July 1999

SOLVING THE SECURITY PUZZLE

BY DOUG MCGOWAN

We have all been romanced by a vision of seamless mobile connectivity: a businessman accesses his e-mail, holds voice meetings, and performs financial transactions from a wireless device while moving from London to Paris to Tokyo. Back at the office, he taps into a voice-over-IP (VoIP) network that is saving the firm thousands of dollars over its previous leased lines. And the telecommunications service provider is profiting from the numerous value-added services that this mobile professional and his employer now consider essential.

That vision is far from today's reality. While VoIP is slowly extending its reach, the seamless integration of business-critical services over mobile devices is largely unrealized. While some issues are cost-related, reliable security is the single largest barrier to gatekeepers successfully delivering secure communication to their mobile customers. It is no longer adequate to simply protect a device from fraudulent charges; gatekeepers must protect what is transmitted through that device, whether it is sensitive voice communication among business associates, financial transactions between banks and their mobile customers, or the secure download of valuable content.

THE ENCRYPTION PUZZLE
Encryption technology lies at the heart of this security challenge. Encryption — the method used to scramble voice and data so that it is unintelligible to outsiders and cannot be intercepted or copied — is the fundamental building block of any reliable security solution. Many IT managers have become frustrated at the prohibitive costs of devices, management infrastructures, and personnel demands that they have encountered when attempting to implement VoIP security. Other IT customers, realizing the drawbacks of in-house implementations, have demanded that their VoIP service providers offer a security guarantee before they will entrust the valuable data of their businesses over the network. At the same time, the companies who are essential to the future of mobile telecommunications’ value proposition (e.g., financial institutions, airline companies, and content providers) will not open their networks to mobile users unless they can thwart hackers and can reasonably protect themselves from attacks and fraud.

Telecommunications companies are faced with two considerable obstacles related to encryption technology:

1. Numerous government restrictions on encryption export across international borders,
2. The limitations of current encryption technology itself.

Currently, U.S. technology manufacturers are not permitted to freely export strong encryption (128-bit key encryption algorithms) to telecommunications companies overseas. Most industrialized countries who have adopted a common set of rules for export known as the Waasenaar Arrangement (23 countries in total) have agreed to control the export of cryptographically capable products as well.

Many international telecommunications consortiums, such as the European Telecommunications Sys-tems Institute (ETSI), have added further restrictions and regulation to gatekeepers’ use of encryption. Because of these legal restrictions and industry regulations, most gatekeepers are using weak encryption (56-bit key lengths or weaker) for their customer’s needs. This level of encryption has proved to be easily broken.

Government control over encryption arises from the needs and challenges of law enforcement and national security agencies. Many investigations rely on intercepted voice and data transmissions to capture and prosecute organized criminals, narcotics traffickers and even terrorists. Powerful encryption technology, while protecting the security needs of law-abiding mobile users, could also be used on a large scale by criminals to avoid law enforcement. Sophisticated encryption technology in the hands of a rogue government could also present additional national security concerns for government intelligence agencies. These overriding concerns have helped to shape the highly restrictive export policies among many developed nations today, including the United States.

These policies apply to any encryption-enabled product, including a wide range of hardware and software. This is a major source of contention within a broad cross-section of high-tech industries that are dependent upon encryption technology for legitimate commercial data privacy and security uses. Concerned with the threats this policy poses against consumer and individual privacy, interest groups such as the Electronic Frontier Foundation and the Electronic Privacy Information Center have also voiced strong public protest.

For telecommunications companies, the encryption challenge is just as problematic. Under U.S. export regulations, in some cases, voice traffic is treated differently from data and may not be afforded the same export decisions, even when the voice traffic is traveling over Internet lines (IP). In Europe, customers are able to use stronger encryption within their own countries as a result of cooperation in ETSI. For example, the ETSI has provisions for Authentication Centers for use with the European dominant mobile phone standard (GSM) that will ensure all mobile communication can be encrypted according to local regulation. However, even European countries have some forms of restriction on using encryption across international borders, preventing true mobility.

