Walsh Report - Foreword

FOREWORD

1. This report is in response to an invitation from the Secretary of the Attorney-General's Department to review the policy relating to encryption technologies and offer a view whether legislative or other actions are indicated to cater for national security and law enforcement interests in the face of the information and communications revolution and the continuing need to safeguard privacy. Terms of reference of the Review are attached at Annex A.

2. The structure of the report is set out in Chapter 2. Limited resources precluded the Review inviting written submissions or conducting public hearings. Instead, the strategy adopted was to consult directly with as representative a sample of interested parties as time and resources would permit. All were uniformly generous with their time. For that, and the assistance given by the Security Division of the Department, I express my appreciation.

3. There is an immediate need for broad public discussion of cryptography. The report's conclusion identifies the essential conundrum - strong cryptography, imminently available to the mass market, will offer significant enhancement of data security and personal and corporate privacy, but also provide a powerful shield behind which criminals and others may operate. Should government intervene and mandate conditions of use, intervene only when disadvantage to the state is evident, provide the framework of principles while legislative power addressing other but related powers of the state are kept relevant, or do nothing? How the inherent tensions in this issue are resolved will affect the whole community. Hence, the need for broad discussion and contribution. This report is intended to contribute to that process.

4. The Australian Government is seeking public comment on the contents of this report. Comments should be directed to:

Facsimile: (06) 270 2254
Email: [email protected]

The closing date for comments is 16 February 1997

Gerard Walsh
10 October 1996

Terms and Abbreviations

AFP Australian Federal Police

algorithm a mathematical operation or formulation performed to calculate new values (of text) from old. Encryption is done via an algorithm.. To disguise the information and make it unintelligible, a key is fed into the algorithm, along with the text to be converted into cyphertext. The same key or its pair, fed into the decryption algorithm returns the cyphertext into the original text.
ASC Australian Securities Commission
ASIO Australian Security Intelligence Organization
asymmetric key also referred to as public key or two key encryption. A method of encryption in which different keys are used to encrypt and decrypt. The keys are mathematically related but it is not possible to infer one from the other. One key may be made public and the other kept private, allowing Smith to encrypt and send a message to Jones using Jones' public key and Jones to decrypt it using her private key. With RSA (see below) either key can be used to encrypt as long as the other is used to decrypt, but anyone with access to Jones' cyphertext can decrypt her messages because her public key is known.
AUSCERT the Australian Computer Emergency Response Team (AUSCERT), an independent Internet security body.
AUSTEL the Australian Telecommunications Authority
AUSTRAC Australian Transaction Reports and Analysis Centre
authentication (1) in computer security, the act of identifying or verifying the eligibility of a station, originator or individual to access specific categories of information; (2) in data security, a measure designed to provide protection against fraudulent transmissions by establishing the validity of a transmission, message, station or originator; (3) in data security, processes that ensure everything about a teleprocessing transaction is genuine and that the message has not been altered or corrupted in transmission; (4) in computer security, the process that verifies the identity of an individual as established by an identification process; (5) in data security and data communications, both the prevention of undetected alteration to data and peer entity (mutual verification of each other's identities by communicating parties) authentication.

