If used as part of computer security planning system, encryption
software can ensure that email messages will not be overheard,
intercepted, altered or otherwise misused
Email v. snail mail
Increasingly, electronic information processing and communication
is replacing paper in many applications. A decade or so ago, the
fax machine was used primarily by large law offices and a few other
professionals. Today, the fax machine is a tool that most
businesses require just to compete and a machine is frequently
found in the homes of individuals. Email appears to be moving along
a similar path and is becoming a mainstream business tool. Although
email did not originate in the law office, it is beginning to find
a home there. Widespread electronic document distribution,
including multimedia messages, is in the foreseeable future. Once
available, this application seems likely to affix itself widely and
deeply into the practice of law. The Internet, the backbone of
wide-area electronic mail communications, is growing at the
phenomenal rate of 13 to 20 per cent each month.What advantages of
electronic communications fuel this rapid switch from paper-based
communications? First, there is the speed. Electronic messages move
at the speed of light while paper moves at the speed of the postal
service. From the earliest days of the Internet, conventional mail
has been referred to as "snail-mail." Second, there is a cost
advantage. Faxing a single page document across the country costs
at least as much as a first-class stamp. Email can send about 100
pages, quicker, for the same amount. Next, the storage space for
archiving electronic documents is a tremendous advantage,
particularly to the small practitioner who keeps a sharp eye on
office overheads. An 8mm tape cartridge that costs around £10 and
is the size of an audio cassette can store 10 gigabytes (10 billion
bytes) of data, the equivalent of 10 million pages of text. The
savings in floor space and file cabinets alone is astounding.
Electronic mail and other documents can be accessed more rapidly
and accurately than paper documents. While the contents of the
document are reviewed on-screen or printed onto paper, the original
remains safely filed away on disk where it is less vulnerable to
misfiling or loss. This access can be "content-based" as well.
Searches for all documents of a certain content can be completed
and the information retrieved in seconds. Similar paper searches
may not be practical at all. Further, while each copy of a paper
document is degraded somewhat, a copy of a digitally stored
document is indistinguishable from the original. Thus, the
reproducibility of electronic documents is superior as well.
Finally, the convenience of typing correspondence and having it
appear at its destination seconds later has an infectious appeal as
well. Once accustomed to communicating by email, other modern forms
of communications may seem plodding in comparison. Messages appear
magically in the "in box" of a client, co-counsel, opposing
counsel, consultant, or even the court, seconds after being sent.
In some systems, even a "return receipt" is generated. Email
messages may be forwarded, stored or replied to with the touch of a
button. With the multiple-addressing capability of email, sending
messages to several people is almost as easy as to a single
recipient. Email is arguably the most efficient means of
communication yet devised by humans, with the possible exception of
gestures.So, what could be the problems with a tool that has such
powerful advantages? Seasoned "netlawyers" need no warning about
the party-line communications over the Internet. However, the
average, unsophisticated email user is blissfully unaware of the
potentially serious problems existing with communications over a
far-flung computer network. The principle problem is privacy or,
actually, a lack of privacy. There have been some notorious and
embarrassing situations involving email messages that were thought
to be private and untraceable. There is controversy about employer
monitoring of employee email and the need to balance employee
privacy against the needs of corporate, or even national, security
interests. These problems are real, but to the extent that they are
confined to Local Area Networks (LAN) existing internally to a law
firm, they are irrelevant to this paper. While these are compelling
and even intriguing discussions, they are beyond the scope of this
paper. Primarily, this paper focuses on the problems that may be
associated with the use of email communications over a wide area
network, i.e., the Internet.
Hacker, cracker ( sniffer, spy
What's in a name? In these names ( trouble for the attorney who
communicates with clients or potential clients over the Internet.
These are names of several of the potential eavesdroppers on the
Internet. A hacker is simply someone who is intensely interested in
complex computer systems. But, much to legitimate hackers' dismay,
the term has also become synonymous with cracker ( one whose
interest includes unauthorised entry and modification of these
computer systems. True hackers are often system operators and
administrators who detect, repair and prevent the break-in and
damage caused by crackers. Crackers may be the computer equivalent
of joyriders. They may just break in for a brief, exciting
excursion through the files found on a computer. Coming across a
file or document that seems particularly interesting, they may copy
it, alter it, delete it, or simply read it. Their tools are myriad
and new ones appear rapidly. Crackers can even present serious
concerns for the attorney who, although connected to a network,
does not even communicate by email. Recently, a tool for probing a
remote computer for security vulnerabilities became available. This
is known as the Security Administrator Tool for Analysing Networks
(SATAN). SATAN not only analyses the remote computer's weak points,
but it also provides extensive documentation on the vulnerabilities
identified and how to repair them. SATAN is not the first tool of
this kind. However, the problem is that SATAN was released to the
Internet. This means that it is widely available for both
legitimate use by system administrators and diabolical use by the
crackers. It has become a race between the system administrators to
find and plug the leaks in their computers' security and the
crackers intent on finding and exploiting those weaknesses. A
tremendous industry has arisen to provide security from break-in.
