Telephone wiretap and dialed number recording systems are used by law enforcement and national security agencies to collect investigative intelligence and legal evidence. This talk will show how many of these systems are vulnerable to simple, unilateral countermeasures that allow wiretap targets to prevent their call audio from being recorded and/or cause false or inaccurate dialed digits and call activity to be logged. The countermeasures exploit the unprotected in-band signals passed between the telephone network and the collection system and are effective against many of the wiretapping technologies currently used by US law enforcement, including at least some ``CALEA'' systems. Possible remedies and workarounds will be proposed, and the broader implications of the security properties of these systems will be discussed.
A recent paper, as well as audio examples of several wiretapping countermeasures, can be found at http://www.crypto.com/papers/wiretapping/ .
This is joint work with Micah Sherr, Eric Cronin, and Sandy Clark.
Slides/Presentation Material:
Paper that is the material for this presentation (in lieu of slides).
Introduction:
Professor Dan Boneh of the Stanford Computer Systems Laboratory introduced the speaker.
About the speaker:
Matthew Blaze Computer and Information Science Research: Prof Blaze's research focuses on the architecture and design of secure systems based on cryptographic techniques, analysis of secure systems against practical attack models, and on finding new cryptographic primitives and techniques. This work has led directly to several new cryptographic concepts, including: "Remotely-Keyed Encryption," which allows the use of inexpensive, low-bandwidth secure hardware to protect high-bandwidth communication and stored data, "Atomic Proxy Cryptography," which allows re-encryption by untrusted third parties, and "Master-Key Encryption," which provides a systematic way to design (and study) ciphers with built-in "back doors." Prof Blaze is especially interested in the use of encryption to protect insecure systems such as the Internet. He was a designer of swIPe, a predecessor of the now standard IPSEC protocol for protecting Internet traffic. Another project, CFS, investigated and demonstrated the feasibility of including encryption as file system service. Contact information:
Matt Blaze
|