mathematics, communication and secrecy · · 2015-01-26... communication and secrecy • a brief...

Mathematics, Communication and

Secrecy

Richard W. BeveridgeClatsop Community

College

If the theory of numbers could be employed

for any practical and obviously honourable

purpose,…then surely neither Gauss nor any

other mathematician would have been so

foolish as to decry or reject such applications.

But…both Gauss and lesser mathematicians

may be justified in rejoicing that there is one

science at any rate, and that their own, whose

very remoteness from ordinary human

activities should keep it gentle and clean.

G.H. Hardy (1940)

Mathematics, Communication and Secrecy

• A brief overview of electronic communication and wiretapping up to 1980

• Digital cryptography

• NSA and Edward Snowden

Electronic Communication and Secrecy in the 19th and

20th Centuries

Electricity

• from the Greek “elecktron” meaning amber.

• It was known for some time that rubbing amber would produce a static electric charge.

Electricity

• The Dutch physicist Pieter van Musschenbroek developed the simple Leyden Jar in 1745-46.

• It is named after Musschenbroek’shometown of Leyden, Holland and collects the electricity generated by friction.

Electricity

• Luigi Galvani did the work that would lead to an understanding of how to generate electricity from metals.

Electricity

• In dissecting a frog using a metal scalpel Galvani and his assistant noticed that the frog’s legs moved and a spark was produced.

• Allessandro Volta later determined that the spark came from the contact between the scalpel and the metal table.

Electricity

• Volta figured out that if different metals were separated by cardboard soaked in salt water, it would generate electricity.

Electricity

• Once electricity was capable of being stored in a battery, scientists began to try to send it across wires.

• This led to the development of the electrical telegraph and the ability to send information at a distance.

Civil War Era Telegraph

Telegraphy

• Almost as soon as telegraph messages were sent, people began to try to intercept them.

• During the Civil War, many generals had wiretappers on their staff to intercept communications from the other side.

Wiretapping

• In 1864, a California stockbroker was convicted of obtaining market information by wiretapping.

• California had adopted a law in 1862 that prohibited wiretapping.

Wiretapping

• With the development of the telephone in the 1870’s, wiretapping soon spread to telephone wires.

• In 1899, the San Francisco Call accused their rival newspaper of eavesdropping on their phone calls to steal exclusive stories.

Wiretapping

• Although New York State enacted laws against wiretapping, the Police believed that the laws only applied to private citizens.

• They routinely tapped phone lines between 1892 and 1938 including conversations between lawyers and clients and doctors and their patients.

Wiretapping

• The New York State legislature passed a law in 1918 prohibiting wiretapping by law enforcement without court authorization. This bill was vetoed by the governor.

• In 1938 the New York State constitution search and seizure clause was amended to prohibit police wiretapping without court approval.

Roy Olmstead

• Roy Olmstead was a Seattle bootlegger during the 1920’s.

• Wiretaps were installed on the phone lines in the basement of his office and on the phone lines leading to his home.

Roy Olmstead

• He was convicted by a lower court using the evidence gathered by the phone taps.

• The case was eventually appealed to the U.S. Supreme Court which decided 5-4 that the wiretaps were legal because the 4th amendment only protected against physical searches.

The Brandeis Dissent• “The makers of our constitution …sought to

protect Americans in their beliefs, their thoughts, their emotions and their sensations. They conferred, as against the Government, the right to be let alone – the most comprehensive of rights and the right most valued by civilized man.”

• Supreme Court Justice Louis Brandeis (1928)

Privacy and Law Enforcement

• Law enforcement officials have the legal right to seek wiretaps but their requests must be presented to a judge and show “probable cause, supported by oath or affirmation.”

Federal Communications Act

• In 1934, Congress passed the FCA placing radio and wire communication under the jurisdiction of the Federal Communications Commission (FCC).

• The FCA of 1934 prohibited the “interception and divulgence” of wire communication.

Nardone v. United States• Frank Nardone was also a bootlegger who

had been convicted using wiretaps secured without court approval.

• In 1937 the U.S. Supreme Court said that this was a violation of the FCA of 1934.

• Nardone was convicted again in 1939 and the Supreme Court again overturned his conviction.

J. Edgar Hoover

• J. Edgar Hoover sought a free hand with wiretaps and requested that the Attorney General allow this.