HARDWARE MAY BE THE SOLUTION
In addition to the legal problems related to export and in-country communication, gatekeeper encryption technology is inherently vulnerable today because it typically resides in firmware, also known as embedded software. Software products, while usually easy to install and maintain, are open to attack by hackers around the world because of the interconnectivity of systems designed with various levels of security protection.

Operating systems, for example, were designed as open platforms for data, resource sharing, and networking, making them very vulnerable to malicious code-like viruses and hostile attacks during communication. The rush to develop or update an operating system — even if it is initially designed with security in mind — often results in security holes in the software as well, which are not easily detected yet create dangerous backdoors that undermine strong security.

Most robust security software solutions that use intrusion detection to combat the holes in a system are unsuitable for use by mobile phones and other portable devices, since they require intelligent support from the kernel services to operate effectively. Software encryption has the same potential drawbacks as operating systems, but recent developments in dynamic software verification like secure applets increase the trust of mobile code.

For encryption to provide an adequate base for overall security, it must provide the following critical services:

• Integrity. It will not change or lose information while stored or in the transmission.
• Availability. It will scale to meet the demands of high-traffic periods without compromising performance.
• Authentication. It will provide a guarantee that the parties exchanging information are who they say they are.
• Confidentiality. It will protect the privacy of the information from unwanted interception.
• Digital signature. It will give the information transmitted or stored a unique identity that authenticates its originator.

There is no current security solution available for the mobile market that provides all of these encryption-related strengths to a degree where they cannot be broken and can be utilized across borders.

Some technology executives have predicted a secure Java-based operating system for the mobile market, since Java can scale down to a size that makes mobile use possible. However, like other operating systems, Java-based systems have some inherent vulnerabilities due to the nature of software. Software also uses up CPU cycles while executing the complex mathematical algorithms inherent in encryption, resulting in performance that is too slow for many VoIP demands. Hardware-based encryption is executed with a dedicated processor instead of the main CPU resources, making it much faster, more powerful, and more secure. But current encryption hardware options are expensive add-ons that are cumbersome to install and maintain.

For secure point-to-point communication to be realized, encryption must be built into gatekeepers’ hardware infrastructure and the devices that their customers use every day. Many telecommunications providers already use point-to-point encryption hardware in their VoIP infrastructure, although the costs of maintenance and management can be prohibitive. On the customer side, there is some encryption capability built into the SIM cards of GSM standard phones. But U.S. AMPS (advanced mobile phone system) standard phones have no built-in encryption capabilities. Most experts agree that until there is a workable way to build security into mobile devices and the infrastructure that supports them, there will never be the level of trust required for electronic business (see sidebar).

WHAT’S NEXT?
As IP-based communications move toward the end-to-end security paradigm, gatekeepers will support entirely new types of services beyond what they are able to do today. Many of these opportunities will offer significant revenue potential as well. Business customers will be much more willing to make the transition to VoIP if the technology is proven to be as secure as traditional wired communication over leased lines.

Such a transition opens a number of additional opportunities for providers. Many corporations will choose to outsource their VoIP security for a monthly fee, which provides an additional revenue stream. In addition, the opportunity to provide secure e-mail, faxes, audio conferences, and even enterprise resource planning (ERP) applications internationally would place mobile communications companies at the heart of electronic business.

Mass market consumers might offer an even greater revenue opportunity because of the numerous services they could access through mobile devices — on-the-go banking, real-time stock trading, download of subscription news, and even software or music purchases could be conducted securely through IP-based technology. The opportunity for telecommunications companies to participate in revenue-sharing agreements or increase subscription fees for the significant increase in value-added services is enormous.