bit binary digit - here either of the mathematical characters zero or one
certificate a set of information which, at least, identifies the certification authority issuing the information; unambiguously names or identifies the owner; contains the owner's public key; and is digitally signed by the certification authority issuing the certificate.
certifying authority an entity that verifies the identity of another entity, allocates a unique name to that entity and verifies the correctness of information concerning that entity by signing a public key certificate for that entity.
cryptography the art or science that treats of the principles, means and methods for rendering plaintext unintelligible and for converting encrypted messages into intelligible form.
clipper chip a hardware encryption device first sponsored by the United States government in April 1993 and intended to be the sole encryption system used on the Internet. Legislation was prepared to back the proposal. It would have had an enforced system of escrow built into it, permitting law enforcement agencies armed with a warrant to decrypt any clipper-encrypted messages. Each chip was registered and pre-programmed with some numbers issued by the two escrow agencies (both government agencies). Knowledge of these two numbers, available on production of a warrant, would allow the calculation of the session key used and the identity of the sender, but not the recipient. The proposal was abandoned in 1995.
confidentiality in computer security, a concept that applies to data that must be held in confidence and that describes the status and degree of protection that must be provided for such data about individuals as well as organisations.
cyberspace the ether or medium through which messages are transmitted - at least the Internet and the networks connected to it.
cyphertext the text after encryption. It is sent by the user over an insecure communication channel on the assumption that the equivalent plain text will be unable to be inferred by cryptanalysis and so is safe from a passive and an active attack.
data compression in codes, reduction of the size of the data by techniques which exploit redundancies in the data; in memory systems, a technique that saves storage space by eliminating gaps, empty fields and redundancies to shorten the length of records or blocks.
decryption the conversion of cyphertext into its plaintext equivalent by use of the appropriate key.
DES the Data Encryption Standard (DES) specifies an algorithm to be implemented in electronic hardware devices and used for the cryptographic protection of computer data. It became mandatory for US Federal agencies in June 1977. The algorithm is public but the design principles remain classified. DES uses a 56-bit key and encodes text in 64-bit blocks.
digital signature a digital signature is a technique or procedure for the sender of a message to attach additional data to that message which forms a unique and unforgeable identifier of the sender and the message.
DSD Defence Signals Directorate
DSTO Defence Science and Technology Organisation
encryption the transformation of data to an unintelligible form in such a way that the original data either cannot be obtained (one-way encryption) or cannot be obtained without using the inverse decryption process (two-way encryption).
FBI Federal Bureau of Investigation (USA)
GII Global Information Infrastructure - a worldwide 'network of networks' creating a global information marketplace, encouraging broad-based social discourse within and among all countries. By interconnecting local, national, regional and global networks, the GII can expand the scope of benefits of advances in information and telecommunications technologies on a global scale. See also, the Internet and note that the GII is probably a short-hand reference to what the OECD called in 1980 as transborder flows of information.
hacking the act of gaining unauthorised access to a computer network by defeating the system's access controls. The act is often compounded by one or more offences relating to breaches of confidentiality, privacy, national security, altering or erasing data, intellectual property and commercial interests.
Internet a worldwide interconnection of individual networks operated by government, industry, academia and private parties. [The Internet originally served to connect laboratories engaged in government research, and has now been expanded to serve millions of users and a multitude of purposes.]
Jones see Smith
key a key is a number, whose size is expressed as a number of bits in binary arithmetic (eg 56-bit)
key distribution public keys can be distributed freely through listing on a bulletin board or via a directory. Public key encryption depends on confidence the public keys are correct. Users need to be assured they have valid keys for other people and keys need to be provided/copied by dependable means.
key escrow a concept, principally advanced by the US Government, under which keys for cryptographic systems would be registered with government appointed agencies and be accessible by law enforcement agencies on production of a warrant.
key length the size of a key and measure of its strength. In simplistic terms a 40/384-bit secret/public key system may be classified as weak, a 56/512-bit system as borderline: and an 80/1024-bit system as strong.
LAN Local Area Network
LEAC Law Enforcement Advisory Committee established by the regulating agency, A USTEL.
NCA National Crime Authority.
OECD Organisation for Economic Cooperation and Development
phreaking the unauthorised use of telecommunications services or equipment at the expense of another. This act not only defrauds carriers and service providers of rightful service charges but may also damage the integrity of the switching and billing systems.
PKAF a Public Key Authentication Framework would allow for the establishment of a trusted public key system, allowing any entity to determine the trust and validity of a public key certificate claimed to be associated with another entity. The proposal was prepared by the PKAF Task Group, formed by Standards Australia from representatives of industry and government.
plain text data or a message in ordinary language or format, which can be understood by a person or a computer.
public key encryption see assymetric system
private key encryption see symmetric system. Not to be confused with the private key of a public key pair which is used for confidentiality purposes.
RSA an algorithm for creating public key private key pairs and algorithms for the subsequent encryption and decryption of text. Designed by Rivest-Shamir-Adleman, after whom it is named. This system is commonly used for public key encryption and the only public key system which creates key pairs which can be used for either role.
Smith a fictional identity, like Jones, thought preferable by the author to colourless cyphers like A, B, C and a variant from the A lice and Bob who habituate frequent such texts. In a further attempt at verisimilitude, Smith is of the male gender, while Jones is a female.
steganography in data security, the concealment of the existence of messages, literally covered writing. This can take the form of filling in inter-message gaps with padding characters, thus although the existence of the communication link is not concealed an attacker is denied information on when messages are being transmitted.
symmetric key a method of encryption in which the same key is used to encrypt as to decrypt. Also referred to as secret key or single key encryption. This sort of encryption is used in telephone scramblers. The key length can be varied for different levels of protection. It is a much faster process than using asymmetric keys.
trusted third party an entity providing user services ranging from the provision of authentication services such as the verification of a client's public key, time stamping of documents, digital signatures and key retrieval services.