• The Department of Justice determined that since the law prohibited “interception and divulgence,” it would be o.k. to intercept but not divulge.

J. Edgar Hoover

• This started Hoover’s massive wiretapping program that lasted from 1940 until his death in 1972.

• Because of the FCA of 1934 none of the information collected could be used in criminal prosecution.


• Between 1940 and 1973, the FBI and CIA read the mail of thousands of private citizens.

• Without judicial, congressional or presidential approval the mail of private individuals, congressmen, senators, journalists and presidential candidates was read by the FBI and CIA.


• In 1945 the Armed Forces Security Agency (later the NSA) met with representatives from Western Union, ITT and RCA.

• The telecom companies agreed to give the NSA direct access to microfilm copies of all telegram messages they handled.

• This was known as Project SHAMROCK and continued for 30 years until 1975.

World War II

• During the 1940s the FBI wiretapped the Congress of Industrial Organizations’ Council and Maritime Committee; the Tobacco, Agricultural and Allied Workers of America; the International Longshoreman’s and Warehousemen’s Union; the National Maritime Union; the United Public Workers of America.


• The American Friends Service Committee (Quakers) had their mail opened by the FBI.

• The Socialist Workers Party was subjected to 20 years of wiretaps, burglaries and bugs by the FBI. They eventually sued the federal government and in 1986 won $250,000 in damages.

J. Edgar Hoover

• In 1965 Senator Edward V. Long began a Senate investigation of government wiretapping.

• The FBI met with him and suggested he drop the matter. He did.

J. Edgar Hoover

• A year later, Senator Long began another investigation.

• Shortly thereafter, Life magazine published a story saying that Senator Long had taken $48,000 from Jimmy Hoffa’s attorney. The article hinted that this was a bribe to prevent criminal charges against Hoffa who led the Teamster’s union.

The Pentagon Papers

• In 1971, the New York Times began to publish The Pentagon Papers, the classified official record of the Vietnam War as prepared by the Pentagon.

• In trying to determine who was responsible for the leak, suspicion settled on Daniel Ellsberg.

The Pentagon Papers

• When Ellsberg’s case came to trial, it came out that John Erlichman (a close White House aide to Nixon) had authorized the burglary of Ellsberg’s psychiatrist’s office and that Ellsberg’s phone had been tapped.

• This was discovered as part of the Watergate investigation and the charges against Ellsberg were dismissed.

Watergate• Employees of Richard Nixon’s re-election

campaign (The Committee to Re-Elect the President) broke into Democratic National Headquarters in 1972 to place a bug on the phone of Lawrence O’Brien, the Democratic Party chairman. A bug had already been placed on his secretary’s phone, but not enough information was being gathered.

Watergate

• “[Nixon] misused the Federal Bureau of Investigation, the Secret Service, and other Executive Personnel… by directing or authorizing…electronic surveillance…for purposes unrelated to national security, the enforcement of laws or any other lawful function of his office…”

• from the articles of impeachment of Richard M. Nixon

Lawrence Plamondon

• Plamondon and John Sinclair were student radicals in Ann Arbor, Michigan. They were indicted for a 1968 bombing at the CIA offices in Ann Arbor on the testimony of known bomber David Valler. There was no other corroborating evidence and none has come to light in the 40 years since.

Plamondon• As part of the case, Plamondon and

Sinclair’s lawyers asked for access to any surveillance records from the case.

• The government refused because they had not sought a warrant.

Plamondon

• In 1972, the U.S. Supreme Court heard the case and determined that surveillance required a court order.

• The government would need to disclose any surveillance in order to pursue the case against Sinclair and Plamondon.

• The government dropped their case.

Plamondon• “…these Fourth Amendment freedoms

cannot be properly guaranteed if domestic security surveillances may be conducted solely within the discretion of the Executive Branch…”

• United States v. United States District Court for the Eastern District of Michigan 1972

The Church Committee

• In January 1975, the Senate appointed an eleven-member committee to investigate government intelligence operations to determine whether executive branch agencies were engaged in “illegal, improper or unethical activities.”


• “The Senate Select Committee to Study Governmental Operations with respect to Intelligence Activities”

• Much of the information we’ve discussed here was not known until the Church Committee.


