that is that before we send the message, each of us has to have the key.
15:46Cryptographers all over the world recognize these three characters, Alice, Bob, and Eve.
16:02Now instead of saying person A wants to send a message to person B, we say Alice wants to send a message to Bob, and Eve wants to eavesdrop.
16:11She wants to listen in.
16:13One obvious problem is just getting the secret key to the destination.
16:19I mean, if you think that you're in London, let's suppose Alice is in London and Bob's in America, then the idea is for Alice to send Bob a secret message.
16:28And you're assuming that's difficult, because you're assuming that Eve will be able to intercept that message.
16:34But before you can send the encrypted message, Alice has got to send Bob the secret key.
16:40Now how does she do it?
16:41The problem of how to distribute the keys to a code while keeping them secret has plagued cryptographers for centuries.
16:48The solution to this problem has revolutionized encryption and in the eyes of some has made cryptography a menace to society.
16:56Hello, Bob. It's Alice. I need to speak to you urgently.
17:07Wait. Don't say anything. I think Eve might be listening in on the line.
17:11Oh, no. What will we do?
17:13We'll have to talk in code.
17:15Code? What sort of code?
17:17I can't tell you.
17:19Why not?
17:20Because I think Eve might be listening in on the line.
17:24The problem with handling secret keys is that when Alice wants to communicate with Bob in code, she encrypts the message using a secret key.
17:34But she needs to tell Bob what the key is before he can decode the message.
17:38But how does Alice get the key to Bob without Eve also finding out what the key is, enabling her to decode the message as well?
17:49The problem of secret keys was finally solved in 1976 by Whitfield Diffie while he was a research student at the Massachusetts Institute of Technology.
18:07His revolutionary idea was to split the keys into two.
18:11One public key, which would encode the message, and one private key, which would decode the message.
18:18Whitfield Diffie is now widely regarded as the greatest living cryptographer.
18:23Now, if you have a system that works like this with public keys and private keys, then what you can do is that you can make the public key public.
18:32You can put it, logically speaking, into a phone directory.
18:35You can make it available to a very wide number of people.
18:38And what that means is that if I know your public key and I want to send you a message, then I just take my message and I encrypt it in your public key.
18:47Now, it can't be decrypted with your public key.
18:51The only key in the world that will decrypt it is your private key.
18:54But your private key is something that only you know.
18:57That's why we call it your private key.
18:59Hi, Bob.
19:00Hello there, Alice.
19:02I need to speak to you, but as usual, I don't want that pesky Eve to listen in.
19:08No problem, Alice. Why don't you send it to me in code?
19:11How do I do that?
19:13Given that we both have the appropriate software package installed on our personal computers, all you have to do is call me back using my public key.
19:20That will encode the message.
19:22But if your key is public, surely Eve also knows what it is.
19:26It doesn't matter, Alice. Without my special secret key, which complements my public key, Eve won't be able to understand anything.
19:34What a clever man that Whitfield Diffie is.
19:38The mathematical relationship between the public and private keys in Diffie's system is extremely complicated, but the application is relatively simple.
19:47For Alice to send a message to Bob, Bob will simply tell Alice what his public key is, and he doesn't care if Eve also knows what it is.
19:55Because although the public key can be used to encrypt a message to Bob, only Bob's private key can decrypt the message.
20:02What's more, because keys can safely be made public, it opens the way for encrypted communications from many Alices to many Bobs.
20:11After the creation of public key, it became possible to have a highly distributed, decentralized method for exchanging keys and thereby for exchanging private communication.
20:24This process of spreading outward the technology of encryption and the method for exchanging keys has suddenly, literally, brought the tools of privacy to the masses.
20:36Despite its complexity, public key encryption is remarkably simple to use.
20:47To encrypt computer messages, all you need is a simple encryption program on your personal computer.
20:53And to encrypt phone messages, all you need is a simple computer program and something called a sound card, which can be acquired cheaply from any computer shop.
21:03Encryption looks like this. I mean, it's as simple as any other program that you have on your computer. There's absolutely nothing special about it.
21:16But allowing the masses to have access to public key encryption can bring problems.
21:22Encryption is now so easy to use that police forces in Britain and elsewhere say that tracking down criminals is becoming increasingly difficult.
