National Academies Press: OpenBook

Metropolitan communications: near term needs and opportunities (1976-1980). (1977)

Chapter: Security of Metropolitan Telecommunications

Get This Book
Unfortunately, this book can't be printed from the OpenBook. If you need to print pages from this book, we recommend downloading it as a PDF.

Visit NAP.edu/10766 to get more information about this book, to buy it in print, or to download it as a free PDF.
« Previous: Some Thoughts on Issue 3
Page 532 Cite
Suggested Citation:"Security of Metropolitan Telecommunications." National Research Council. 1977. Metropolitan communications: near term needs and opportunities (1976-1980).. Washington, DC: The National Academies Press. doi: 10.17226/26992.
×
Save
Cancel
Page 532
Page 533 Cite
Suggested Citation:"Security of Metropolitan Telecommunications." National Research Council. 1977. Metropolitan communications: near term needs and opportunities (1976-1980).. Washington, DC: The National Academies Press. doi: 10.17226/26992.
×
Save
Cancel
Page 533
Page 534 Cite
Suggested Citation:"Security of Metropolitan Telecommunications." National Research Council. 1977. Metropolitan communications: near term needs and opportunities (1976-1980).. Washington, DC: The National Academies Press. doi: 10.17226/26992.
×
Save
Cancel
Page 534
Page 535 Cite
Suggested Citation:"Security of Metropolitan Telecommunications." National Research Council. 1977. Metropolitan communications: near term needs and opportunities (1976-1980).. Washington, DC: The National Academies Press. doi: 10.17226/26992.
×
Save
Cancel
Page 535
Page 536 Cite
Suggested Citation:"Security of Metropolitan Telecommunications." National Research Council. 1977. Metropolitan communications: near term needs and opportunities (1976-1980).. Washington, DC: The National Academies Press. doi: 10.17226/26992.
×
Save
Cancel
Page 536
Page 537 Cite
Suggested Citation:"Security of Metropolitan Telecommunications." National Research Council. 1977. Metropolitan communications: near term needs and opportunities (1976-1980).. Washington, DC: The National Academies Press. doi: 10.17226/26992.
×
Save
Cancel
Page 537
Page 538 Cite
Suggested Citation:"Security of Metropolitan Telecommunications." National Research Council. 1977. Metropolitan communications: near term needs and opportunities (1976-1980).. Washington, DC: The National Academies Press. doi: 10.17226/26992.
×
Save
Cancel
Page 538
Page 539 Cite
Suggested Citation:"Security of Metropolitan Telecommunications." National Research Council. 1977. Metropolitan communications: near term needs and opportunities (1976-1980).. Washington, DC: The National Academies Press. doi: 10.17226/26992.
×
Save
Cancel
Page 539
Page 540 Cite
Suggested Citation:"Security of Metropolitan Telecommunications." National Research Council. 1977. Metropolitan communications: near term needs and opportunities (1976-1980).. Washington, DC: The National Academies Press. doi: 10.17226/26992.
×
Save
Cancel
Page 540

Below is the uncorrected machine-read text of this chapter, intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text of each book. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

SECURITY OF METROPOLITAN TELECOMMUNICATIONS Eberhardt R e c h t m Hewle t t -Packard Company Pa lo A l t o , Cal i f o r m a 531

SECURITY OF METROPOLITAN TELECOMMUNICATIONS INTRODUCTION The purpose o f t h i s s h o r t paper i s t o o u t l i n e the b a s i c s o f p r i v a c y and s e c u r i t y m m e t r o p o l i t a n t e l e c o m m u n i c a t i o n s s y s t e m s F i r s t , some d e f i n i t i o n s of terms P r i v a c y The a b i l i t y o f an i n d i v i d u a l (or o r g a n i z a t i o n ) t o d e c i d e whether, when, and to whom p e r s o n a l (or o r g a n i z a t i o n a l ) i n f o r m a t i o n i s r e l e a s e d e g , "the r i g h t t o p r i v a c y " A c c e s s The a b i l i t y t o make use o f i n f o r m a t i o n S e c u r e P r o t e c t e d e g , s e c u r e communications s y s t e m s " S e c u r i t y P r o t e c t i o n mechanisms and t e c h n i q u e s b a r r i e r s t o u n a u t h o r i z e d a c c e s s e g , e n c r y p t i o n , p l a n t s e c u r i t y P r i v a c y and a c c e s s a r e c o n f l i c t i n g s o c i a ' l o b j e c t i v e s The con- f l i c t i s sometimes e x p r e s s i b l e by the s t a t e m e n t . What's mine i s mine and vvhat's y o u r s i s a l s o mine ' The two e x t r e m e s , complete p r i v a c y and complete a c c e s s , p r e s e n t no t e c h n i c a l problems f o r t e l e c o m m u n i c a t i o n s I n c o m p l e t e p r i v a c y , n o t h i n g needs to be t r a n s m i t t e d I n complete a c c e s s , no one c a r e s who a c q u i r e s t h e i n f o r m a t i o n The s o c i a l and t e c h n i c a l problems a r i s e when the need i s f o r l i m i t e d a c c e s s and m u l t i p l e use 532