• “The Government has often undertaken the secret surveillance of citizens on the basis of their political beliefs, even when those beliefs posed no threat of violence or illegal acts on the behalf of a foreign power.”

The Church Committee• “The Government, operating primarily

through secret informants, but also using other intrusive techniques such as wiretaps, microphone ‘bugs,’ surreptitious mail opening, and break-ins, has swept in vast amounts of information about the personal lives, views and associations of American citizens.”

• Final report of the Church Committee


• “[G]overnment monitoring of individuals or groups because they hold unpopular or controversial political views is intolerable in our society.”

• Attorney General Edward Levi (1976)

Foreign Intelligence Surveillance Act

• After the findings of the Church Committee, congress passed the Foreign Intelligence Surveillance Act (FISA) in 1978.

• The act provided for judicial and congressional oversight of intelligence surveillance activities.


• FISA created the Foreign Intelligence Surveillance Court which oversees the executive branch’s requests for surveillance authority.

• The Attorney General is then required to report to Congress every six months on the activities of the Foreign Intelligence Surveillance Court.


• In the 35 years since the act’s inception, the court has heard 33,949 pleas for surveillance authority and has denied only 11.

• The court approved every request from 1979-2002, denying its first request in 2003. All 11 denials have come in the last 10 years.

Digital Crytpography

Cryptology

• Cryptology is comprised of two interrelated disciplines – cryptography and cryptanalysis.

• Cryptography is the encipherment or creation of coded messages.

• Cryptanalysis is the decoding of messages.

Cryptology

• Standard cryptography using various ways of changing the letters of a message was used extensively from Greek and Roman times and into the 20th century.

• With the development of the telegraph and typewriter, various electronic and mechanical methods of enciphermentbecame common.

Cryptology

• One of the best known examples of an electromechanical cipher is the German Enigma machine, which was used extensively during World War II.

• Its codes were extremely difficult to break.

Cryptology

• To aid in their effort to decipher German codes, the British government developed the Colossus machine – the first electronic programmable digital computer.

• The computing power of the Colossus led to new developments in cryptography as well as increased cryptanalytic capabilities.

Cryptology

• One of the problems in cryptography is deciding on a KEY for the cipher.

• If two people are in the same place, they can determine a key and go their separate ways, then use the key to create a secure cryptographic system.

Cryptology

• However, if two people are in different locations, they must decide on a key using the same insecure channel that prompted the need for a code in the first place.

• Not an ideal situation.

Public-Key Cryptography

• One solution to this problem was the development of Public-Key Cryptography using the Diffie-Hellman Key Exchange.

• This was developed by Whitfield Diffie and Martin Hellman at Stanford University during the mid-1970’s.

Public-Key Cryptography

• Martin Hellman has since said that Ralph Merkle (who was a graduate student at Stanford at the time) made major contributions to the development of public-key cryptography.

Merkle, Hellman, Diffie (l-r)1977

Diffie-Hellman Key Exchange

• The Diffie-Hellman Key Exchange relies on a simple mathematical fact.

• If you raise a number to two separate powers, it doesn’t matter what order you apply the powers, you will get the same answer.


For example if you raise 82 3

, then

raise 40968 4

, this is the same result as

if you had first raised 162 4

and then

raised 409616 3

.

In other words 123443 222

.

Diffie-Hellman Key Exchange• How does this process maintain secrecy?

• Through the interaction of two ideas:

• Modular number systems

and

• The Discrete Logarithm Problem

Modular Arithmetic• Modular number systems use only a finite

set of numbers to compute with.

• For example in the modular system mod 7, only the numbers {0, 1, 2, 3, 4, 5, 6} are used.

• Any other numbers can be related to one of the numbers in this set by finding the remainder when divided by 7.

Modular Arithmetic

• So all multiples of 7 are considered to be equivalent to 0.

• Any number that is one more than a multiple of 7 (like 8, 15, 22, 29, 36 and so on) are considered to be equivalent to 1.

Modular Arithmetic

This creates seven groups of numbers or

“equivalence classes.”