21:31As the use of encryption has spread very rapidly over the past two or three years, more and more criminals are catching on to the benefits of cryptography.
21:39Child porn rings are making extensive use of encryption, as are international drug syndicates and terrorist groups.
21:46Dorothy Denning is the main advisor to the US government on cryptography. She believes that the wide availability of free public key encryption software poses a major problem for law enforcement.
22:01I think that you have to make sure that encryption itself does not become a threat to society.
22:08If you've got terrorists or criminals of any type who are using encryption on their communications, and they're using good encryption, that would preclude law enforcement officials from being able to get access to those communications.
22:23And wiretaps have been traditionally an extremely valuable method used in investigations when other methods can't be used instead.
22:36Wayne Madsen is a former spy who worked at America's National Security Agency, the US equivalent of GCHQ, which is responsible for eavesdropping on telephone and computer networks.
22:49He has had direct experience of government attempts to crack codes.
22:54The issue of eavesdropping by intelligence agencies and also the law enforcement community, the FBI and MI5 in the United Kingdom,
23:04it's critical because they need to have this capability to track international terrorists, also international narcotics dealers,
23:13and nobody wants to hobble their capability to do that.
23:16Even hackers themselves have taken to using encryption.
23:26To avoid being traced by the police, these hackers are using a public payphone,
23:31as well as strong encryption software on their laptop computer.
23:35Hackers in general, I think, think that encryption is a double-edged sword for them.
23:47On the one hand, they're able to keep their stuff secret and no one can know what they're going on.
23:52They can have secure communications with other hackers or whoever they want to speak to.
23:57But at the same time, encryption makes things extremely hard to break into other people's systems.
24:03If we reach a situation where all communications and all stored information is outside the scope of government access,
24:10I think that potentially poses an enormous public safety problem.
24:16The problem has become so extreme that police forces around the world have been pushing for legislation to prevent the use of strong encryption.
24:29Most governments are now actively trying to stop its spread.
24:33Some countries, like Russia, have banned the use of encryption for anyone without a special license.
24:38Law enforcement agencies, prompted behind the scenes by intelligence agencies,
24:47are trying to limit the spread of cryptography that would give them trouble in spying on people.
24:55When the European standard for mobile phones was being developed,
25:00Britain's DTI intervened to prevent phone companies from using powerful encryption.
25:05Your digital mobile phone could have had very strong encryption in it.
25:10But in the mid-1980s, when this was being argued about in the corridors of power,
25:15it was only the Germans who were in favour of strong encryption,
25:18because they had a huge border with East Germany at the time.
25:22The other governments in Europe wanted weak encryption so they could spy on their citizens.
25:26And it's the other governments which won the day.
25:28And the encryption algorithm that's actually used in your mobile phone, called A5,
25:33was designed by the French, and it can be broken by any organisation with a reasonable amount of computing power.
25:40All Western governments now classify encryption as military hardware,
25:45and have made it illegal to export encryption systems, even if it's just a programme on a computer disk.
25:51Indeed, countries like France have also banned the import of encryption systems.
25:56In order to pacify governments, the computer firm ICL has built an encryption system called Sesame,
26:02which can be made deliberately weak so that governments can crack it.
26:07What we've done is we've allowed the customer to have a cryptographic capability which is much weaker
26:15than the cryptographic capability we need for our particular operations,
26:20and in the hope that governments will see fit to allow this sort of technology to be used in their various countries.
26:26But governments don't just want to stop criminals using encryption.
26:32Often, intelligence agencies want to listen in on neighbouring countries,
26:36and encryption can be a real problem to them.
26:39Britain, for example, has had to look to the US government to help them eavesdrop on the communications of the Irish government.
26:47In the mid-1980s, when talks from being engaged between the British and Irish government,
26:55which led up to the Anglo-Irish Treaty of 1985, GCHQ, which had an outstation in Belfast above an industrial building,
27:04was monitoring Irish diplomatic traffic in Dublin and to its embassies in London.
27:11It was able to do this and break the Irish codes because of a gentleman's agreement with the National Security Agency in America,
27:21which after the war had made an agreement with the company which was selling the encryption devices to the Irish government.
27:29This information was passed on to GCHQ in Britain, and thus GCHQ was able to break Irish diplomatic codes.