The fundamental t e c h n i c a l problem, t h e r e f o r e , i s t o buileJ i n f o r m a t i o n s y s tems which f a c i l i t a t e a u t h o r i z e d a c c e s s w h i l e p r o t e c t i n g a g a i n s t u n a u t h o r i z e d a c c e s s An a l m o s t e q u i v a l e n t s t a t e m e n t i s t h a t t h e purpose o f s e c u r i t y s y s t e m s i s t o r a i s e t h e p r i c e o f a d m i s s i o n t o u n a u t h o r i z e d u s e r s w h i l e k e e p i n g i t a t an a c c e p t a b l e c o s t to the a u t h o r i z e d ones — a s t a t e m e n t p a r t i c u l a r l y a p p l i c a b l e to n a t i o n a l s e c u r i t y , law e n f o r c e m e n t and i n v e s t i g a t i v e a p p l i c a t i o n s Another v a r i a t i o n , perhaps more s u i t a b l e f o r c o m m e r c i a l and f i n a n c i a l t r a n s a c t i o n s , i s t h a t s e c u r i t y measures r e f l e c t a t r a d e o f f between t h e i r c o s t and the v a l u e o f the compromised i n f o r m a t i o n The p a r t i c u l a r s y s t e m d e s i g n depends upon such a d d i t i o n a l f a c t o r s as « An e s t i m a t e o f t h e d e t e r m i n a t i o n o f the p o t e n t i a l a t t a c k e r ( m a d v e r t a n t m i s t a k e , chance d i s c o v e r y , o p p o r t u n i s t i c , d e l i b e r a t e but- c o v e r t , m a l i c i o u s and o v e r t , e t c ) e The dynamics o f use ( s t a t i c o r c h a n g i n g s e c u r i t y measures'') ® F a i l - s a f e p r o v i s i o n s (e g , t h e e f f e c t s o f f a i l u r e s on u n d e t e c t e d d i s a b l i n g of t h e s e c u r i t y measures) » The u s e r ' s image o f t h e s e c u r i t y problem t o be s o l v e d (e g , what needs p r o t e c t i o n , why, f o r how l o n g , a g a i n s t whom'') 533

• The i n t e n d e d u s e f u l l i f e t i m e o f t h e s e c u r i t y measures • T r a d e o f f s between t e c h n o l o g y , c o s t and t i m e (e g , new t e c h n o l o g y may make b e t t e r measures a v a i l a b l e l a t e r on) Guaranteeing ( c e r t i f y i n g ) t h a t a system i s secure i s a v e r y d i f f i - c u l t t e c h n i c a l t a s k even i f a l l o f t h e f o r e g o i n g f a c t o r s have been taken i n t o account Even i f the l e v e l o f d e t e r m i n a t i o n o f th e p o t e n t i a l a t t a c k e r i s p r e c i s e l y known, which i t seldom i s , i t I S v e r y d i f f i c u l t t o prove t h a t t h e double n e g a t i v e r e q u i r e m e n t t o p r e v e n t a l l u n a u t h o r i z e d accesses has been met The f a c t t h a t a thousand p o s s i b l e a t t a c k s can be d e f e a t e d doesn't guarantee t h a t th e thousand and f i r s t one doesn't e x i s t I t I S a l s o an unhappy f a c t t h a t a system w i t h u n d e t e c t e d f l a w s i s almost worse t h a n none a t a l l , p a r t i c u l a r l y i f t h e user b e l i e v e s t h a t t h e system i s secure The user w i l l use t h e system as i f secure, w i l l p u t i n f o r m a t i o n i n t o i t t h a t he would never e n t e r i f he suspected i t t o be i n s e c u r e , and may never know t h a t u n a u t h o r i z e d access has o c c u r r e d A f i n a l i n t r o d u c t o r y comment t e l e c o m m u n i c a t i o n s i s o n l y p a r t o f a t o t a l system t h a t must be p r o t e c t e d The t o t a l svstem i n c l u d e s t h e people who use i t , t h e p h y s i c a l f a c i l i t i e s , i n p u t / o u t p u t t e r m i n a l s , computers, l o c a l l o o p s , l o c a l s w i t c h e s t e l e - communications l i n k s , t e l e c o m m u n i c a t i o n s nodes, and even such a u x i l i a r y s e r v i c e s as b i l l i n g and equipment s e r v i c i n g I t i s beyond the scope o f t h i s paper t o d i s c u s s t h e n o n - t e l e c o r j - i u n i c ^ j t i o i i 534