,....}35 ,28,21,14,7,0,7 ,14{...,}0{

,....}36 ,29,22,15,8,1,6 ,13 {...,}1{

,....}37 ,30,23,16,9,2,5 ,12 {...,}2{

,....}38 ,31,24,17,10,3,4 ,11 {...,}3{

,....}39 ,32,25,18,11,4,3 ,10 {...,}4{

,....}40 ,33,26,19,12,5,2 ,9{...,}5{

,....}41 ,34,27,20,13,6,1 ,8 {...,}6{

Modular Arithmetic

• The next slide shows a multiplication table in the mod 7 system.

MULTIPLICATION MODULO 7

0 1 2 3 4 5 60 0 0 0 0 0 0 01 0 1 2 3 4 5 62 0 2 4 6 1 3 53 0 3 6 2 5 1 44 0 4 1 5 2 6 35 0 5 3 1 6 4 26 0 6 5 4 3 2 1

Modular Arithmetic

• Since the Diffie-Hellman Key Exchange uses powers and exponents, here is a table showing what happens when each number (1-6) is raised to a power.

POWERS IN MOD 7

1 2 3 4 5 61 1 1 1 1 1 12 2 4 1 2 4 13 3 2 6 4 5 14 4 2 1 4 2 15 5 4 6 2 3 16 6 1 6 1 6 1

Discrete Logarithm

• The Discrete Logarithm problem is related to the powers of numbers in a modular system.

• Let’s first talk about regular (or continuous) logarithms.

Continuous Logarithms

• Any logarithm must have a base. The common logarithm uses base 10.

• The common logarithm of a number is the power you must raise 10 to to get your number.

• For example the common logarithm of 100 is 2 because 102 = 100

Continuous Logarithms

• The logarithms of numbers that are not whole number powers of 10 are a little trickier, but not impossible.


• The way the Diffie-Hellman Key Exchange works is that two people publicly agree on a base and a modular system.

• In our example, the base will be 3 and the modular system 7.

POWERS IN MOD 7

1 2 3 4 5 61 1 1 1 1 1 12 2 4 1 2 4 13 3 2 6 4 5 14 4 2 1 4 2 15 5 4 6 2 3 16 6 1 6 1 6 1


• Each person has a “secret power” that they raise the base to and then send the answer along to the other person.

• Their secret power stays secret, because even if someone knows that the number is a power of 3, in a large modular system it’s very difficult to figure out which power of 3!

Discrete Logarithm

• The problem of a Discrete Logarithm is that you’re given a number and have to figure out which power of 3 it’s equal to.

• In order to do this, you must reconstruct all the powers of 3 in a modular system.

Discrete Logarithm

• In mod 7, this is not difficult.

• Actual cryptography uses very large numbers for the modular system. Because these numbers are so large, it can take up to 20 years to create one of these tables.

• This time factor is what keeps the data safe.

The NSA and

Edward Snowden

Recent NSA Activites

• “United States of Secrets” – Parts I and II. PBS broadcasts May 13 and 20, 2014

• “Unclassified Report on the President’s Surveillance Program” - (2009) http://www.fas.org/irp/eprint/psp.pdf

• Angler: The Cheney Vice Presidency (2009), by Barton Gellman


• No Place to Hide (2014), by Glenn Greenwald

• Bush’s Law (2009), by Eric Lichtblau

• 500 Days: Secrets and Lies in the Terror Wars (2013), Kurt Eichenwald

• State of War (2006), by James Risen


• I What was happening?

• II What was publicly known?

• III What was known/approved (and by whom) at various levels of the federal government?


• After the attacks of September 11, 2001, the White House instituted expanded surveillance programs to be undertaken by the NSA.

• The legal justification for these activities was initially provided by David Addington, Counsel to the Office of the Vice President.


• Department of Justice Office of Legal Counsel Deputy Assistant Attorney General John Yoo, later provided additional legal justification for the program.


• “The PSP [President’s Surveillance Program] expanded the NSA’s authority by allowing it to conduct electronic surveillance within the United States without an order from the FISC when certain factual conditions and legal standards were met.”

• Inspector Generals’ Report


• The exact nature of this “expanded authority” has never been clear, always remaining shrouded behind top secret classification.

• Justice Department official Thomas Tamm contacted the New York Times in the spring of 2004 with information about the expanded authority of the NSA.


• The Times began preparing a story on the program and contacted the White House to discuss their intention to publish the information.

• The White House convinced the Times not to publish the story.


• During the following year, reporter James Risen began a book that would discuss the story of the NSA activities and the newspaper’s decision to withhold publication of the story.