27:38Encryption is not just science, it's politics. And that's what's so exciting about it.
27:43And that's why there's this huge to-do over it.
27:46If it were just, oh, you know, something like algebra, I doubt there would be laws against it.
27:53I doubt it would be considered a munition.
27:59But while some people might approve of the government spying on criminals and even foreign governments,
28:04many people think intelligence agencies go too far when they end up spying on ordinary British citizens.
28:11Senior doctors at the British Medical Association were horrified by a recent attempt by the DTI
28:16to prevent them from encrypting people's medical records.
28:20Some doctors have responded by threatening to boycott a scheme to put these records on computer.
28:25In 1991, the government made a decision that it was going to link all health computers through a health superhighway,
28:32and it was going to digitise all medical records in the United Kingdom.
28:36It's called the Information Management and Technology Strategy,
28:39and it's the biggest single computer project in the world.
28:42But from the outset, the government made a decision it wouldn't encrypt the data.
28:46This is for national security reasons, though they've told the BMA a different story.
28:51The BMA, in turn, has threatened to boycott the system, saying,
28:55if you're going to put everyone's data onto a health superhighway, it must be encrypted.
28:59Otherwise, the medical confidentiality goes out the window.
29:02There will be no medical confidentiality.
29:04So we've now got a standoff between the government refusing to encrypt
29:08and the British Medical Association saying,
29:10encrypt or your system goes down the plug hole.
29:13But government attempts to stop cryptography have failed to prevent the spread of strong encryption programs.
29:19In particular, they're finding they cannot stop encryption software
29:23from travelling freely all over the world via the Internet.
29:27Phil Zimmerman's cryptography program, Pretty Good Privacy, or PGP,
29:31is now widely used in many countries.
29:34It took only minutes after it was first posted on the Internet
29:37for PGP to travel to all corners of the globe.
29:40Zimmerman, however, who decided to give his program away for free,
29:44points to the benefits of strong cryptography.
29:47One of the ways in which PGP is used all over the world is human rights groups sending out messages
29:55about human rights atrocities committed within their borders,
29:58and the governments that listen in on those messages can't stop them,
30:01don't even know what the traffic is.
30:04My favorite message is a short one-sentence message I got from a guy in Latvia
30:10on the day that Boris Yeltsin was shelling his parliament building in October of 1993.
30:15It's such a short letter that I've memorized it because I've said it many times when I'm speaking.
30:20It reads,
30:22Phil, I wish you to know, let it never be, but if dictatorship takes over Russia,
30:27your PGP is widespread from Baltic to Far East now and will help Democratic people if necessary. Thanks.
30:34The only negative response I've got is from certain elements of the U.S. government,
30:39notably law enforcement and most notably the Justice Department.
30:44I'm under criminal investigation and have been for more than two years.
30:48And as of right now, I haven't been indicted yet.
30:52We're waiting to see what their decision will be.
30:56We expect such a decision imminently.
31:00PGP, which is, you know, Phil Zimmerman's program, pretty good privacy,
31:05gave the ability for computer users really anywhere around the globe to get access to free, easy-to-use,
31:13well-regarded encryption software.
31:17And when you make a powerful tool like that available to a lot of people,
31:23it makes it very difficult for governments to say that regulations on encryption,
31:29you know, must be kept in place and must be enforced and so forth.
31:33Human rights activists use PGP, not only in the United States,
31:37but what must really be a problem for NSA,
31:41it's being used by groups overseas, especially human rights groups in Central America,
31:47Africa, Asia, and a bunch of other places where the people that are using PGP
31:55are fighting against repressive governments,
31:59and in some cases the United States government supports those governments they're fighting against.
32:03So NSA has a real reason to want to monitor those groups.
32:06Groups like Amnesty International use PGP to communicate with human rights activists
32:12and political dissidents who live under repressive regimes.
32:18Here in Burma, guerrilla fighters who are struggling against the bloody and repressive government
32:28are among the many political groups around the world who are using PGP.
32:34Many pro-democracy groups in Burma have been forced to set up bases in neighbouring Thailand.
32:40When these groups need to communicate with their guerrilla forces who are fighting in the Burmese jungle,
32:46they now use laptop computers,
32:48and on their laptop computers they have copies of PGP which encrypts their messages.