Chapter 1

AFP	Australian Federal Police
algorithm	a mathematical operation or formulation performed to calculate new values (of text) from old. Encryption is done via an algorithm.. To disguise the information and make it unintelligible, a key is fed into the algorithm, along with the text to be converted into cyphertext. The same key or its pair, fed into the decryption algorithm returns the cyphertext into the original text.
ASC	Australian Securities Commission
ASIO	Australian Security Intelligence Organization
asymmetric key	also referred to as public key or two key encryption. A method of encryption in which different keys are used to encrypt and decrypt. The keys are mathematically related but it is not possible to infer one from the other. One key may be made public and the other kept private, allowing Smith to encrypt and send a message to Jones using Jones' public key and Jones to decrypt it using her private key. With RSA (see below) either key can be used to encrypt as long as the other is used to decrypt, but anyone with access to Jones' cyphertext can decrypt her messages because her public key is known.
AUSCERT	the Australian Computer Emergency Response Team (AUSCERT), an independent Internet security body.
AUSTEL	the Australian Telecommunications Authority
AUSTRAC	Australian Transaction Reports and Analysis Centre
authentication	(1) in computer security, the act of identifying or verifying the eligibility of a station, originator or individual to access specific categories of information; (2) in data security, a measure designed to provide protection against fraudulent transmissions by establishing the validity of a transmission, message, station or originator; (3) in data security, processes that ensure everything about a teleprocessing transaction is genuine and that the message has not been altered or corrupted in transmission; (4) in computer security, the process that verifies the identity of an individual as established by an identification process; (5) in data security and data communications, both the prevention of undetected alteration to data and peer entity (mutual verification of each other's identities by communicating parties) authentication.
bit	binary digit - here either of the mathematical characters zero or one
certificate	a set of information which, at least, identifies the certification authority issuing the information; unambiguously names or identifies the owner; contains the owner's public key; and is digitally signed by the certification authority issuing the certificate.
certifying authority	an entity that verifies the identity of another entity, allocates a unique name to that entity and verifies the correctness of information concerning that entity by signing a public key certificate for that entity.
cryptography	the art or science that treats of the principles, means and methods for rendering plaintext unintelligible and for converting encrypted messages into intelligible form.
clipper chip	a hardware encryption device first sponsored by the United States government in April 1993 and intended to be the sole encryption system used on the Internet. Legislation was prepared to back the proposal. It would have had an enforced system of escrow built into it, permitting law enforcement agencies armed with a warrant to decrypt any clipper-encrypted messages. Each chip was registered and pre-programmed with some numbers issued by the two escrow agencies (both government agencies). Knowledge of these two numbers, available on production of a warrant, would allow the calculation of the session key used and the identity of the sender, but not the recipient. The proposal was abandoned in 1995.
confidentiality	in computer security, a concept that applies to data that must be held in confidence and that describes the status and degree of protection that must be provided for such data about individuals as well as organisations.
cyberspace	the ether or medium through which messages are transmitted - at least the Internet and the networks connected to it.
cyphertext	the text after encryption. It is sent by the user over an insecure communication channel on the assumption that the equivalent plain text will be unable to be inferred by cryptanalysis and so is safe from a passive and an active attack.
data compression	in codes, reduction of the size of the data by techniques which exploit redundancies in the data; in memory systems, a technique that saves storage space by eliminating gaps, empty fields and redundancies to shorten the length of records or blocks.
decryption	the conversion of cyphertext into its plaintext equivalent by use of the appropriate key.
DES	the Data Encryption Standard (DES) specifies an algorithm to be implemented in electronic hardware devices and used for the cryptographic protection of computer data. It became mandatory for US Federal agencies in June 1977. The algorithm is public but the design principles remain classified. DES uses a 56-bit key and encodes text in 64-bit blocks.
