CSE4317 Individual Presentation Topics
Encryption, Law Enforcement, and Privacy [Bowyer, Chapter 5]
- Development of Internet wiretap capability. While the phone
systems are wiretap-capable to some reasonable degree, the Internet is not
so wiretap-friendly. In October 1999, the FBI encouraged the Internet
Engineering Task Force to consider the issue of making the Internet more
wiretap-capable. In January 2000, the executive committee of the IETF
decided that they would not consider the requirements or wiretapping in the
development of Internet protocols. Report on the issues involved,
including what the FBI would like to see happen and why the IETF declined
to move in this direction. [Additional Assignment #1, page 156, Bowyer,
- Development of Public Key Infrastructure. Report on the current
status of industry and government efforts aimed at developing a Public Key
Infrastructure. The Internet Engineering Task Force (ietf.org) and the National Institute of
Standards may be good places to begin studying this topic. [Additional
Assignment #2, page 156, Bowyer, 2nd edition.]
- The "Cyberspace Electronic Security Act" proposed in 1999.
Report on the proposed "Cyberspace Electronic Security Act" described at
www.epic.org/crypto/legislation/cesa_release.html. How would adoption
of this law change the situation with monitoring of Internet communications
as it compares to wiretap of traditional telephone communications?
[Additional Assignment #3, page 156, Bowyer, 2nd edition.]
- Illegal wiretapping in modern times. Stories of illegal
wiretaps in the 1960s (e.g., targeted at Martin Luther King, Jr.) are well
known. Most people assume that reforms have been effective and therefore
such abuses are relatively rare today. The Los Angeles Police Department
made the news in 1999 over charges of "widespread" illegal wiretapping.
Report on the allegations, investigation and eventual outcome of this
story. [Additional Assignment #5, page 156, Bowyer, 2nd edition.]
- The "Echelon" eavesdropping controversy. In late 1999, several
news stories appeared about the "Echelon" intelligence gathering system.
For example, see
http://www.wired.com/news/print/0,1294,32302,00.html. Read several of
these stories and report on the allegations made and the facts admitted.
What truly new information was revealed in these stories? [Additional
Assignment #6, page 156, Bowyer, 2nd edition.]
- Elliptic-curve cryptography. Report in more detail on the
relative merits of the elliptic-curve versus RSA-style public key
encryption. Possible places to start include:
http://www.certicom.com/research.html and http://www.cryptosavvy.com.
[Additional Assignment #7, page 156, Bowyer, 2nd edition.]
- U.S. Government's Advanced Encryption Standard. The National
Institute of Standards and Technology (NIST) has been working with industry
and the cryptography community to develop an Advanced Encryption Standard
(AES). The overall goal is to develop a Federal Information Processing
Standard (FIPS) that specifies an encryption algorithm(s) capable of
protecting sensitive government information well into the 21st century. The
algorithm(s) is expected to be used by the U.S. Government and, on a
voluntary basis, by the private sector. Report on the details of the
standard and the response from organizations outside NIST. One place to
- The DIRT data interception system. There is a new program out
there developed by codex data systems (www.codexdatasystems.com) called
DIRT. DIRT stands for Data Interception by Remote Transmission. Basically
it is a program that will monitor all activity on your computer and report
it back to a host computer. It can be unknowingly put on anyone's computer
like a Trojan Horse. Codex is currently selling this program (supposedly
only to law enforcement agents). Report on the details of DIRT, other
Codex products, and the privacy issues involved.
- The FBI Carnivore system. The Federal Bureau of Investigation
has developed an Internet snooping system, unfortunately called Carnivore.
Report on the details of the system, how it works, the response from
privacy organizations, and the current status of the system.