32:54To these Burmese freedom fighters, PGP is a powerful weapon which they are using in their struggle for democratic freedom.
33:02Doug Strider is a computer programmer who has helped introduce the rebels to the benefits of pretty good privacy.
33:20The last time I went to Rangoon, some of the students gave me some messages to take to some of their friends inside.
33:28One of the messages was a rolled up piece of paper in a toothpaste tube that's four inches by six inches and maybe a couple of hundred characters.
33:38The other thing I was taking in was five megabytes of information on my hard disk behind two layers of encryption.
33:46The information on the toothpaste tube could be read by anyone who can unscrew the lid.
33:53To get at the information on the hard disk probably couldn't be done even by somebody from the NSA.
34:03The spreading use of PGP by political groups in countries like Burma is helped by the fact that big companies also use PGP to keep their own communications private.
34:14I met a banker and he was using PGP to communicate with his office in Bangkok.
34:22He had no interest whatsoever in doing anything subversive.
34:26In fact, he'll lose his investment if there's ever a democracy in that country.
34:30But he was using PGP because he was afraid of everything is tapped.
34:39Everyone in the government is watching everyone else. They're watching other people. It's a police state.
34:44He needed to communicate with his head office privately because he was worried that the government informant who was assigned to tap his phone would be passing it on to one of his competitors.
34:56Had no interest in the politics of it.
34:59But people like that make it possible for others to do similar things of a more useful nature.
35:08The code making and code breaking has the possibility to change the entire shape of society. It's a revolutionary thing.
35:18The one problem with PGP is that although eavesdroppers can't decode your message, they can tell that you're sending encrypted messages,
35:26which can be just as dangerous if you're living in a country where encryption is banned.
35:31If you're sending an encrypted file, it's clear that you're sending an encrypted file.
35:43I mean, in PGP's case, there's usually a header that says that this is a PGP file, PGP what version, and then there's this whole mass of random numbers.
35:52People don't ordinarily go about sending each other these large masses of random numbers.
35:58However, it is now possible to disguise the encrypted message itself.
36:04Romana Machado, otherwise known as Cypherella, is a former Playboy model as well as one of the world's most famous cryptographers.
36:12She has written a program called Stego, which hides encrypted messages inside digital photographs or pieces of digital music.
36:21What Stego does is it allows you to send these large masses of random numbers back and forth, which are your encrypted messages, without it being clear at all that what you're doing is sending encrypted messages.
36:33Cypherella's Stego program takes each digit of an encoded message and hides it inside one of the thousands of pixels which make up a digital photograph, for example.
36:46So no one could possibly tell that an encrypted message was being sent.
36:51Hi, Bob.
36:54Hello there, Alice.
36:56I'm about to send you an interesting photograph of myself with my latest hairdo.
37:01That's great, Alice.
37:03You know how keen I am on ladies' fashion.
37:06People from all over the world, apparently, are using this.
37:10They're wise enough not to let me know exactly what they're using it for.
37:14But there are some countries, such as Estonia, where the political situation is very difficult that I've received mail from,
37:21and other places, such as France, where encrypted communications, as far as I know, are completely illegal.
37:29Many believe the growing popularity of programs like PGP and Stego means governments are bound to lose the battle over cryptography.
37:38But Equinox has discovered that the British government is looking at a new way to get round its difficulties with encryption.
37:57Code makers have given people the chance to stop Big Brother from eavesdropping on their private communications.
38:02But the British government is fighting back.
38:05Equinox has discovered that the DTI has approached Royal Holloway College to work on a new system which could help them get round the problem of encryption.
38:14If such a system were implemented, it would, in effect, give the authorities spare copies of encryption keys for the most commonly used cryptographic systems.
38:23Cryptographers call this idea key escrow, or spare key.
38:27Such a key escrow system would standardize the encryption used by people on telephones and computers.
38:34So people could still encrypt their messages, but copies would be made of everyone's encryption keys.
38:39And government agencies like MI5 and MI6 would be given access to these keys to allow them to eavesdrop.
38:46So people could keep their communications secret from each other, but not from the government.
38:50The people who typically argue in favour of this so-called key escrow or spare key method for encryption are people who want to listen in on other people's private conversations.