The potential for VoIP and mobile communications is undeniable. But first, reliable, high-performing, and seamless security must be in place. Since international controls on encryption are unlikely to disappear overnight, the onus is on industry leaders and consortiums to find a workable solution. New innovations are already arriving in the marketplace; someday soon, the vision of seamless mobile communication will be a reality.

Doug McGowan is general manager of Hewlett-Packard’s VerSecure operation. The VerSecure security management framework is the only strong-encryption technology without mandatory key recovery that may be exported from the United States without additional limitation on end user or intended use. McGowan serves on the President’s Export Council Subcommit-tee on Encryption and is recognized as an expert in Internet security.

Encryption is the scrambling of data into an unreadable form so it remains hidden from anyone other than the intended recipient. Decryption is the reverse of this process: the transformation of encrypted data back into an intelligible form. Encryption and decryption rely on the use of a key, which is used to lock a string of characters fed into a complex mathematical formula that converts messages into scrambled “ciphertext.” The level of security obtained is proportional to the key length (also known as the entropy) — the longer the key, the more difficult it is to uncover its identity.

The most widely used encryption algorithms are: Data Encryption Standard (DES), a secret key encryption technique developed by IBM in 1974; RSA Data Security’s public key encryption technique (RSA), on which a patent was issued in 1983; and Digital Signature Standard (DSS), which was developed by the National Institute of Standards and Technology (NIST) in 1991. Some message encryption algorithms can be used in “key recovery” forms in which a key is available in a repository, accessed only by legally authorized persons (such as law enforcement). Key recovery enables authorized parties to decrypt suspicious messages, files, and communications.

With DES, the sender and receiver of the message know and use the same key to encrypt and decrypt the message. In contrast, RSA uses two keys, a public and a private key — a public key can be used by anyone to scramble a message, while a private key is held by an individual and enables only that person to decrypt messages coded with the corresponding public key. An application of the public key/private key property is seen in digital signatures — electronic signatures that cannot be forged and that authenticate the message sender and receiver simultaneously.

Another variation on DES is triple-DES. Triple-DES is a popular and very strong encryption method used to protect and transport valuable information, such as a key, by encrypting it three times with either two or three different keys. Because of its strength, the United States and other countries restrict the export and use of triple-DES to a double key encryption.

Hewlett-Packard Company’s VerSecure security management framework was first unveiled in 1998 as a potential answer to gatekeepers’ primary security challenge: delivering the strongest available security to customers without running afoul of domestic and international law.

VerSecure has received unprecedented export approvals by the U.S. Department of Commerce to be built into virtually any hardware device — including PCs, laptops, set-top boxes, and cellular phones — despite the fact that VerSecure includes 128-bit strong encryption and triple-DES encryption. It remains the only strong encryption technology approved for export without limitation on end user or end use.

The technology achieved this unique approval due to its policy-management approach to the encryption problem. VerSecure’s encryption is dormant when it is shipped, and it can therefore be built into computer devices one time and distributed worldwide. The VerSecure framework provides devices with hardware-based strong encryption that cannot be hacked, a common problem with software-based encryption. Key recovery is an option, but it is not required.
Once the device is in the hands of a customer, the encryption can be activated by a trusted third party (such as a bank or telecommunications company) in accordance with local laws and the customer’s preferences. In this activation process, the customer’s device automatically downloads a policy that ensures it complies with local encryption laws. It also enables the device to update its policies based on legal changes or, in the case of cellular phones, even based on the user’s current location.

The VerSecure framework is one of the first industry efforts to develop a low-cost, point-to-point, strong security solution that is invisible to the user while addressing the reality of international export laws. It is still in its earliest stages of deployment. While built-in, hardware-based encryption has well-recognized advantages, the deployment timeline for hardware devices is dramatically longer than software-based solutions.

Any workable solution for secure electronic communication will take commitment from a wide array of industry players, including chip companies, computer and mobile device manufacturers, software firms, and telecommunications providers, to make built-in security that can be used across borders an established reality.