DOCSLIB.ORG

Security of Symmetric Encryption Against Mass Surveillance

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Security of Symmetric Encryption Against Mass Surveillance Security of Symmetric Encryption against Mass Surveillance Gihyuk Ko Carnegie Mellon University slides from Kyle Soska Today’s Lecture • Consider new type of adversary in the form of a ‘Big Brother’ that wants to perform surveillance at a large scale • Discuss constructions that could be used by a ‘Big Brother’ for symmetric encryption • Discuss mitigations and solutions against these constructions Traditional Adversary Model Alice Bob ENC(K, M) DEC(K, C) DEC(K, C’) ENC(K, M’) Example: IND-CPA 퐸푛푐 푘, 푚0 b = 0 (푚0, 푚1) 푛 b ←푅 {0, 1}, k ←푅 0, 1 퐸푛푐(푘, 푚푏) 퐸푛푐 푘, 푚1 b = 1 퐴푑푣 퐴 = Pr 퐴 퐸푛푐 푘, 푚0 = 1 − Pr 퐴 퐸푛푐 푘, 푚1 = 1 Example: Secure PRNG • Ideal: Sequence of truly random bits • Actual: Pseudorandom sequence of bits Random b = 0 푛 01001110101…. b ←푅 {0, 1}, k ←푅 0, 1 퐺(푘) b = 1 퐴푑푣 퐴 = Pr 퐴 퐺 푘 = 1 − Pr 퐴 푟 = 1 Traditional Adversary Model Bob ENC(K, M) DEC(K, C) DEC(K, C’) ENC(K, M’) Terrorism Adversary Model Potential Terrorist Or Criminal DEC(K, C) ENC(K, M’) ENC(K, M) DEC(K, C’) Potential Terrorist Or Criminal DEC(K, C) ENC(K, M’) Terrorism and Large Internet Companies Terrorism Adversary Model Potential Terrorist Or Criminal DEC(K, C) ENC(K, M’) ENC(K, M) DEC(K, C’) Potential Terrorist Or Criminal DEC(K, C) I would like to eavesdrop in order to prevent terrorism and other crime ENC(K, M’) Spying Government Adversary Model Alice DEC(K, C) ENC(K, M’) ENC(K, M) DEC(K, C’) Bob DEC(K, C) All your privacy are belong to us ENC(K, M’) Spying Government Best of Both Worlds Potential Terrorist Or Criminal DEC(K, C) ENC(K, M’) ENC(K, M) DEC(K, C’) Potential Terrorist Or Criminal DEC(K, C) I will always do the ‘right’ thing ENC(K, M’) The Rest of the Lecture • How could a company allow a third party such as the government to eavesdrop in an undetectable way? • What can we as users do to prevent such things from happening? Goals - Informal • Big Brother (푩) • Wants to eavesdrop on communication • Does not want its eavesdropping to be detected • Users (푼) • Wants to detect when eavesdropping is taking place • Want to prevent eavesdropping from taking place Recall CBC Encryption M1 M2 M3 IV ⊕ ⊕ ⊕ 퐸푛푐퐾 퐸푛푐퐾 퐸푛푐퐾 C1 C2 C3 Recall CBC Decryption C1 C2 C3 퐷푒푐퐾 퐷푒푐퐾 퐷푒푐푘 IV ⊕ ⊕ ⊕ M1 M2 M3 Encryption Schemes More Formally • Π = (퐾, 퐸, 퐷) • 풦 = 0, 1 푘 the keyspace • 퐾: Secret symmetric key • 푀: Message • 퐴: Associated Data (Supplementary information such as padding) • 휎: state (ex. A counter for CBC counter mode) • 퐸 is a possibly randomized encryption routine such that 퐶, 휎′ ← 퐸(퐾, 푀, 퐴, 휎) • 퐷 is a deterministic decryption routine such that 푀, 휎′ ← 퐷(퐾, 퐶, 퐴, 휎) How to subvert Π? • Transfer all symmetric keys 퐾 to 퐵 • Keys would be observed by an eavesdropper and surveillance would be detected • If the company ever