Claudia Diaz just forwarded an email by Eric Rescorla pointing to an article in Wired describing how the FBI has been gaining access to telephone traffic data without a warrant. A saucy exerpt:

The revelation is the second this year showing that FBI employees bypassed court order requirements for phone records. In July, the FBI and the Justice Department Inspector General revealed the existence of a joint investigation into an FBI counter-terrorism office, after an audit found that the Communications Analysis Unit sent more than 700 fake emergency letters to phone companies seeking call records. An Inspector General spokeswoman declined to provide the status of that investigation, citing agency policy.


The message was sent to an employee in the FBI’s Operational Technology Division by a technical surveillance specialist at the FBI’s Minneapolis field office — both names were redacted from the documents. The e-mail describes widespread attempts to bypass court order requirements for cellphone data in the Minneapolis office.

Remarkably, when the technical agent began refusing to cooperate, other agents began calling telephone carriers directly, posing as the technical agent to get customer cellphone records.

The interesting point here is how agents seemed to have been abusing the lawful access process, by pretending to be a colleague with legal authority, in order to get out of phone companies either records of calls and locations of phone, or surveillace equipment to be turned on. A similar scandal had broken out in Chicago back in 2006 when it became known that insiders in phone companies have been selling phone records to the FBI as well as private entities: the police was then concenrned that such information may be used by the mob to out informants.

Researchers in the Privacy Technology field have for a long time warned that services collecting and keeping personally identifiable information may face hidden costs down the line — in case the data gets compromised! If those in charge of procurement took this risk into account, then they would start finding Privacy-friendly technologies, that cost more upfront, cheaper in the long run. This would be true, even without taking into account abstract costs such as reputation loss, resulting from unauthorised access.

For a long time this theory went untested, but one case has emerged that puts a value on this risk. As an article from Infosecurity reports on the 17th December: the UK’s Financial Services Authority has fined life assurance company Norwich Union Life £1.26 million ($2.54m, €1.77m) for “not having effective systems and controls in place to protect customers’ confidential information and manage its financial crime risks.” (Emphasis added.)

This is a lot of money, and it would have been even more (NU got a 30% discount) if the building society had not fully cooperated from the start of the investigation. Given that in today’s world the probability of compromise of non protected information is very high, this gives us an estimate on how much NU, should have spent on Privacy Technologies, to ensure they can conduct their business without collecting much data as well as better protecting the data they collect.

Incidentally, and more related to traffic analysis, another branch of Norwich Union runs wide-scale trials for Pay-as-you-drive insurance. They better take note of what happened to their sister company, and change their technical infrastructure to something more privacy friendly: right now they simply collect and store the full location over time of all insured vehicles. Some colleagues any myself have written about a detailed architecture to provide the same functionality without the collection of such data:

Troncoso, C., Danezis, G., Kosta, E., and Preneel, B. 2007. Pripayd: privacy friendly pay-as-you-drive insurance. In Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society (Alexandria, Virginia, USA, October 29 – 29, 2007). WPES ’07. ACM, New York, NY, 99-107. DOI=

A fascinating article was published on the New York Times:

Wider Spying Fuels Aid Plan for Telecom Industry by Eric Lichtblau, James Risen and Scott Shane (16 Dec 2007)

Amonst other things it describes how telcos have been collaborating since the 90s with the US goverment to provide inteligence in the “war on drugs”. Some traffic analysis related snippets:

“In the drug-trafficking operation, the N.S.A. has been helping the Drug Enforcement Administration in collecting the phone records showing patterns of calls between the United States, Latin America and other drug-producing regions. The program dates to the 1990s, according to several government officials, but it appears to have expanded in recent years.”

 Another interesting passage relates to the economics of attack vs defence in computer security: if the govenment seeks to achieve security through surveillance, then it has to promote vulnerabilities in the infrastructure:

“The same lawsuit accuses Verizon of setting up a dedicated fiber optic line from New Jersey to Quantico, Va., home to a large military base, allowing government officials to gain access to all communications flowing through the carrier’s operations center. In an interview, a former consultant who worked on internal security said he had tried numerous times to install safeguards on the line to prevent hacking on the system, as he was doing for other lines at the operations center, but his ideas were rejected by a senior security official.”

Similar mechanics might have led to the greek interception scandal.

I was kindly invited by Peeter Laud and Jan Villemson to teach part of the Tartu University course on cryptographic protocols. The theme chosen for the 6 hours of lectures was “Identity and Anonymity“.

 It started with an introduction to authentication protocols, illustarted by the state-of-the-art Just Fast Keying, an authenticated Diffie-Hellaman with DoS protection and privacy, as well as the PAK protocol for authenticated key exchange using a short password (like a PIN). The second 1.5 hours of the lecture series went into the technical details of Brands anonymous credentials, building from simple zero-knowledge protocols, such as Schnorr identification, all the way to how to prove a that a set of linear relation holds on some attributes.

  • Lecture notes on authentication protocols and anonymous credentials (PDF, PPTX)

The second half of the lecture series (3 hours) was devoted to anonymous communications — my pet subject. It contained a review of the Dining Cryptographers protocol for unconditional anonymity, as well as the basic mix constructions to build practical systems. It also described how onion routing works as well as how to measure anonymity and the basics of disclosure attacks on repeated communications.

  • Lecture notes on anonymous communications and traffic analysis (PDF, PPTX)