39:09Until now, only the US government has ever tried to introduce a key escrow encryption system.
39:14This controversial project was called Clipper.
39:18The American government has introduced an encryption device called the Clipper chip
39:22that they want the phone companies to build into secure telephones
39:27and mass-market consumer secure telephones
39:30so that millions of people would have their conversations encrypted by this government-made encryption chip.
39:35The government would manufacture this chip and, at the time of manufacture, would put the encryption key into the chip,
39:41each chip with its own unique key.
39:44It would keep a copy of these keys in a vast government database for wiretap purposes.
39:48It would be big brother inside.
39:50Well, the point of Clipper is to try to get the cryptographic genie back into the bottle.
39:58The government said, look, we recognize the fact that there's a need for privacy of communications in the United States.
40:08However, for purposes of law enforcement and intelligence gathering,
40:13we, the government, need the capability to be able to break ciphered, enciphered communications over the telephone
40:23or enciphered data communications over something like the Internet.
40:27It's like giving your house key, your private house key, to your local police station,
40:31and not only doing that but having everybody required to do that.
40:36Just in case of emergency, in case of some mishap or whatever.
40:40Surely you'd want the police to have the key to your front door, don't you?
40:43I mean, of course you'd be crazy.
40:46Civil rights campaigners who oppose Clipper in the U.S. say intelligence agencies should not be trusted with the enormous surveillance capability offered by key escrow.
40:57They say, in the past, government agencies have often used their powers of eavesdropping for political purposes,
41:04rather than just catching criminals.
41:06The problem is, is that in the past, there's been many times when the intelligence agencies have violated the law
41:13and illegally eavesdropped on U.S. citizens.
41:17In the past, the NSA has eavesdropped illegally on a number of U.S. citizens.
41:24During the 70s, it concentrated heavily on the anti-war protesters, such as Jane Fonda and Dr. Benjamin Spock,
41:31as well as civil rights people, such as Dr. Martin Luther King.
41:36There were a lot of instances where the NSA would target public telephones,
41:43such as at one point they targeted all the public telephones in Grand Central Station.
41:48And this was all done without ever getting a legal warrant.
41:51Critics of Clipper and Key Escrow also argue that if someone really wants to avoid being listened in on,
41:57they won't use an encryption system which everyone knows the government can crack.
42:01The problem with the Clipper approach is that it's all the good guys use the Clipper chip,
42:06and the bad guys continue to use triple DES or other strong algorithms.
42:11You can't force people to use technology if other technology is available.
42:15You can make it against the law, but you're not going to stop the guys that are breaking the law anyway from using it.
42:20Many of the people who oppose the Clipper say no drug dealer or terrorist in his right mind will use an encryption capability
42:27where they know that the government has the secret back door key to gain access to the communications.
42:32I wouldn't use Clipper to write a message to my dog.
42:36As a result of the outcry from civil liberty groups in the US, the Clipper project has been effectively killed off.
42:43And given the strength of the backlash against Clipper,
42:46the British government understandably wanted to keep their work on Key Escrow secret.
42:51Officially, their research covers mobile telephones and is jointly funded by Vodafone.
42:57But the project also includes work on a UK Key Escrow system.
43:02Fred Piper is Professor of Mathematics at Royal Holloway College
43:06and is one of Britain's leading cryptographers.
43:09He was extremely reluctant to discuss this project,
43:12which he nevertheless admitted covered Key Escrow.
43:15It is being used as an excuse to try to develop the British Key Escrow system.
43:24And they'd be looking for ways to get a few people like me involved without having any commitments.
43:31They don't want a project called Key Escrow because that would openly admit they're doing it.
43:37But not for television.
43:41If British citizens are concerned about their civil liberties,
43:44they should be concerned about what will turn out to be the British Clipper chip.
43:50When we asked the DTI and Vodafone about the Royal Holloway project,
43:55they confirmed that it did in fact include work on Key Escrow.
43:58The DTI made the following statement.
44:01In recent months, officials from various government departments have been giving consideration to Her Majesty's government's policy
44:08on the provision of encryption services on public networks.