wanted to stop sending keys to 퐵, then 퐵 would no longer be able to eavesdrop Spying Government Adversary Model Alice DEC(K, C) ENC(K, M) ENC(K, M’) DEC(K, C’) Bob Client keys = {퐾1, K2, … } DEC(K, C) ENC(K, M’) How to backdoor Π? • Transfer all symmetric keys 퐾 to 퐵 • Keys would be observed by an eavesdropper and surveillance would be detected • Transfer all symmetric keys encrypted under key 퐾′ • Still high bandwidth communication channel between company and surveillance body, suspicious Spying Government Adversary Model Alice DEC(K, C) ENC(K, M) ENC(K, M’) DEC(K, C’) Bob Client keys = EncK′ 퐾1, K2, … DEC(K, C) Something is ENC(K, M’) fishy…. Algorithm Substitution Attack (ASA) • Suppose the servers replaced their implementation of encryption scheme Π with a modified version Π′ • Π′ could be specially designed to leak information about the messages or secret keys to an eavesdropper who holds secret information 퐾′ • Eavesdroppers that do not know this secret information would not be able to learn the messages or 퐾 • The server’s implementation of Π is a black box from the point of view of a regular user • Π′ has all the information Π has as well as a key 퐾′ called the escrow key or big-brother key, and possibly more state How to backdoor Π? • Derive a modified Π′ from Π, what properties must Π′ have? Decryptability (Informal) • The modified 훱′ = (퐾′, 퐸′, 퐷′) must produce encryptions that are correctly decrypted by the unmodified Π = (퐾, 퐸, 퐷) Decryptability (Formal) • Π′ = (퐾′, 퐸′, 퐷′) satisfies decryptability relative to Π = (퐾, 퐸, 퐷) if (퐾′, 퐾, 퐸′, 퐷′) is a correct encryption scheme where 퐷′ is defined by 퐷′ 퐾′, 퐾 , 퐶, 퐴, 휎 = 퐷(퐾, 퐶, 퐴, 휎) If decryptability does not hold Alice ??? This decryption makes no sense! DEC(K, C) ENC’(K’, K, M) ENC(K, M’) DEC’(K’, K, C’) Bob ??? This decryption Shared 퐾′ makes no sense! DEC(K, C) DEC’(K’, C) ENC(K, M’) How to backdoor Π? • Derive a modified Π′ from Π, what properties must Π′ have? Decryptability (Informal) • The modified 훱′ = (퐾′, 퐸′, 퐷′) must produce encryptions that are correctly decrypted by the unmodified Π = (퐾, 퐸, 퐷) Decryptability (Formal) • Π′ = (퐾′, 퐸′, 퐷′) satisfies decryptability relative to Π = (퐾, 퐸, 퐷) if (퐾′, 퐾, 퐸′, 퐷′) is a correct encryption scheme where 퐷′ is defined by 퐷′ 퐾′, 퐾 , 퐶, 퐴, 휎 = 퐷(퐾, 퐶, 퐴, 휎) • Needs to ‘look like’ a regular ciphertext, can’t have anything abnormal such as ciphertexts always start with a ‘0’ If ciphertexts are distinguishable Alice DEC(K, C) ENC(K’, K, M) ENC(K, M’) DEC(K’, K, C’) Bob Shared 퐾′ Every ciphertext DEC(K, C) from server starts DEC’(K’, C) with 0, something is ENC(K, M’) fishy…. Detection Game • Can a user with secret key 퐾 tell the difference between encryptions with 퐸 and 퐸′? Π → 퐸(푚) b = 0 K 푛 푚 b ←푅 {0, 1}, K’ ←푅 0, 1 , K 퐶 User 푈 Π′ → 퐸′(푚) b = 1 퐴푑푣 푈 = Pr 푈 퐾, 퐸′ 푚 = 1 − Pr 푈 퐾, 퐸 푚 = 1 Surveillance Game • Can Big brother with escrow key 퐾′ tell the difference between 퐸 