[IP] Wiretapping Technology vs. Wiretapping Laws

To: Ip Ip <ip@xxxxxxxxxxxxxx>
Subject: [IP] Wiretapping Technology vs. Wiretapping Laws
From: David Farber <dave@xxxxxxxxxx>
Date: Wed, 10 Aug 2005 13:52:14 -0400
List-help: <http://v2.listbox.com/doc/help_sub?list_name=ip@v2.listbox.com>
List-id: <ip@xxxxxxxxxxxxxx>
List-software: listbox.com v2.0
List-subscribe: <mailto:subscribe-ip@v2.listbox.com>, <http://v2.listbox.com/subscribe/?listname=ip@v2.listbox.com>
List-unsubscribe: <mailto:unsubscribe-ip@v2.listbox.com>, <http://v2.listbox.com/member/unsubscribe/?listname=ip@v2.listbox.com>
References: <200508101539.j7AFdSEx023056@xxxxxxxxxxxxxxxxx>
Reply-to: dave@xxxxxxxxxx



Begin forwarded message:

From: Lauren Weinstein <lauren@xxxxxxxxxx>
Date: August 10, 2005 11:39:26 AM EDT
To: dave@xxxxxxxxxx
Cc: lauren@xxxxxxxxxx
Subject: Wiretapping Technology vs. Wiretapping Laws


Dave,

Let me be even more explicit about this.  In my recent message
regarding the FCC's VoIP CALEA order, I said nothing about the
technical issues involved in tapping Internet-only VoIP calls.  I
was only discussing the various interpretations of the new CALEA
order, and whether or not that order might be applied to
Internet-only calls conducted via services covered by that order, as
opposed to their calls that are both VoIP *and* terminate on the
public switched telephone network (PSTN).

As far as actually tapping Internet-only VoIP calls is concerned,
there really are only a few basic cases:

  1) VoIP call has at least one leg that terminates on the PSTN.
     The Internet portion of the call may or may not be encrypted
     (or strongly encrypted).  Result: Tapping is possible and
     relatively trivial for that call.  The tap can be located at
     the Internet<->PSTN interface and there's no need to deal with
     Internet data at all other than addressing and control
     information that can be obtained from the service provider
     (remember, we're talking about legal wiretaps under order in
     these examples; illegal wiretaps will take varying amounts of
     extra work -- often not very much more work).  Internet voice
     data encryption is irrelevant in this case.

  2) VoIP call is Internet-only but is *not* encrypted (or is
     trivially encrypted, or is strongly encrypted but keys are
     available to the service provider and/or other external
     entities), with call voice data routing controlled by the
     central service.  Result: Tapping is possible and relatively
     trivial for that call.  Encryption is not a major issue in this
     case, and the service provider can be ordered to arrange for the
     call voice data to be routed in such a way that a copy is
     available in real time for the monitoring entity.  Note that
     this case also can be used to define the situation where a VoIP
     call with no encryption or weak encryption is being made
     independent of a service provider.  In this case, the
     monitoring entity will need to arrange for direct monitoring of
     the targets' data via their ISPs.  This is obviously
     undesirable compared with the case of the data being controlled
     by a service provider, since it's more work (especially in a
     roving case).  But it can still be done in a practical manner.

  3) VoIP call is Internet-only but is strongly encrypted using keys
     unavailable to the service provider or other external
     entities.  Call may be routed independently of any service
     provider or may be routed by a service provider.  Result:
     Tapping is difficult, perhaps very difficult, perhaps
     impossible in a practical sense.  If strong encryption is in
     use, the routing of the call ceases to be an issue, since the
     heavily encrypted data will not allow monitoring of the call,
     unless it can be decrypted within a useful time frame.  Note
     that traffic analysis (who is calling, where are they calling,
     how often, etc.) may still be easily possible in this case,
     depending upon how that data is being handled (encrypted or in
     the clear?) and routed.

Also, it should be obvious that if a monitoring entity is willing
and able to surreptitiously install specialized software or hardware
within a target's PC, then all bets are off and one must assume that
essentially unlimited monitoring will be possible irrespective of
the factors listed above.

That's pretty much the entire ball game.  Assuming that we're not
dealing with the surreptitious installation case that I just
mentioned, then strong encryption, with the keys unknown to any
service provider or other external entity, represents the only
reasonably reliable means to prevent practical wiretapping,
regardless of whether the calls are VoIP Internet-only or not.

 - - -

       Russian Spy:  "Are you trying to tell me that every phone
                      in the country is tapped?"

       American Spy: "That's what's in my head..."

       Russian Spy:  "But Don!  This is AMERICA... not RUSSIA!"

                           --- "The President's Analyst" (1967)


--Lauren--
Lauren Weinstein
lauren@xxxxxxxx or lauren@xxxxxxxxxx or lauren@xxxxxxxx
Tel: +1 (818) 225-2800
http://www.pfir.org/lauren
Co-Founder, PFIR
  - People For Internet Responsibility - http://www.pfir.org
Co-Founder, EEPI
  - Electronic Entertainment Policy Initiative - http://www.eepi.org
Moderator, PRIVACY Forum - http://www.vortex.com
Member, ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
DayThink: http://daythink.vortex.com


-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

Prev by Date: [IP] Tracked Workers Outraged Over RFID Tagging (Baseline)
Next by Date: [IP] Carnegie Mellon study on drivers licenses and REAL ID Act [priv]
Previous by thread: [IP] Tracked Workers Outraged Over RFID Tagging (Baseline)
Next by thread: [IP] Carnegie Mellon study on drivers licenses and REAL ID Act [priv]
Index(es):
- Date
- Thread