44:12Such a policy will need to balance the legitimate requirements of industry, commerce and individuals
44:18for a range of cryptographic services with the national security needs of the authorities in fighting terrorism and serious crime.
44:26Key Escrow, while offering interesting opportunities, may of course only be one of the methods of arriving at the balance referred to above.
44:35The government has not yet decided on this or any other option.
44:41Professor Piper believes that if governments can be trusted to use it properly, Key Escrow could still be beneficial.
44:47If you want them to be able to monitor drug trafficking, and if you want them to be able to monitor terrorism,
44:55and you don't want them to monitor you, then it all boils down to a situation of trust between the user and the government.
45:07And if there were trust, then yes, it would be a good idea. If there's no trust, it's not a good idea.
45:12Tony Benn is one of a number of senior politicians in the UK who have been wiretapped by intelligence agencies.
45:20He thinks governments should not be trusted with more powers of surveillance.
45:25There is a very serious problem of child pornography. There's a serious problem of terrorism. There's a problem of drugs.
45:33And therefore, these authorities are entitled to say, this is something we have to think about.
45:39But you may be very, very sure that they're using those arguments in order to make it impossible for people to communicate with each other on anything.
45:50I don't think intelligence agencies give two hoots about child pornography.
45:54I would expect that they would use child prostitutes if this were necessary to entrap their victims.
45:59I remember during the miners' strike, for example, we used to have a bit of fun.
46:03The miners would ring each other up and say, by the way, there's a big demonstration tomorrow.
46:07We're meeting at the Cock and Bottle at Chipping Sodbury.
46:10And, of course, there wasn't a big demonstration.
46:12But then people would go along and they'd see hundreds of police had turned up.
46:15So you knew your phone was being bugged.
46:17Techniques of wiretapping, for example, that can be, or electronic surveillance, that can be used against crime,
46:23can also be used against political opponents.
46:27So during the Truman administration, Truman used wiretaps to help him make his judgment about the person he should appoint to the Supreme Court.
46:35And during the Nixon administration, Nixon's organization used electronic surveillance to spy on the Democratic National Committee.
46:42That is something that communications intelligence lends itself to very readily.
46:47And that's why I worry very much about the notion that private and business communications should be accessible to governments.
46:57Because we have a long history of governments misusing that power as well as using it for the benefit of society.
47:04Part of the problem here is we really are designing the technologies that will take us into the next century.
47:10I mean, some of the stuff is very complicated, some of it's futuristic.
47:14We don't, you know, none of us really knows where we're going to end up.
47:19But it seems fairly clear at this point that we are making some choices.
47:23I mean, we can choose technologies that protect privacy and give us greater control over personal information.
47:31Or we can choose technologies that promote surveillance and give the ability to the government and to others to listen in on private communications.
47:42We're waking up from the dream that government is here to protect us and it's what's going to protect us.
47:49Because it's not. We have to learn to protect ourselves and protect our own privacy.
47:53If someone comes to power that is able to monitor every movement of its political opposition, it could possibly be the last government we ever elect.
48:03They are very, very frightened of people communicating with each other without being known, watched, listed in some dossier or computer,
48:12and hence prevented from carrying out their perfectly proper communication about the nature of our society and how it might be improved.
48:20Cryptographers say the battle over code making and code breaking is also a battle for freedom.
48:27The outcome, they say, will determine the shape of society in the next century.
48:32I think the population of the UK should get upset about this.
48:37I mean, this is their freedom we're talking about. This is your freedom to express yourself.
48:41This is your freedom to contract as you wish.
48:43And it's being taken away from you before you even know what it was.
48:49And you should inform yourself as to what it is you're losing, because it's a big thing that you're losing.
48:55Losing the freedom to communicate.
48:57Information security technology is going to be absolutely fundamental to building the society of the 21st century.
49:05If we get it right, we'll be able to safeguard our traditional freedoms and provide a commercial environment in which people can do business without too much fear of being ripped off.
49:14But if we get it wrong, then we could be heading for a totalitarian surveillance state of the sort that Stalin could only dream about.
49:21For more information on cyber secrecy, you can visit the Channel 4 website at the address shown.
49:42.
49:43.
49:44.
49:45.
49:46.
49:47.
49:49.
49:51.
49:52.
50:12.
50:21.
50:22.
Be the first to comment