• The Times reconsidered and again met with the White House.


• During this meeting, they were told by President Bush that if they published the story and there was another attack, the Times and owner Arthur Sulzberger and editor Bill Keller personally would have “blood on their hands” as a result.

Recent NSA Activites• The story was published on December 16,

2005 and described details of some of the expanded activities of the NSA.

• This included information that NSA was monitoring without warrants any telephone and internet metadata involving “communications with at least one communicant outside the United States or for which no communicant was known to be a citizen of the United States.”

Recent NSA Activites• In late 2003 and early 2004, several

personnel changes at the Department of Justice caused the original legal justifications to be reviewed.

• On March 4 2004, Deputy Attorney General James Comey met with Attorney General John Ashcroft to tell him that he and several other justice department officials had doubts about the legality of the program.

Recent NSA Activites• Attorney General Ashcroft suffered an attack of

acute pancreatitis later that day and was admitted to the hospital. Ashcroft transferred his authority to Comey as Acting Attorney General.

• James Comey met with White House officials March 9th, during which Vice President Cheney told him that Comey would personally endanger “thousands” of lives if he did not agree to recertify the legality of the program.


• Comey said that he could not recertify the program without substantial changes.

• On March 10th around 6:30pm, Attorney General Ashcroft’s wife began receiving phone calls at the hospital stating that the President would like to speak with the Attorney General.


• She said that he was not well and would not accept phone calls.

• Mrs. Ashcroft was informed that White House Counsel Alberto Gonzales and Chief of Staff Andrew Card would be arriving at the hospital shortly to speak with her husband in person.

Recent NSA Activites• James Comey was notified of this and arrived

at the hospital shortly before Gonzales and Card.

• When Gonzales and Card arrived, Ashcroft sat up in bed and spoke with them, saying that he had no authority to sign off on the surveillance program because Comey was Acting Attorney General.

• Gonzales and Card left the room.


• The White House planned to reauthorize the program based on the legal certification of the White House Counsel Alberto Gonzales.

• As a result, James Comey, Jack Goldsmith, and FBI Director Robert Mueller prepared letters of resignation.


• The PSP was modified to comply with the requests of the Department of Justice officials Comey and Goldsmith.

• The White House then began trying to find other legal justifications for the program to present to the Foreign Intelligence Surveillance Court (FISC).

Recent NSA Activites• In July of 2004, the argument was

presented to FISC Judge Colleen Kotar-Kotelly that bulk collection of metadata for internet, phone, email and financial transactions should be allowed.

• The FISC agreed to approve bulk metadata collection based on the previous case Smith v. Maryland in which a single person’s metadata was monitored for less than one month.


• This legal opinion was classified Top Secret until the recent leak of information.

• It was released by the government in redacted form in late 2013.


• In May 2006 the FISC determined that the “business records” provision of Section 215 of the Patriot Act included the metadata for the entire call database of a phone company.

• This legal decision is still classified.


• Senator Ron Wyden has proposed declassifying these secret FISC legal decisions “so Americans can have an informed public debate about these laws.”

Recent NSA Activites• In late 2012 and early 2013, journalist

Glenn Greenwald and documentary filmmaker Laura Poitras began receiving anonymous emails from someone saying that they had classified information that might be of interest.

• Poitras used public key encryption to communicate with the individual and set up a meeting in Hong Kong in May of 2013.


• Greenwald, Poitras and the Manchester Guardian reporter Ewan MacAskill met with Edward Snowden in Hong Kong.

• Much of the information that had been previously leaked or known in incomplete form was confirmed by the information subsequently released by the Guardian and the Washington Post’s Barton Gellman.


• One major piece of information was the request for access to the metadata for all of Verizon’s call database.

• Since then, one federal judge (Pauley) has determined that this is lawful. Another (Leon) has said that it is not.


• Another important piece of information is the agreements that NSA apparently has in place with numerous telecommuicationsand internet companies to collect data directly from their hardware equipment.


• Events are still unfolding.

• Various reforms have been proposed.

• Senator Wyden has been working on this since before the release of the Snowden documents.


• An important part of the issue is the public debate.

• What do we want our government to be?

mathematics, communication and secrecy · · 2015-01-26... communication and secrecy • a brief...

Documents