and 퐸′? Π → 퐸(푚) b = 0 K’ 푛 푚 b ←푅 {0, 1}, K ←푅 0, 1 , K’ 퐶 Big Brother 퐵 Π′ → 퐸′(푚) b = 1 퐴푑푣 퐵 = Pr 퐵 퐾′, 퐸′ 푚 = 1 − Pr 퐵 퐾′, 퐸 푚 = 1 Additional Comments • Practically, Big Brother would want to be able to do more than simply distinguish encryptions from 퐸 and 퐸′ with non-negligible probability • We will be looking at schemes that allow Big Brother to either completely learn each message, or learn the session key so that he can decrypt each message with advantage nearly 1 • Big brother wants to win surveillance game with advantage 1 and for users to win detection game with negligible probability • Users want to win detection game with advantage 1, and for big brother to win surveillance game with negligible probability IV Replacement Attacks • Lots of encryption schemes flip coins (generate random information) • Turing machine with a random tape • Idea: when Π′ needs to generate random information, it will instead select the values specifically for the purpose of leaking information • Nonces • Initialization Vectors (IV) • Variable Length Padding • Can a user detect this type of attack? • Let 푋 be some efficient algorithm that extracts 퐼푉 ← 푋(퐶) from ciphertext 퐶, if such an algorithm exists then the 퐼푉 is said to be ‘surfaced’ or the encryption scheme ‘surfaces’ its 퐼푉 Stateful IV Attack M1 M2 M3 푘 IV = ←푅 0, 1 IV = 퐸푛푐퐾′(퐾) ⊕ ⊕ ⊕ 퐸푛푐퐾 퐸푛푐퐾 퐸푛푐퐾 C1 C2 C3 An Example Problem – part (a) • Question Suppose for all messages m and keys k, |E(m,k)| = |m|, that is, the size of the encryption of m (in bits) is the same as the size of m. Argue that (E,D) cannot be CPA-secure. • Answer • Domain and Range of the encryption is the same: it has to be deterministic! • Deterministic encryption cannot be secure against CPA adversary! Fixed IV attack Question • Can we just set a fixed IV = 퐸푛푐퐾′(퐾) for every message? What is the problem with this scheme? Answer • IV will always be the same, this is easily detectable by a user! • How can we modify this to make the attack work? Stateful IV Attack • 푬′ 푲′, 퐊, 퐌, 퐀, 흈 Algorithm: • Let 휎 be a counter initialized to 0 • If 휎 = 0 then 퐼푉 ← 퐸푛푐퐾′ 퐾 푘 • Else 퐼푉 ←푅 0, 1 • 퐶 = 퐸퐾 푀, 퐴, 퐼푉 • 휎 = 휎 + 1; Return 퐶 • 푫′ 푲′, 푪, 푨 Algorithm (푪 is an indexed array of ciphertexts): • 퐼푉 ← 푋 퐶 1 • 퐾 ← 퐷푒푐퐾′(퐼푉) • 푀 1 ← 퐷퐾 퐶 1 , 퐴 1 • Return 푀 Stateful IV Attack Alice 퐶 = 퐸퐾′ 퐾 ||퐸퐾 푀 DEC(K, C) ENC(K, M’) ENC(K’, K, M) DEC(K’, K, C’) Bob Shared 퐾′ DEC(K, C) DEC’(K’, C) ENC(K, M’) Attack Against Stateful IV Attack • State reset attack • If the state could get reset to 휎 = 0 then the IV would repeat, highly unlikely to happen if the IV is truly random or pseudorandom • Solution • Use a probabilistic / combinatorial version of Π instead of a stateful version of Π Stateless IV Attack • The intuition is that we will randomly select a single bit of the Key 퐾 and leak it in an IV • 퐼푉 = 퐸푛푐퐾′ (푏푖푡, 푖푛푑푒푥, 푟푎푛푑표푚 푝푎푑) Stateless IV Attack • Let 푘 be the size of the key (ex.