digital signature	a digital signature is a technique or procedure for the sender of a message to attach additional data to that message which forms a unique and unforgeable identifier of the sender and the message.
DSD	Defence Signals Directorate
DSTO	Defence Science and Technology Organisation
encryption	the transformation of data to an unintelligible form in such a way that the original data either cannot be obtained (one-way encryption) or cannot be obtained without using the inverse decryption process (two-way encryption).
FBI	Federal Bureau of Investigation (USA)
GII	Global Information Infrastructure - a worldwide 'network of networks' creating a global information marketplace, encouraging broad-based social discourse within and among all countries. By interconnecting local, national, regional and global networks, the GII can expand the scope of benefits of advances in information and telecommunications technologies on a global scale. See also, the Internet and note that the GII is probably a short-hand reference to what the OECD called in 1980 as transborder flows of information.
hacking	the act of gaining unauthorised access to a computer network by defeating the system's access controls. The act is often compounded by one or more offences relating to breaches of confidentiality, privacy, national security, altering or erasing data, intellectual property and commercial interests.
Internet	a worldwide interconnection of individual networks operated by government, industry, academia and private parties. [The Internet originally served to connect laboratories engaged in government research, and has now been expanded to serve millions of users and a multitude of purposes.]
Jones	see Smith
key	a key is a number, whose size is expressed as a number of bits in binary arithmetic (eg 56-bit)
key distribution	public keys can be distributed freely through listing on a bulletin board or via a directory. Public key encryption depends on confidence the public keys are correct. Users need to be assured they have valid keys for other people and keys need to be provided/copied by dependable means.
key escrow	a concept, principally advanced by the US Government, under which keys for cryptographic systems would be registered with government appointed agencies and be accessible by law enforcement agencies on production of a warrant.
key length	the size of a key and measure of its strength. In simplistic terms a 40/384-bit secret/public key system may be classified as weak, a 56/512-bit system as borderline: and an 80/1024-bit system as strong.
LAN	Local Area Network
LEAC	Law Enforcement Advisory Committee established by the regulating agency, A USTEL.
NCA	National Crime Authority.
OECD	Organisation for Economic Cooperation and Development
phreaking	the unauthorised use of telecommunications services or equipment at the expense of another. This act not only defrauds carriers and service providers of rightful service charges but may also damage the integrity of the switching and billing systems.
PKAF	a Public Key Authentication Framework would allow for the establishment of a trusted public key system, allowing any entity to determine the trust and validity of a public key certificate claimed to be associated with another entity. The proposal was prepared by the PKAF Task Group, formed by Standards Australia from representatives of industry and government.
plain text	data or a message in ordinary language or format, which can be understood by a person or a computer.
public key encryption	see assymetric system
private key encryption	see symmetric system. Not to be confused with the private key of a public key pair which is used for confidentiality purposes.
RSA	an algorithm for creating public key private key pairs and algorithms for the subsequent encryption and decryption of text. Designed by Rivest-Shamir-Adleman, after whom it is named. This system is commonly used for public key encryption and the only public key system which creates key pairs which can be used for either role.
Smith	a fictional identity, like Jones, thought preferable by the author to colourless cyphers like A, B, C and a variant from the A lice and Bob who habituate frequent such texts. In a further attempt at verisimilitude, Smith is of the male gender, while Jones is a female.
steganography	in data security, the concealment of the existence of messages, literally covered writing. This can take the form of filling in inter-message gaps with padding characters, thus although the existence of the communication link is not concealed an attacker is denied information on when messages are being transmitted.
symmetric key	a method of encryption in which the same key is used to encrypt as to decrypt. Also referred to as secret key or single key encryption. This sort of encryption is used in telephone scramblers. The key length can be varied for different levels of protection. It is a much faster process than using asymmetric keys.
trusted third party	an entity providing user services ranging from the provision of authentication services such as the verification of a client's public key, time stamping of documents, digital signatures and key retrieval services.