subsystems S u f f i c e i t t o say, t h e s e c u r i t y l e v e l s o f t h e sub- systems must be t h e same th e y are a l l l i n k s i n a c h a i n THE STATE OF THE ART IN TCLECOMJ-iUNICATIONS SECURITY The v a s t majority, i f n o t t h e t o t a l i t y o f s i g n a l e n c r y p - t i o n and code c r a c k i n g developments are under n a t i o n a l s e c u r i t y auspices But w i t h o u t g o i n g i n t o c l a s s i f i e d m a t t e r s , t h e f o l l o w i n g s t atements may be tak e n as t r u e o Telecommunications s e c u r i t y , on a l i n k - b y - l i n k b a s i s , can be made f a r b e t t e r , a t a rea s o n a b l e c o s t than t h e s e c u r i t y o f o t h e r i n f o r m a t i o n subsystems • O v e r a l l , end-to-end, t e l e c o m m u n i c a t i o n s s e c u r i t y i s more complex and more expensive than l i n k - b y - l i n k s e c u r i t y b u t t h i s , t o o , can be made f a r b e t t e r than t h e s e c u r i t y o f o t h e r i n f o r m a t i o n subsystems (End- to-end s e c u r i t y means t h a t i n t e r m e d i a t e nodes m the t e l e c o m m u n i c a t i o n system have a b s o l u t e l y no access t o t h e c o n t e n t o f t h e i n f o r m a t i o n b e i n g passed The t e c h n i c a l problem i s one o f d i s t r i b u t i n g a p p r o p r i a t e keys t o t h e many users o f t h e s w i t c h e d telecommunica- t i o n s network ) e No one knows how t o b u i l d a m u l t i p l e u s e r , m u l t i p l e s e c u r i t y l e v e l computer system w i t h o u t f l a w s , a l t h o u g h a g r e a t d e a l o f remarkable woik lias been done and the 535

l e v e l s o f p r o t e c t i o n o f f e r e d by commercial computers have been r i s i n g s t e a d i l y (For an e x c e l l e n t d i s - c u s s i o n o f s e c u r i t y m g e n e r a l and f o r computers, see "The P r o t e c t i o n o f I n f o r m a t i o n m Computer Systems, S a l t z e r and Schroeder, Proceedings o f t h e IEEE, September 1975 ) o D i g i t a l b i t streams are r e l a t i v e l y easy t o secure and a t a r e l a t i v e l y low c o s t Voice s e c u r i t y i s more d i f f i c u l t and c o n s i d e r a b l y more ex p e n s i v e , p a r t i c u l a r - l y i f t he e n c r y p t e d t r a n s m i s s i o n must be over con- v e n t i o n a l t e l e p h o n e networks © The q u a l i t y o f t h e t e l e c o m m u n i c a t i o n t r a n s m i s s i o n l i n k a f f e c t s t h e c o m p l e x i t y , c o s t and performance o f secure t e l e c o m m u n i c a t i o n s t h r o u g h m t e r - s y ^ b o l i n t e r f e r e n c e drop o u t s , f a d i n g , echoes, phase i n v e r s i o n s , e t c l o n o s p h e i i c l i n k s a r e t h e most d i f f i c u l t l o c a l t e l e - phone loops are o f t e n a problem s \ ^ i t c h i n g t r a n s i e n t s can cause t r o u b l e s b u t most microwave and s a t e l l i t e l i n k s are almost i d e a l METROPOLITAN TELECO^LMUNIC^TJQMS SECURITY C l e a r l y , t e l e c o m m u n i c a t i o n s s e c u r i t i f o r m e t r o p o l i t a n c i v i l i a n usage sh o u l d not be i n s t a l l e d u n t i l t h e r e i s a need f o r i t The need i n t h e p a s t , undoubtoc'l\ i n f l u e n c e d by t h e c o s t t o s a t i s f \ t h e 536