Load more

Recommended publications
  • SARS-Cov-2 Vaccine Breakthrough Surveillance and Case Information Resource Washington State Department of Health September 22, 2021
    SARS-CoV-2 Vaccine Breakthrough Surveillance and Case Information Resource Washington State Department of Health September 22, 2021 1 Page Break To request this document in another format, call 1-800-525-0127. Deaf or hard of hearing customers, please call 711 (Washington Relay) or email [email protected]. Publication Number 420-339 For more information or additional copies of this report: Disease Control and Health Statistics Public Health Outbreak Coordination, Information, and Surveillance 1610 NE 150th Street, MS: K17-9 Shoreline, WA 98155 Phone: 206-418-5700 (24-hour contact for local health jurisdictions only) Email: [email protected] 2 Page break SARS-CoV-2 Vaccine Breakthrough Surveillance and Case Information Resource Washington State Department of Health September 22, 2021 COVID-19 vaccines are effective and critical tools to aid in the control of this pandemic. Large- scale clinical studies found that COVID-19 vaccines prevented most people from getting COVID- 19 illness, but like most other vaccines, they are not 100 percent effective. This means some fully vaccinated people will still get infected with SARS-CoV-2. These individuals may or may not develop COVID-19 symptoms. Vaccine breakthrough occurs when someone gets infected with an organism they are fully vaccinated against. For the COVID-19 vaccine, this means someone tests positive for SARS-CoV- 2 two weeks or more after receiving the full series of an authorized COVID-19 vaccine. Since millions of people in the United States are getting vaccinated, we expect to see some breakthrough disease. Fortunately, there is evidence from research studies that the COVID-19 vaccine reduces the risk of people getting really sick and needing to go to the hospital or dying from COVID-19.
    [Show full text]
  • TCAS II) by Personnel Involved in the Implementation and Operation of TCAS II
    Preface This booklet provides the background for a better understanding of the Traffic Alert and Collision Avoidance System (TCAS II) by personnel involved in the implementation and operation of TCAS II. This booklet is an update of the TCAS II Version 7.0 manual published in 2000 by the Federal Aviation Administration (FAA). It describes changes to the CAS logic introduced by Version 7.1 and updates the information on requirements for use of TCAS II and operational experience. Version 7.1 logic changes will improve TCAS Resolution Advisory (RA) sense reversal logic in vertical chase situations. In addition all “Adjust Vertical Speed, Adjust” RAs are converted to “Level-Off, Level-Off” RAs to make it more clear that a reduction in vertical rate is required. The Minimum Operational Performance Standards (MOPS) for TCAS II Version 7.1 were approved in June 2008 and Version 7.1 units are expected to be operating by 2010-2011. Version 6.04a and 7.0 units are also expected to continue operating for the foreseeable future where authorized. 2 Preface................................................................................................................................. 2 The TCAS Solution............................................................................................................. 5 Early Collision Avoidance Systems................................................................................ 5 TCAS II Development .................................................................................................... 6 Initial
    [Show full text]
  • Defending Against Insider Use of Digital Steganography
    2007 Annual ADFSL Conference on Digital Forensics, Security and Law Proceedings Defending Against Insider Use of Digital Steganography James E. Wingate CISSP-ISSEP, CISM, IAM, Backbone Security, [email protected] Glenn D. Watt CISSP, CISM, IAM, IEM, Backbone Security, [email protected] Marc Kurtz CISSP, Backbone Security, [email protected] Chad W. Davis CCE, Backbone Security, [email protected] Robert Lipscomb Backbone Security, [email protected] Follow this and additional works at: https://commons.erau.edu/adfsl Part of the Computer Engineering Commons, Computer Law Commons, Electrical and Computer Engineering Commons, Forensic Science and Technology Commons, and the Information Security Commons Scholarly Commons Citation Wingate, James E.; Watt, Glenn D.; Kurtz, Marc; Davis, Chad W.; and Lipscomb, Robert, "Defending Against Insider Use of Digital Steganography" (2007). Annual ADFSL Conference on Digital Forensics, Security and Law. 1. https://commons.erau.edu/adfsl/2007/session-11/1 This Peer Reviewed Paper is brought to you for free and open access by the Conferences at Scholarly Commons. It has been accepted for inclusion in Annual ADFSL Conference on Digital Forensics, Security and Law by an (c)ADFSL authorized administrator of Scholarly Commons. For more information, please contact [email protected]. Conference on Digital Forensics, Security and Law, 2007 Defending Against Insider Use of Digital Steganography James E. Wingate, CISSP-ISSEP, Glenn D. Watt, CISSP,
