Lawful Intercept - some additional problems

A survey of lawful intercept (for both analog telephony and VoIP) can be found in Romanidis Evripidis’s thesis: Lawful Interception and Countermeasures: In the era of Internet Telephony [Evripidis 2008]. He points out a problem for key escrow in that the law enforcement agency can fabricate evidence - once they have the key!

A key escrow system for minisip with countermeasures for fabrication of evidence (based on the idea proposed in the above thesis) as been implemented in:

Md. Sakhawat Hossen, “A Session Initiation Protocol User Agent with Key Escrow: Providing authenticity for recordings of secure sessions”, [Hossen 2010]
Muhammad Sarwar Jahan Morshed, “Voice over IP and Lawful Intercept: God cop/Bad cop” [Morshed 2010]

Slide Notes

Romanidis Evripidis, Lawful Interception and Countermeasures: In the era of Internet Telephony, Masters thesis, Royal Institute of Technology (KTH), School of Information and Communications Technology, Stockholm, Sweden, COS/CCS 2008-20, September 2008 https://urn.kb.se/resolve?urn=urn%3Anbn%3Ase%3Akth%3Adiva-91683 Links to an external site.

Md. Sakhawat Hossen, “A Session Initiation Protocol User Agent with Key Escrow: Providing authenticity for recordings of secure sessions”, Masters thesis, Royal Institute of Technology (KTH), School of Information and Communications Technology, Stockholm, Sweden. TRITA-ICT-EX-2010:1, January 2010 https://urn.kb.se/resolve?urn=urn%3Anbn%3Ase%3Akth%3Adiva-12143 Links to an external site.

Muhammad Sarwar Jahan Morshed, “Voice over IP and Lawful Intercept: Good cop/Bad cop”, Royal Institute of Technology (KTH), School of Information and Communications Technology, Stockholm, Sweden, TRITA-ICT-EX-2010:28, February 2010, https://urn.kb.se/resolve?urn=urn%3Anbn%3Ase%3Akth%3Adiva-24260 Links to an external site.

Transcript

[slide392] Well, there's this marvelous paper that came out a number of years ago about something that occurred in Greece. And that was, anyone recall what happened? Around the time of the Olympics in Greece? Well, it turns out that about 100 of the top people in the Greek government were being wiretapped by some unknown party. And any time anyone called them, that information about the call was sent to someone else. And the contents of all of their calls were also delivered to other places. And Vodafone, which ran the telephony network that was being used for this, had not bought Lawful Intercept for their system in Greece because Greece didn't require it at the time. But the vendor of the equipment had built in Lawful Intercept because it was a requirement in many other markets. So what did Vodafone and Greece get? They got an exchange with Lawful Intercept running inside, but no user interface. What did the attackers do? The attackers went in, activated the Lawful Intercept, proceeded to tap all of these calls, and because these people didn't have a user interface, they couldn't even see that the Lawful Intercept functions had been enabled. Until one day, one of the technicians was trying to install a software upgrade into the switch, and it said, no, you can't do that because Lawful Intercept is enabled. And they said, what? We never turned it on. We never bought Lawful Intercept. And then they made a tragic mistake. What did they do? They rebooted the switch, which threw away all the evidence because all of the changes were made, yes, just in the running system. So immediately they lost the ability to do forensics on, hey, who had set this up and what was going on. It also turns out that the physical access to these sites, yes, they logged all the people coming and going from them, but they used circular log files. And by the time anyone knew what was happening, yes, the log files had overwritten themselves, so they couldn't find out who had managed to attack the system. So a student, Romanidis Evripidis, wrote a very interesting Master's thesis where he looks at Lawful Intercept and countermeasures, and one of the things he points out that it's really important that you have key escrow. Such that the law enforcement agencies can't fabricate evidence. The problem is, if law enforcement has the key, they can not only decrypt the contents of the media, but they could make the contents if they wanted. That was a very important observation. Then later, Mohammad Sakhawat Hossen wrote a thesis on how can you provide key escrow. And then Sarwar Jahan Morshed wrote a thesis called "Voice over IP and Lawful Intercept, Good Cop, Bad Cop". And he shows how you can provide both the key that will let you decrypt the media contents, but protect it from being modified without being detectable. And this is a very, very, very cool thesis. And why is it so cool? Because it rebalances it. We should have protection, even against bad cops.