Index The Garwin Archive




Nature and Magnitude of the

Computer Security Problem, and

Tools for its Solution

by

Richard L. Garwin

Senior Fellow for Science and Technology
Council on Foreign Relations, New York

and

IBM Fellow Emeritus
IBM Research Division
Thomas J. Watson Research Center
P.O. Box 218
Yorktown Heights, NY 10598

Tel: (914) 945-2555
FAX: (914) 945-4419
Email: RLG2 at watson.ibm.com

(also
Member National Academy of Sciences
Committee on International Security and Arms Control
and
Adjunct Professor of Physics,
Columbia University)



November 18-20, 1998

Amaldi Conference

Moscow, RUSSIA


X315NMCS111198NMCS Draft 311/16/98

THE PROBLEM.

Over the last ten years, the modern computer has become widely available, largely without restrictions, and priced so that it can be afforded by business and individuals throughout much of the world. There has as a result emerged not a truly "machine intelligence" in contrast with human intelligence, but an informal system in which the performance of an individual computer (even those not linked to the rest of the world by a computer network) is enormously magnified by the availability of programs (software) and hardware, almost none of which is provided by the computer user. The computer is built with largely interchangeable "commodity" parts from low-cost producing areas of the world, together with microprocessors available from a relatively few companies such as Entel and American MicroDevices (AMD) or IBM in the United States, and its ability to do anything depends upon a complex operating system such as Windows 95 supplied by Microsoft, the MacIntosh operating system (MacOS) of the Apple Corporation, or more open systems such as Unix or Linux which are the result of contributions of many independent groups. Added to the basic software are intermediate "utility programs" and "application programs" sold by many firms which provide the computer with the ability to do complex word processing, spreadsheet, graphic applications, data retrieval, and a myriad of other functions.

All of these program and hardware, from many sources, provide an opportunity for a third party (other than the computer user and the suppliers) to disrupt the operation of the computer, destroy data, or threaten to do so.

Although the possibility of such disruption is real, the benefits to the disrupter are highly limited. Nevertheless, a computer "virus" can be acquired with a bit of software on a floppy disk, and can cause problems envisaged by the individual who wrote the virus. Hundreds of viruses are known, and their existence has given rise to a sector of the software market to provide anti-virus protection.

The computer virus is a tiny bit of command language that, once incorporated into an executable or "command" file on the computer can turn off the display, turn it blue, erase all or selected files, or perform some other specified act. And it can do this when it is first activated or at some later time, according to the date. The virus is typically created by a computer "hacker", simply for the thrill or empowerment that it gives him or her. The 21-page special report by Carolyn P. Meinel and others, from the Scientific American of October 1998, "How Hackers Break In - Keep Networks and Data Safe from Internet Spies" gives an excellent description of the computer security problem.

Linking a computer to a network increases its vulnerability and in addition provides a whole new set of incentives for tampering with the computer. Now the computer not only transforms information, but it receives and transmits information. The computer in an automated teller machine (ATM) typically verifies the account status of a client presenting a magnetic-stripe card, and then dispenses cash on demand. Such a machine may contain $200,000, and it would be a lucrative target for thieves to be able to command the ATM over the telephone line to dispense cash. This could be done, in principle, by simply recording the commands that have been used previously for authorized transactions, except that even a small amount of foresight recognized this potential problem and closed this approach.

On a larger scale, computers have for decades been used to command transactions in the billions of dollars, as in the Federal Reserve bank system in the United States. For 20 years these non-military transactions have been maintained confidential and protected against interference by the use of the Digital Encryption Standard (DES) algorithm that uses, effectively, a 56-bit secret key, shared by the two parties to a transaction or by an entire network of computers. According to Moore's Law by which the number of transistors on a chip doubles every 18 months (and the speed of computation increases somewhat more rapidly), a 56-bit key in 1998 provides similar security to that of a 42-bit key in 1978. In fact, the situation is even less favorable for security, because the number of PCs has exploded, and they are readily linked by the thousands or even ten thousands to work on such problems in their spare time.

Other papers in this session of the 1998 Amaldi Conference describe the use of triple-DES, and more secure algorithms than 56-bit DES will be chosen by the U.S. government in the next year or so to replace DES for such non-military confidentiality purposes.

In addition to obtaining money, interference with computer networks could be used for terrorist or military purposes-- to shut down an air transport system, a public water supply, a power grid, and the like. Such interventions could expunge criminal records, or further the aims of anarchists. And experience shows that such interventions can be used for blackmail, whether on computer networks or stand-alone computers. Disgruntled employees or providers of contract programming can interfere with computers that are the backbone of a business in order to extort money.

"Information warfare", InfoWar, or "information operations" all refer to the augmentation of normal warfare by information operations that make use of the insecurity of computers and computer networks. That this is no minor matter may be inferred from a public speech by Dr. John Hamre, Deputy Secretary of Defense at the Council on Foreign Relations, June 5, 1998.(1)

"Now what all these examples effectively mean is that a foreign country with hostile intent can easily penetrate America's infrastructure by setting up subsidiaries in the United States.