    [Show full text]
  • Mass Surveillance
    Thematic factsheet1 Update: July 2018 MASS SURVEILLANCE The highly complex forms of terrorism require States to take effective measures to defend themselves, including mass monitoring of communications. Unlike “targeted” surveillance (covert collection of conversations, telecommunications and metadata by technical means – “bugging”), “strategic” surveillance (or mass surveillance) does not necessarily start with a suspicion against a particular person or persons. It has a proactive element, aimed at identifying a danger rather than investigating a known threat. Herein lay both the value it can have for security operations, and the risks it can pose for individual rights. Nevertheless, Member States do not have unlimited powers in this area. Mass surveillance of citizens is tolerable under the Convention only if it is strictly necessary for safeguarding democratic institutions. Taking into account considerable potential to infringe fundamental rights to privacy and to freedom of expression enshrined by the Convention, Member States must ensure that the development of surveillance methods resulting in mass data collection is accompanied by the simultaneous development of legal safeguards securing respect for citizens’ human rights. According to the case-law of the European Court of Human Rights, it would be counter to governments’ efforts to keep terrorism at bay if the terrorist threat were substituted with a perceived threat of unfettered executive power intruding into citizens’ private lives. It is of the utmost importance that the domestic legislation authorizing far-reaching surveillance techniques and prerogatives provides for adequate and sufficient safeguards in order to minimize the risks for the freedom of expression and the right to privacy which the “indiscriminate capturing of vast amounts of communications” enables.
    [Show full text]
  • The Nsa's Prism Program and the New Eu Privacy Regulation: Why U.S
    American University Business Law Review Volume 3 | Issue 2 Article 5 2013 The SN A'S Prism Program And The ewN EU Privacy Regulation: Why U.S. Companies With A Presence In The EU ouldC Be In Trouble Juhi Tariq American University Washington College of Law Follow this and additional works at: http://digitalcommons.wcl.american.edu/aublr Part of the International Law Commons, and the Internet Law Commons Recommended Citation Tariq, Juhi "The SAN 'S Prism Program And The eN w EU Privacy Regulation: Why U.S. Companies With A Presence In The EU ouldC Be In Trouble," American University Business Law Review, Vol. 3, No. 2 (2018) . Available at: http://digitalcommons.wcl.american.edu/aublr/vol3/iss2/5 This Note is brought to you for free and open access by the Washington College of Law Journals & Law Reviews at Digital Commons @ American University Washington College of Law. It has been accepted for inclusion in American University Business Law Review by an authorized editor of Digital Commons @ American University Washington College of Law. For more information, please contact [email protected]. NOTE THE NSA'S PRISM PROGRAM AND THE NEW EU PRIVACY REGULATION: WHY U.S. COMPANIES WITH A PRESENCE IN THE EU COULD BE IN TROUBLE JUHI TARIQ* Recent revelations about a clandestine data surveillance program operated by the NSA, Planning Tool for Resource Integration, Synchronization, and Management ("PRISM'), and a stringent proposed European Union ("EU") data protection regulation, will place U.S. companies with a businesspresence in EU member states in a problematic juxtaposition. The EU Proposed General Data Protection Regulation stipulates that a company can be fined up to two percent of its global revenue for misuse of users' data and requires the consent of data subjects prior to access.
    [Show full text]
  • Foreign Intelligence Surveillance: Intelligence Gathering of Prosecution?