need, has been m i n i m a l P a r t o f t h e reason i s t h e u b i q u i t o u s n e s s and c o m p l e x i t y o f the s w i t c h e d t e l e p h o n e netv/ork So many c a l l s are made from so many pl a c e s t h r o u g h so many d i f f e r e n t s w i t c h c o n n e c t i o n s t h a t anyone a t t e m p t i n g t o i n t e r c e p t a p a r t i c u l a r c a l l (even i f he y-new when t o expect i t ) , w i t h o u t r i s k i n g b e i n g d e t e c t e d h i m s e l f , faces r e a l problems The p r o b a b i l i t y o f m a d v e r t a n t i n t e r c e p t i o n i s e x t r e m e l y s m a l l D e d i c a t e d (and t h e r e - f o r e presumably i m p o r t a n t ) l i n k s lacK t h i s n a t u r a l p r o t e c t i o n indeed, they c a l l a t t e n t i o n t o t h e i r own importance The t e l e - phone network i s not al//ays so p r o t e c t e d c e r t a i n microwave l i n k s can p r o v i d e e a s i e r - t h a n - n o r m a l access, as t h e r e c e n t s t o r i e s o f p o s s i b l e S o v i e t i n t e r c e p t o f micro^'ave l i n k s m the Washington, D C area a t t e s t The u s u a l m e t r o p o l i t a n user o f t h e t e l e p h o n e network i s n o t up a g a i n s t d e d i c a t e d i n t e r c e p t o r s b u t , a law enforcement agency i n a l a r g e m e t r o p o l i t a n area, c o n f r o n t e d w i t h o r g a n i z e d c r i m e , m i g h t have l e g i t i m a t e concerns The p e r c e i v e d needs, m any case, are l i k e l y t o i n c r e a s e m response t o p r i v a c y i s s u e s now b e f o r e s t a t e and f e d e r a l govern- ments Most o f t h e p r i v a c y needs can be s a t i s f i e d r e l a t i v e l y e a s i l y m the t e l e c o m m u n i c a t i o n s subsystem by user - e n c r y p t i o n o f data and message c o n t e n t The more e l a b o r a t e t o t a l e n c r y p t i o n o f addresses, r o u t i n g i n d i c a t o r s , t i m e - d a t e i n d i c a t o r s , e t c , i s p r o b a b l y unnecessary and VNOuld n e e d l e s s l y c o m p l i c a t e t h e use o f a p u b l i c s w i t c h e d network Message c o n t e n t e n c r y p t i o n m i g h t a l s o 537