"The third development I would like to talk about is the maturing information technology being used as a primary control for physical and business processes. I do not think any of us has appreciation of how pervasively this technology has come to dominate the business and social life in this country. Every infrastructure in this country effectively is controlled today by remote computer control systems. They're called SCADAS, Supervisory Control and Data Acquisition Systems.

"Microprocessors control valves and switches, irrigation pumps, traffic flights, pumping stations, you name it. All are being controlled largely by these SCADAS systems. We have had SCADAS systems for sometime. What has been more remarkable during the last 10 years is the way that companies, in order to minimize costs, have abandoned the unique proprietary telecommunications systems they used to link up their sensors, their control devices, and have adopted an Internet basis to connect them, instead. Right now, many utility companies in this country are largely controlling sensitive measuring devices and control devices through the Internet, and virtually none of it is encrypted.

"We ran an exercise in the Defense Department a year ago called Eligible Receiver, where we tried to test whether or not we were susceptible to computer attack. We assigned the task to 35 guys at the National Security Agency. They were given money to buy computers from a commercial store and told to set up their own commercial access through an Internet provider. They were given no special tools. The only software they were allowed to use was software they could either buy off of the shelf or download from the Internet. They were given only three months to do what was effectively an electronic surveillance of the country. It was, in essence, an off-the-shelf attack.

"We did not let them bring down the electric grid in the country, but they proved they could do it. We did let them attack the telecommunications system that is the backbone for the Department of Defense, and it was frightening. The bottom line to all of this is that America's infrastructure is wide open to disruption, increasingly connected to the Internet, and connected to a technology for which there is no embedded security.

"Let me draw these three different dimensions together and pose some observations - I firmly believe that the next decade poses some unusual national security challenges much different in scale and in sweep than those in our planning. They are caused by the deep economic forces that are afoot in this country. Our very economic productivity is creating our vulnerability. You cannot wish this problem away. You cannot wish the clock back. You cannot stop the remarkable engine of productivity that is driving this economy. Yet, I do not believe we can proceed without thinking this through very, very carefully as a Department and, frankly, as a country.

"When small countries or small groups of people can effectively wage war against the most powerful country in the world, we face a serious future, and we have to do something about it.

"I fear that the American government right now can scarcely cope with this challenge. Politics in Washington remains profoundly parochial at a time when America's security challenges are astoundingly international. A simple allegation of impropriety by a company launching satellites brought forth five amendments that could well become the law of the land, and that would prohibit us to export satellites at all to China ever again. if one company allegedly violated export controls, all companies are to be punished. We are wrestling with profound limitations because the parochial nature of our system is wrestling with and struggling with international challenges. That is part of the reason I wanted to come up and talk to you.

"The forces that I have described are so sweeping that they transcend the structure of the executive branch of the government.

"We have spent the last two-and-a-half years trying to come to grips with an encryption policy and we have not been able to succeed. It is not any better up on Capitol Hill. There are 15 separate committees that claim jurisdiction over the encryption issue. We are making little progress dealing with such complex problems."

Similar comments are made by U.S. Director of Central Intelligence, George J. Tenet.

Lou Gerstner, Chairman and CEO of IBM, notes that "In retail banking, a transaction with a teller at a bank counter costs about a dollar; by telephone it's about $0.50; at an ATM it's $0.25; but over the Internet, it is only $0.13." And he goes on, "Industry can't deny that criminals will use the tools we create. Crooks and terrorists today use FAXes and phones and the mail; why not the Web and encryption? There is a clear need for solutions that allow law enforcement agencies to do their job. One solution backed by IBM and others is called "Key Recovery." It's a tool that allows customers to retrieve lost keys to encrypted data. Keys can be lost through employee absence, error, or breakdown, or even sabotage. If we allow this market-driven tool to take hold, it can do the same for law enforcement and intelligence agencies."

It is striking that no overall solutions to the computer security problem seem to have been offered, although there are elements available. Clearly, "strong encryption" (or strong enough, in any case) is essential for confidentiality of the information being transferred over telephone lines or public-use networks, and also for authentication and other important functions. But strong encryption available to everyone runs counter to the legitimate interests of law enforcement, in which citizens have given up some rights to their government in order to obtain the protection of laws against criminal activities. In the United States, for instance, it is illegal for an unauthorized third party even to listen to a telephone conversation carried on wire lines; and it is illegal for a third party to make use of information obtained from a cellular phone transmission, although not illegal to listen. No similar structure of protection exists for electronic data communications, and certainly not for those that are carried on the Internet. It is for this reason that encryption (for confidentiality) assumes such great importance.