    Fordham International Law Journal Volume 6, Issue 3 1982 Article 5 Foreign Intelligence Surveillance: Intelligence Gathering of Prosecution? Christine A. Burke∗ ∗ Copyright c 1982 by the authors. Fordham International Law Journal is produced by The Berke- ley Electronic Press (bepress). http://ir.lawnet.fordham.edu/ilj Foreign Intelligence Surveillance: Intelligence Gathering of Prosecution? Christine A. Burke Abstract This Note considers the permissible uses of information secured through a FISA surveillance in light of the fourth amendment issue raised by Falvey. It concludes that when information is sought for purposes of national security or foreign affairs, the nature of the investigation and the compelling government interest in obtaining the information require fourth amendment standards in some respects different and lower than in ordinary criminal investigations. FOREIGN INTELLIGENCE SURVEILLANCE: INTELLIGENCE GATHERING OR PROSECUTION? INTRODUCTION During 1980, the Federal Bureau of Investigation (FBI) began to investigate an international terrorist organization believed to be operating in New York.' As part of its investigation, the FBI ob- tained a warrant on April 3, 1981 authorizing the electronic surveil- lance2 of two United States citizens, Thomas Falvey and George Harrison, 3 pursuant to the Foreign Intelligence Surveillance Act of 19784 (FISA or Act). 5 The surveillance continued until June 19 or 20 1981;6 Falvey and Harrison were then arrested and charged with smuggling arms and equipment from the United States to the Provisional Irish Republican Army (IRA) in Ireland. 7 The government sought to use tapes of the intercepted tele- phone conversations at trial.8 Pursuant to FISA requirements, the government obtained the Attorney General's approval and in- formed the defendants and the court of its intention to use those tapes.
    [Show full text]
  • Ashley Deeks*
    ARTICLE An International Legal Framework for Surveillance ASHLEY DEEKS* Edward Snowden’s leaks laid bare the scope and breadth of the electronic surveillance that the U.S. National Security Agency and its foreign counterparts conduct. Suddenly, foreign surveillance is understood as personal and pervasive, capturing the communications not only of foreign leaders but also of private citizens. Yet to the chagrin of many state leaders, academics, and foreign citizens, international law has had little to say about foreign surveillance. Until recently, no court, treaty body, or government had suggested that international law, including basic privacy protections in human rights treaties, applied to purely foreign intelligence collection. This is now changing: Several UN bodies, judicial tribunals, U.S. corporations, and individuals subject to foreign surveillance are pressuring states to bring that surveillance under tighter legal control. This Article tackles three key, interrelated puzzles associated with this sudden transformation. First, it explores why international law has had so little to say about how, when, and where governments may spy on other states’ nationals. Second, it draws on international relations theory to argue that the development of new international norms regarding surveillance is both likely and essential. Third, it identifies six process-driven norms that states can and should adopt to ensure meaningful privacy restrictions on international surveillance without unduly harming their legitimate national security interests. These norms, which include limits on the use of collected data, periodic reviews of surveillance authorizations, and active oversight by neutral bodies, will increase the transparency, accountability, and legitimacy of foreign surveillance. This procedural approach challenges the limited emerging scholarship on surveillance, which urges states to apply existing — but vague and contested — substantive human rights norms to complicated, clandestine practices.
    [Show full text]
  • Mass Surveillance
    Mass Surveillance Mass Surveillance What are the risks for the citizens and the opportunities for the European Information Society? What are the possible mitigation strategies? Part 1 - Risks and opportunities raised by the current generation of network services and applications Study IP/G/STOA/FWC-2013-1/LOT 9/C5/SC1 January 2015 PE 527.409 STOA - Science and Technology Options Assessment The STOA project “Mass Surveillance Part 1 – Risks, Opportunities and Mitigation Strategies” was carried out by TECNALIA Research and Investigation in Spain. AUTHORS Arkaitz Gamino Garcia Concepción Cortes Velasco Eider Iturbe Zamalloa Erkuden Rios Velasco Iñaki Eguía Elejabarrieta Javier Herrera Lotero Jason Mansell (Linguistic Review) José Javier Larrañeta Ibañez Stefan Schuster (Editor) The authors acknowledge and would like to thank the following experts for their contributions to this report: Prof. Nigel Smart, University of Bristol; Matteo E. Bonfanti PhD, Research Fellow in International Law and Security, Scuola Superiore Sant’Anna Pisa; Prof. Fred Piper, University of London; Caspar Bowden, independent privacy researcher; Maria Pilar Torres Bruna, Head of Cybersecurity, Everis Aerospace, Defense and Security; Prof. Kenny Paterson, University of London; Agustín Martin and Luis Hernández Encinas, Tenured Scientists, Department of Information Processing and Cryptography (Cryptology and Information Security Group), CSIC; Alessandro Zanasi, Zanasi & Partners; Fernando Acero, Expert on Open Source Software; Luigi Coppolino,Università degli Studi di Napoli; Marcello Antonucci, EZNESS srl; Rachel Oldroyd, Managing Editor of The Bureau of Investigative Journalism; Peter Kruse, Founder of CSIS Security Group A/S; Ryan Gallagher, investigative Reporter of The Intercept; Capitán Alberto Redondo, Guardia Civil; Prof. Bart Preneel, KU Leuven; Raoul Chiesa, Security Brokers SCpA, CyberDefcon Ltd.; Prof.
