21 August 1999
This is a translation by JYA of Section 8 of "Encryption and cryptosystems
in electronic surveillance: a survey of the technology assessment issues,"
by Dr. Franck Leprévost
- Technische Universität Berlin, Part 3 of the European Parliament-sponsored
report, "Development of Surveillance Technology and Risk of Abuse of Economic
Information," April 1999:
Section citations are to the full report. (Translation using Systran.)
8. Suggested options
The recommendations (section 4.5, p.
21-22)[below] of the preceding report [ 35 ] continues
to us to be appropriate. We suggest here certain additional options to the
A. - To engage experts to prepare, on a regular schedule or according to
events, technical documents for publishing by the Community authorities.
As an example, it would be desirable, on the one hand to examine the integration
of the remarks (not-exhaustive) given in 5.4
[below], and on the other hand to follow conferences
on AES, IEEE-P1363 and P1363A, relating to cryptography with secret key and
public key, and to observe the experimental projections concerning the
capabilities of quantum processors.
B - Take into account the potential legal risks incurred by European telephonic
industries (from groups of users who could be offended that security provided
in telephones does not systematically correspond to promised security). European
authorities should encourage European telephone operators to:
- update their implementation of the COMP128 authentication algorithm,
- clearly specify the effective level of security of their implementation
of the A5 encryption algorithm.
C - Take into account:
- launching of worldwide advertising for Pentium III provided with a PSN
(Processor Serial Number) of the leader (more than 80%) on the market of
the microprocessors for the PC,
- risks of exploitation for purposes of electronic monitoring of the PSN,
- concern on this very precise subject expressed by the highest American
authorities themselves; to see the declaration [ 15 ] of the 25/1/1999 of
Mr. Al Gore, Vice-president of the United States,
- risks of clonings of the PSN, and risks of their inadequacy to the electronic
trade, and thus of the consecutive risk of deceleration of this new industry,
in particular in Europe
- the appropriate committees of the European Parliament would have:
- to ask for information from the American public agencies, particularly
the NSA and FBI, on their role in the creation of the PSN developed by Intel
- in parallel, to commission a group of independent technical experts to
very precisely evaluate the risks of this product: electronic monitoring,
falsification of PSN, etc. This group should complete its report as soon
Based on the first results of these steps, and if necessary, the appropriate
committees of the European Parliament should be organized to evaluate legal
measures to prevent installation of microprocessors provided with PSN (or
identical functionalities) in the computers intended for European citizens,
companies and organizations. We strongly emphasize that the suggestions above
do not blame a precise company, but are motivated by the characteristics
of a product which, potentially, and in the absence of fast action at community
level, can be essential in the next months as an industrial standard de facto
D. - With regard to Category 5, part 2 of the Wassenaar Arrangement, treated
in section 7 of this report, we recall the following facts:
- Owing to the fact that algorithms with secret key or with public key are
accessible freely, for example via Internet, and taking into account remark
7.4, and of consequences 7.5, it appears that the restrictions on export
do not constitute, in any way, a serious handicap for the criminal and terrorist
organizations. In addition, by the example of the United States, the law
enforcement agenices can work efficiently, even when powerful cryptographic
products are freely used.
- On the other hand, taking into account 7.6, they [restrictions on encryption
products] constitute a very important brake for the European companies of
computer security and with the development of the industry of the international
- the French government, in agreement with the President of the Republic,
decided on 19/1/1999 at the conclusion of the interdepartmental committee
devoted to the company of information ([ 5 ]), to liberalize the use of
cryptography from 40 bits to 128 bits to provide a higher security threshold
freely usable. It seems that this evolution is only one first stage for a
total liberalization of the use of cryptography on the French territory.
Hitherto, the regulation of France with regard to cryptography was among
most strict at the international level.
- the Echelon network is most probably able to intercept, decode and process
the data transmitted with the products put on the market meeting the criteria
pointed out in 7.2.
Consequently, the European Parliament should quickly discuss liberalizing
the use of cryptography throughout the whole of the European Community.
E - The Committee should proivde the EC a more detailed report on the
implications of the risks of electronic monitoring of Wassenaar Arrangement.
It is noted already that item the 5.B.1.b.1 (one of the part devoted to
telecommunications) of Wassenaar Arrangement subjects to control certain
equipment employing digital techniques ATM (Asynchronous Transfer Mode).
This technology of transfer of data is much more difficult (but however not
impossible, to see [ 32 ], share 2) to supervise electronically than those
exchanged in traditional mode TCP/IP. Ii would be also very useful to determine
if the products authorized with export allow effective answers to TEMPEST
(see 2.7 and the introduction to 3): indeed, the utility of the encryption
is very limited if, in addition, one can read data emissions before encrypting,
or after decryption, by way of their electromagnetic radiation.
Appended by Cryptome
An Appraisal of the Technologies
of Political Control
(i) All surveillance technologies, operations and practices should be subject
to procedures to ensure democratic accountability and there should be proper
codes of practice to ensure redress if malpractice or abuse takes place.
Explicit criteria should be agreed for deciding who should be targeted for
surveillance and who should not, how such data is stored, processed and shared.
Such criteria and associated codes of practice should be made publicly available.
