CSE4317 Individual Presentation Topics

Encryption, Law Enforcement, and Privacy [Bowyer, Chapter 5]

  1. Development of Internet wiretap capability. While the phone systems are wiretap-capable to some reasonable degree, the Internet is not so wiretap-friendly. In October 1999, the FBI encouraged the Internet Engineering Task Force to consider the issue of making the Internet more wiretap-capable. In January 2000, the executive committee of the IETF decided that they would not consider the requirements or wiretapping in the development of Internet protocols. Report on the issues involved, including what the FBI would like to see happen and why the IETF declined to move in this direction. [Additional Assignment #1, page 156, Bowyer, 2nd edition.]

  2. Development of Public Key Infrastructure. Report on the current status of industry and government efforts aimed at developing a Public Key Infrastructure. The Internet Engineering Task Force (ietf.org) and the National Institute of Standards may be good places to begin studying this topic. [Additional Assignment #2, page 156, Bowyer, 2nd edition.]

  3. The "Cyberspace Electronic Security Act" proposed in 1999. Report on the proposed "Cyberspace Electronic Security Act" described at www.epic.org/crypto/legislation/cesa_release.html. How would adoption of this law change the situation with monitoring of Internet communications as it compares to wiretap of traditional telephone communications? [Additional Assignment #3, page 156, Bowyer, 2nd edition.]

  4. Illegal wiretapping in modern times. Stories of illegal wiretaps in the 1960s (e.g., targeted at Martin Luther King, Jr.) are well known. Most people assume that reforms have been effective and therefore such abuses are relatively rare today. The Los Angeles Police Department made the news in 1999 over charges of "widespread" illegal wiretapping. Report on the allegations, investigation and eventual outcome of this story. [Additional Assignment #5, page 156, Bowyer, 2nd edition.]

  5. The "Echelon" eavesdropping controversy. In late 1999, several news stories appeared about the "Echelon" intelligence gathering system. For example, see http://www.wired.com/news/print/0,1294,32302,00.html. Read several of these stories and report on the allegations made and the facts admitted. What truly new information was revealed in these stories? [Additional Assignment #6, page 156, Bowyer, 2nd edition.]

  6. Elliptic-curve cryptography. Report in more detail on the relative merits of the elliptic-curve versus RSA-style public key encryption. Possible places to start include: http://www.certicom.com/research.html and http://www.cryptosavvy.com. [Additional Assignment #7, page 156, Bowyer, 2nd edition.]

  7. U.S. Government's Advanced Encryption Standard. The National Institute of Standards and Technology (NIST) has been working with industry and the cryptography community to develop an Advanced Encryption Standard (AES). The overall goal is to develop a Federal Information Processing Standard (FIPS) that specifies an encryption algorithm(s) capable of protecting sensitive government information well into the 21st century. The algorithm(s) is expected to be used by the U.S. Government and, on a voluntary basis, by the private sector. Report on the details of the standard and the response from organizations outside NIST. One place to start is csrc.nist.gov/encryption/aes/.

  8. The DIRT data interception system. There is a new program out there developed by codex data systems (www.codexdatasystems.com) called DIRT. DIRT stands for Data Interception by Remote Transmission. Basically it is a program that will monitor all activity on your computer and report it back to a host computer. It can be unknowingly put on anyone's computer like a Trojan Horse. Codex is currently selling this program (supposedly only to law enforcement agents). Report on the details of DIRT, other Codex products, and the privacy issues involved.

  9. The FBI Carnivore system. The Federal Bureau of Investigation has developed an Internet snooping system, unfortunately called Carnivore. Report on the details of the system, how it works, the response from privacy organizations, and the current status of the system.