    [Show full text]
  • U.S. Cyber Operations Policy (TOP SECRET/NOFORN)
    TOP SECRET/NOFORN PRESIDENTIAL POLICY DIRECTIVE/PPD-20 MEMORANDUM FOR THE VICE PRESIDENT THE SECRETARY OF STATE THE SECRETARY OF THE TREASURY THE SECRETARY OF DEFENSE THE ATTORNEY GENERAL THE SECRETARY OF COMMERCE THE SECRETARY OF ENERGY THE SECRETARY OF HOMELAND SECURITY ASSISTANT TO THE PRESIDENT AND CHIEF OF STAFF DIRECTOR OF THE OFFICE OF MANAGEMENT AND BUDGET ASSISTANT TO THE PRESIDENT FOR NATIONAL SECURITY AFFAIRS DIRECTOR OF NATIONAL INTELLIGENCE ASSISTANT TO THE PRESIDENT FOR HOMELAND SECURITY AND COUNTERTERRORISM DIRE.CTOR OF THE OFFICE OF SCIENCE AND TECHNOLOGY POLICY DIRECTOR OF THE FEDERAL BUREAU OF INVESTIGATION DIRECTOR OF THE CENTRAL INTELLIGENCE AGENCY CHAIRMAN OF THE JOINT CHIEFS OF STAFF DIRECTOR OF THE NATIONAL SECURITY AGENCY SUBJECT: U.S. Cyber Operations Policy (U) This Presidential Policy Directive (PPD) supersedes National Security Presidential Directive (NSPD)-38 of July 7, 2004. This directive complements, but does not affect, NSPD-54/Homeland Security Presidential Directive (HSPD)-23 on "Cybersecurity Policy" of January 8, 2008; National Security Directive (NSD)-42 on "National Policy for the Security of National Security Telecommunications and Information Systems" of July 5, 1990; and PPD-8 on "National Preparedness" of March 30, 2011. (C/NF) I. Definitions (U) The following terms are defined for the purposes of this directive and should be used when possible in interagency TOP SECRET/NOFORN Reason: 1.4 (a) (c) (e) (g) Declassify on: 10/16/37 TOP SECRET/NOFORN 2 documents and communications on this topic to ensure common understanding. (U) Cyberspace: The interdependent network of information technology infrastructures that includes the Internet, telecommunications networks, computers, information or communications systems, networks, and embedded processors and controllers.
    [Show full text]
  • Steganography: Forensic, Security, and Legal Issues
    Journal of Digital Forensics, Security and Law Volume 3 Number 2 Article 2 2008 Steganography: Forensic, Security, and Legal Issues Merrill Warkentin Mississippi State University Ernst Bekkering Northeastern State University Mark B. Schmidt St. Cloud State University Follow this and additional works at: https://commons.erau.edu/jdfsl Part of the Computer Engineering Commons, Computer Law Commons, Electrical and Computer Engineering Commons, Forensic Science and Technology Commons, and the Information Security Commons Recommended Citation Warkentin, Merrill; Bekkering, Ernst; and Schmidt, Mark B. (2008) "Steganography: Forensic, Security, and Legal Issues," Journal of Digital Forensics, Security and Law: Vol. 3 : No. 2 , Article 2. DOI: https://doi.org/10.15394/jdfsl.2008.1039 Available at: https://commons.erau.edu/jdfsl/vol3/iss2/2 This Article is brought to you for free and open access by the Journals at Scholarly Commons. It has been accepted for inclusion in Journal of Digital Forensics, Security and Law by an authorized administrator of (c)ADFSL Scholarly Commons. For more information, please contact [email protected]. Journal of Digital Forensics, Security and Law, Vol. 3(2) Steganography: Forensic, Security, and Legal Issues Merrill Warkentin Mississippi State University [email protected] Ernst Bekkering Northeastern State University [email protected] Mark B. Schmidt St. Cloud State University [email protected] ABSTRACT Steganography has long been regarded as a tool used for illicit and destructive purposes such as crime and warfare. Currently, digital tools are widely available to ordinary computer users also. Steganography software allows both illicit and legitimate users to hide messages so that they will not be detected in transit.