In preparation for the Moscow Summit of summer 1998, a preliminary draft was provided on behalf of President Yeltsin for a proposed joint statement regarding information resources, proposing, among other matters,

"- Defining the world community's general views on the problems of possible use of information technologies for military purposes as weapons, and also to agree on a single understanding of the potential threats in this sphere and possible measures for preventing them.

- Defining the concepts of "information weapon," "information warfare," and other hostile or unauthorized actions directed against information resources.

- Considering the factor of possible use of information technologies for improving existing weapon systems and creating new ones when international talks are held on reducing conventional and nuclear arms and maintaining strategic stability.

- Exploring the advisability of creating an international system (center) for monitoring the threats associated with information security.

- Bringing the issue of global information security to the attention of the UN and other major international fora, in order to work out a regime, based on international law, for preventing the development, production, and use of particularly dangerous forms of information weapons.

- Developing an international multilateral treaty on combatting information terrorism and crime."

The draft also proposed the holding of a World Forum, possibly in Moscow in 1999, to provide a portion of an "appropriate joint assessment by the entire world community."

THE SOLUTION?

As indicated by Secretary Hamre, the United States government has not in itself managed to compromise the interests of the various elements-- commerce, law enforcement, intelligence, and certainly has not reached a compromise that is satisfactory to those in the American public concerned with efficiency, economy, and privacy. It is clear, however, that strong encryption is an element of any possible solution, although many countries (including Russia, according to a decree signed by President Yeltsin in 1995) ban or limit the use of encryption.

Let us be optimistic and assume that the interests of business, privacy, and law enforcement can be addressed in a grand compromise (which we do not detail here), and that those of foreign intelligence will weigh less in such a decision. What would be the nature of a secure computer system? Such a system would rely on and build from a core of "trusted" components. I find one element of such an approach in the IBM Cryptographic Coprocessor.(2) Such a secure cryptographic coprocessor, protected from physical or information attacks, can in principle be used as the foundation of a secure computing system. This would be one in which all information is stored in encrypted form on untrusted hard disks. But displays provide access to unencrypted information.

Computers and computer systems must be made secure against information attacks over the normal communication channels, but attention must also be paid to users and employees who, after all, have access to all the information for which the system is created.

Here we simply contemplate a system in which isolated islands of computers are secured using a cryptographic coprocessor, and in which every communication over the insecure network is strongly encrypted. Such an approach would solve a lot of the current problems of computer networks, but it would still not prevent interference with the proper functioning of a network.

For instance, recently a computer network was temporarily inhibited by receiving 40,000 copies of a perfectly legitimate file from an individual without evil intent. It is certainly possible to overwhelm "routers" or other elements in the network by sending messages. If all messages must be encrypted, it requires minimal effort for the router to discard a message that is not properly encrypted, but the bandwidth of the communication channel can still be severely limited in this way.

It is interesting to note that my inquiries have turned up no formal offerings for secure information networks, and this is something for which there is a growing awareness of the need in business and government.

CONCLUSION.

National and corporate leaders should pay more attention to solving the problem of computer network vulnerability. It will be necessary to sacrifice some of the performance of the network in order to improve its security. Such a trade-off has already occurred on a vast scale in the use of complex and burdensome operating systems that very much reduce the raw power of the computer but provide greater accessibility and flexibility.

Among the approaches to improving integrity and security would be inquiry by boards of directors of corporations and by stockholders.

It might also be useful to encourage insurance against losses due to network insecurity; the cost of such insurance would be lower for firms that had taken appropriate measures to reduce their vulnerability.

This is clearly a field with more problems than solutions at present, but timely for discussion at this conference.

----------------
  1. http://www.foreignrelations.org/studies/transcripts/hamre.html.
  2. http://www9.s390.ibm.com/products/oem/crpyto.html. This is a PCI-bus card that contains a general purpose 486-compatible microprocessor that stores keys, provides secure encryption both with DES and RSA processing (1024-bit private key, with capability to 2048 bit). This IBM 4758 PCI Cryptographic Coprocessor has 4 MB of RAM and 2 MB of flash memory. The description notes "Another battery-powered RAM memory stores critical security parameters that are zeroized (set to zero) upon detection of physical penetration, temperature, radiation, or voltage attacks".

    Under U.S. export control requirements, various cryptographic coprocessor support program features can be downloaded from the Internet, with an appropriate key to unlock the permitted functions.

    Discussion and background for the Cryptographic Coprocessor can be found in Sean W. Smith, "Secure Coprocessing Applications and Research Issues," Los Alamos Unclassified Release LA-UR-96-2805, August 1, 1996 (available at http://www.c3.lanl.gov/cic3/pubs/pubs/teams/Security.shtml), and in IBM Research Report RC 21102 by Sean Smith and Steve Weingart, "Building a High-Performance, Programmable Secure Coprocessor," 19 Feb. 98 (available at http://www.ibm.com/security/html/wp_hp.html).

X315NMCS111198NMCS Draft 311/16/98