s a t i s f y many o f t h e needs o f law enforcement and i n v e s t i g a t i v e agencies Judging from m i l i t a r y t a c t i c a l e x p e r i e n c e , c i v i l i a n law enforcement may soon need secure v o i c e communications, p a r t i c u - l a r l y w i t h m o b i l e u n i t s Secure v o i c e equipments p r e s e n t l y a v a i l a b l e on commercial s a l e , o f f e r m i n i m a l p r o t e c t i o n a g a i n s t a d e d i c a t e d i n t e r c e p t o r V i r t u a l l y a l l such equipments a r e based on tec h n i q u e s i n v e n t e d , and c i r c u m v e n t e d , d u r i n g World War I I However, b e t t e r t e c h n i q u e s m i g h t be expected based on new s o l i d s t a t e c i r c u i t t e c h n o l o g i e s As seen by t h e n e t r o o o l i t a n t e l e c o m m u n i c a t i o n s system, secure communications would c o n s i s t o f a p p a r e n t l y random sequences o f b i t s g e n e r a l l y r e s e m b l i n g synchronous h i g h speed t e l e t y p e o r PCM v o i c e A t r a t e s much above 2 4 kbs, i t w i l l n o t be p o s s i b l e t o determine whether t h e s i g n a l s were o r i g i n - a l l y d a ta o r v o i c e , t h e y w i l l , however, have t o be t r e a t e d as x f t h e y were r e a l t i m e v o i c e and n o t i n t e r r u p t a b l e messages There are two reasons f o r t h i s t h e s i g n a l s may a c t u a l l y be e n c r y p t e d v o i c e , and t h e e n c r y p t i o n systems m g e n e r a l w i l l be s e n s i t i v e t o i n t e r r u p t i o n s S w i t c h i n g , whether c i r c u i t o r packet , may have t o be done w i t h some ca r e A l t e r n a t i v e l y , t h e secure t r a n s m i s s i o n s would have t o be t a i l o r e d t o t h e t r a n s - m i s s i o n systems w i t h more e l a b o r a t e e n c r y p t i o n and m o d u l a t i o n schemes, an a l t e r m t e which p l a c e s more o f a bui d e n on the 538

s e c u r e communications customer and l e s s on t h e p u b l i c s w i t c h e d network T e c h n i c a l l y and e c o n o m i c a l l y s p e a k i n g , s e c u r e m e t r o p o l - i t a n t e l e c o m m u n i c a t i o n s c o u l d appear a t a p p r o x i m a t e l y t h e f o l l o w i n g times Pre-1980 R o u t i n e e n c r y p t i o n o f s e l e c t e d law e n f o r c e - ment and i n v e s t i g a t i v e agency d a t a and messages 1980-85 E n c r y p t i o n o f s e n s i t i v e f i n a n c i a l and b u s i n e s s t r a n s a c t i o n d a t a and messages l i m i t e d e n c r y p t i o n o f v o i c e t r a f f i c f o r law e n f o i c c m e n t and m i l i t a r y p u r p o s e s r o u t i n e e n c r y p t i o n of a l l d a t a and message t r a f f i c f o r an expanding number of go v e r n - ment o p e r a r i o n s 1985-90 R o u t i n e e n c r y p t i o n o f a l l f i n a n c i a l and major b u s i n e s s t r a n s a c t i o n d a t a and messages R o u t i n e e n c r y p t i o n o f a l l law enf o r c e m e n t v o i c e t r a f f i c p a s s i n g o v e r any r a d i o l i n k The p r i n c i p - i l unknown m the above p r e d i c t i o n s i s a s o c j a l / p o l i t i c a l one would t h e p u b l i c view c i v i l government e n c r y p t e d t r a f f i c as a p r o t e c t i o n o f , o r a s a t h r e a t t o , the r i g h t s o f the i n d i v i d m l ' ' 539 GCN 1-1 1 1-3-75

Next: Technical Aspects of the Protection of Individual Privacy »
Metropolitan communications: near term needs and opportunities (1976-1980). Get This Book
×
Metropolitan communications: near term needs and opportunities (1976-1980).
MyNAP members save 10% online.
Login or Register to save!
Download Free PDF

READ FREE ONLINE

  1. ×

    Welcome to OpenBook!

    You're looking at OpenBook, NAP.edu's online reading room since 1999. Based on feedback from you, our users, we've made some improvements that make it easier than ever to read thousands of publications on our website.

    Do you want to take a quick tour of the OpenBook's features?

    No Thanks Take a Tour »
  2. ×

    Show this book's table of contents, where you can jump to any chapter by name.

    « Back Next »
  3. ×

    ...or use these buttons to go back to the previous chapter or skip to the next one.

    « Back Next »
  4. ×

    Jump up to the previous page or down to the next one. Also, you can type in a page number and press Enter to go directly to that page in the book.

    « Back Next »
  5. ×

    To search the entire text of this book, type in your search term here and press Enter.

    « Back Next »
  6. ×

    Share a link to this book page on your preferred social network or via email.

    « Back Next »
  7. ×

    View our suggested citation for this chapter.

    « Back Next »
  8. ×

    Ready to take your reading offline? Click here to buy this book in print or download it as a free PDF, if available.

    « Back Next »
Stay Connected!