    [Show full text]
  • NSA) Surveillance Programmes (PRISM) and Foreign Intelligence Surveillance Act (FISA) Activities and Their Impact on EU Citizens' Fundamental Rights
    DIRECTORATE GENERAL FOR INTERNAL POLICIES POLICY DEPARTMENT C: CITIZENS' RIGHTS AND CONSTITUTIONAL AFFAIRS The US National Security Agency (NSA) surveillance programmes (PRISM) and Foreign Intelligence Surveillance Act (FISA) activities and their impact on EU citizens' fundamental rights NOTE Abstract In light of the recent PRISM-related revelations, this briefing note analyzes the impact of US surveillance programmes on European citizens’ rights. The note explores the scope of surveillance that can be carried out under the US FISA Amendment Act 2008, and related practices of the US authorities which have very strong implications for EU data sovereignty and the protection of European citizens’ rights. PE xxx.xxx EN AUTHOR(S) Mr Caspar BOWDEN (Independent Privacy Researcher) Introduction by Prof. Didier BIGO (King’s College London / Director of the Centre d’Etudes sur les Conflits, Liberté et Sécurité – CCLS, Paris, France). Copy-Editing: Dr. Amandine SCHERRER (Centre d’Etudes sur les Conflits, Liberté et Sécurité – CCLS, Paris, France) Bibliographical assistance : Wendy Grossman RESPONSIBLE ADMINISTRATOR Mr Alessandro DAVOLI Policy Department Citizens' Rights and Constitutional Affairs European Parliament B-1047 Brussels E-mail: [email protected] LINGUISTIC VERSIONS Original: EN ABOUT THE EDITOR To contact the Policy Department or to subscribe to its monthly newsletter please write to: [email protected] Manuscript completed in MMMMM 200X. Brussels, © European Parliament, 200X. This document is available on the Internet at: http://www.europarl.europa.eu/studies DISCLAIMER The opinions expressed in this document are the sole responsibility of the author and do not necessarily represent the official position of the European Parliament.
    [Show full text]
  • Going Dark: Impact to Intelligence and Law Enforcement and Threat Mitigation
    GOING DARK: IMPACT TO INTELLIGENCE AND LAW ENFORCEMENT AND THREAT MITIGATION Bonnie Mitchell Krystle Kaul G. S. McNamara Michelle Tucker Jacqueline Hicks Colin Bliss Rhonda Ober Danell Castro Amber Wells Catalina Reguerin Cindy Green-Ortiz Ken Stavinoha ACKNOWLEDGEMENTS We would like to first thank the Office of the Director of National Intelligence (ODNI) for its generous funding and support for our study and learning journey to the DEFCON hacking conference. We are also very grateful to the Department of Homeland Security (DHS) for its support during the duration of the program. We could not have completed this study without the unwavering support and dedication of Ms. Bonnie Mitchell, ODNI Deputy National Intelligence Manager for the Western Hemisphere and the Homeland, our devoted Team Champion who steered us throughout this study and helped turn an idea into a product. We would like to acknowledge and thank each member of our public-private sector working group for their tireless efforts from around the U.S., which includes Krystle Kaul, G. S. McNamara, Michelle Tucker, Jacqueline Hicks, Colin Bliss, Rhonda Ober, Danell Castro, Amber Wells, Catalina Reguerin, Cindy Green- Ortiz and Ken Stavinoha. We are very thankful for all the unique insight we received from interviewees who contributed to this report by educating our group on the many aspects of ‘going dark,’ and we take full responsibility for any and all errors of fact or interpretation implied or explicit in this paper. Our interviewees include the Village sponsors at DEF CON, private sector industry experts and government officials. We are thankful for the interesting and diverse perspectives particularly from senior government officials and private sector experts.
    [Show full text]