(ii) All requisite codes of practice should ensure that new surveillance
technologies are brought within the appropriate data protection legislation.
(iii) Given that data from most digital monitoring systems can be seamlessly
edited, new guidance should be provided on what constitutes admissible evidence.
This concern is particularly relevant to automatic identification systems
which will need to take cognizance of the provisions of Article 15, of the
1995 European Directive on the Protection of Individuals and Processing of
(iv) Regulations should be developed covering the provision of electronic
bugging and tapping devices to private citizens and companies, so that their
sale is governed by legal permission rather than self regulation.
(v) Use of telephone interception by Member states should be subject to
procedures of public accountability referred to in (i) above. Before any
telephone interception takes place a warrant should be obtained in a manner
prescribed by the relevant parliament. In most cases, law enforcement agencies
will not be permitted to self-authorise interception except in the most unusual
of circumstances which should be reported back to the authorising authority
at the earliest opportunity.
(vi) Annual statistics on interception should be reported to each member
states' parliament. These statistics should provide comprehensive details
of the actual number of communication devices intercepted and data should
be not be aggregated. (This is to avoid the statistics only identifying the
number of warrants, issued whereas organisations under surveillance may have
many hundreds of members, all of whose phones may be subject to interception).
(vii) Technologies facilitating the automatic profiling and pattern analysis
of telephone calls to establish friendship and contact networks should be
subject to the same legal requirements as those for telephone interception
and reported to the relevant member state parliament.
(viii) The European Parliament should reject proposals from the United States
for making private messages via the global communications network (Internet)
accessible to US Intelligence Agencies. Nor should the Parliament agree to
new expensive encryption controls without a wide ranging debate within the
EU on the implications of such measures. These encompass the civil and human
rights of European citizens and the commercial rights of companies to operate
within the law, without unwarranted surveillance by intelligence agencies
operating in conjunction with multinational competitors.
(ix) The Committee should commission a more detailed report on the constitutional
issues raised by the National Security Agency (NSA) facility to intercept
all European telecommunications and the impact this supervisory capacity
has on a) any existing
constitutional safeguards protecting individuals or organisations from invasion
of privacy such as those extant for example in Germany, b) the political,
cultural and economic autonomy of European member states. This report should
also cover the social and political implications of the EU/FBI proposals
made to operate a global telecommunications surveillance network as discussed
above. This report should also analyze the financial and constitutional
implications of the proposals and provide an update of the work undertaken
so far and the status of political approval.
(x) Relevant committees of the European Parliament considering proposals
for technologies which have civil liberties implications for example the
Telecommunications Committee in regard to surveillance, should be required
to forward all relevant policy proposals and reports to the Civil Liberties
Committee for their observations in advance of any political or financial
decisions on deployment being taken.
(xi) All CCTV surveillance schemes operating in public spaces and especially
in residential areas should be governed by a comprehensive Code of Practice
which encompasses:- a) a purpose statement covering the key objectives of
the scheme; b) a consideration of the extent to which the scheme falls within
the scope of Data Protection legislation; c) the responsibilities of the
owner of the scheme and those of local partners; d) the way the scheme is
to be effectively managed and installed; e) the principles of accountability;
f) the availability of public information on the scheme and the principles
of its operation in residential areas; g) the formal approaches to be used
to assess, evaluate and audit the performance of both the scheme and the
accompanying Code of Practice; h) mechanisms for dealing with complaints
and any breaches of the Code including those of security; i) detailing the
extent of any police contacts or use of the scheme; and j) the procedures
for democratically dealing with proposals of technological change. It is
suggested that the Civil Liberties Committee formally consider adopting the
model Code of Practice for CCTV, produced by the Local Government Information
Unit (LGIU) in London (A Watching Brief, 1996).
5.4. Technical reading of the document COM (97) 503
of the DG XIII of the European Commission. The document [ 12 ] specifies
the needs at the European Community level for protecting electronic
communications. It also relates to electronic signatures and methods for
confidential electronic communications. We suggest here modifications to
the technical appendices I (Digital Signature) and II (Symmetric and asymmetric
encryption) of this document.
Appendix I.- It would be desirable to avoid quoting examples like
MD2 and MD5. Indeed, because of the conflicts in the first case, and of the
pseudo-conlicts in the second, were emphasized. It would be also desirable
to replace SHA by SHA-1 (based on work [ 14 ]), and to write RIPEMD-160 (based
on work [ 7 ]) instead of RIPEM 160. One or the other of these suggested
modifications is to replace, where that is possible, functions MD2, MD4 and
Appendix II Symmetric encryption systems.
Annexe II. Symmetric encryption systems.- It would be desirable to
avoid quoting an examples like OF and SAFER. We suggest preserving IDEA,
which does not have until now any serious weakness, and restrain quoting
candidates for the second round of AES.
Annexe II. Asymmetric encryption systems.- Again, with regard to the
examples, it would be desirable to be more precise, e.g. by taking again
the approach in the course of standardization given to the beginning of 5.1.
Appendix II Systems security.- We suggest removing the last sentence
of the second paragraph: "In a symmetric system like OF gold IDEA, keys of
56 to 128 bits provide similar protection to a public 1,024-bit key ". This
assertion is completely erroneous.