However, break-ins are always a potential problem and simply
devising a means of protecting email serves little purpose if the
computer that originates and receives the email is left open for
exploration via a network from outside the firm. So what are
sniffers? Computer communications channels are party lines. The
information intended for any computer on the network may pass
through virtually any number of other computers while in transit.
This sharing of the communications line means that computers can
receive information that was actually intended for other machines
on the network. Capturing this information as it is going over the
network is called sniffing.One extremely common way of connecting
computers is through Ethernet. This works by transmitting data
"packets" to all of the computers that are on the same circuit.
Each packet is preceded by a header. The header contains the
"address" of the sender, the address of the recipient and other
information required keeping the communications organised and
reliable. Following the header is the actual message data contained
in the packet. Unless some form of encryption is used, the message
data is simply transmitted as text just as it would normally be
displayed on the recipient's screen. Normally, the computers on the
network will only accept the packets that are addressed to them.
However, software is commonly available that, when running on a
computer on the network, will accept the data regardless of what
the packet header indicates the intended recipient to be. The
sniffer software can be programmed to select only data coming from,
or intended for, a specific machine or machines. Once this data is
received, the software can be configured so that the message data
is stored on a file on the sniffer's hard drive. Long messages may
occupy many data packets, but the technique is the same regardless
of message length. If necessary, the data from the packets stored
on the sniffer's computer can be reassembled into a single
contiguous block of data. Miraculously, the stolen message
reappears in it's original form. It is somewhat similar to placing
a cellular phone into a certain mode of operation and listening to
phone calls intended for anyone talking on the phone at that time.
The subtle thing about a sniffer is that they do not even have to
know your password to steal your client's secrets, your litigation
strategy, your analysis of potential jurors, your credit card
number, or the Christmas shopping list you just sent to your
relatives across the country. The sniffer does not even have to be
a cracker to obtain highly damaging information that was (at one
time) protected from exposure behind exhaustive security measures.
Once the data is transmitted onto the Internet, it becomes fair
game. But is sniffing a violation of law? Yes, it may violate
federal statues and state codes. But so does burglary and arson
from which an attorney has a duty to protect his clients' secrets,
confidences and documents. Under the Electronic Communications
Privacy Act (ECPA), reading electronic mail messages exchanged over
public email systems by anyone other than the sender and receiver
is a felony. However, sniffing may be a legitimate and even
necessary function of a networks administrator who is monitoring
the traffic load on certain parts of the network to ensure proper
functionality. Even the most discrete network administrator might
be tempted to read email legitimately sniffed off the network if he
realises that it contains interesting material. Hackers are human
too. Unencrypted email messages can be an unnecessary temptation to
these legitimate sniffers. Not only can people try to pretend to be
someone they are not, so can computers. This is called spoofing.
The spoofer uses the recipient address in the data packet header
that the sniffer uses, and configures their machine to emulate the
recipient's machine. When data comes along the network that is
intended for the actual recipient, the spoofer receives it instead
and automatically sends a packet to the sender which makes the
sender believe that the message was properly received. In fact, the
spoofer can read the email, concoct a reply and send it back to the
unsuspecting person who is unaware that he is communicating with an
impostor. More subtly, the spoofer can alter the original email and
then relay it on to the intended recipient.Of course, it is also
possible for someone to gain access to another's password and use
that person's computer to send out inauthentic messages. This is a
common but low-tech method of spoofing as well. Perhaps this points
out that effective confidentiality and privacy is no stronger than
the weakest link in a chain. If co-counsel, support staff,
consultants, or others have physical access to the practitioner's
computer or password, then encryption alone may be of no use. Thus
this paper assumes that proper physical security measures, staff
screenings and other operational matters, spiced with both common
sense and reasonable suspicion, are in place.
Encryption to the
rescue So will encryption of email cure all problems? Can it
make your office overhead decrease, opposing counsel more
accommodating, your work day shorter, your golf or tennis game
better, your clients actually glad to pay your fee, or guarantee
that all client secrets and confidences remain so? Of course not.
But, if part of total physical, operational and computer security
planning, it can substantially ensure that your email messages will
not be overheard, intercepted, altered or otherwise misused as it
transits the twisty passages of the Internet labyrinth. Robust
encryption can virtually guarantee that sniffers will not be able
to read the data contained in the packets that they "hear". The
text is so garbled that it is completely unintelligible. Spoofers
are frustrated by this same feature but even if the message itself
is not encrypted, i.e. it is transmitted in clear text, encryption
can provide substantial certainty that any message received was
transmitted by the individual purporting to have sent it. Certain
encryption software can even scramble the packet header information
so that it is impractical to spoof the message at all. Encryption
itself is not without problems however. Tremendous controversy
rages today about privacy concerns on the Internet and the role
that encryption should play in addressing those concerns. How good
should the resulting privacy be and privacy from whom? Just how
good is the encryption that is available to the average attorney?
Additionally, encryption software may not be as user-friendly as
some would like. Also, the administration, distribution and
authentication of a multitude of users' encryption keys is not a
trivial concern.A great deal of current encryption software uses
the principle of public-key cryptography. In public-key encryption
there are two different keys that are used. One key is used by the
sender to encrypt the message and another is used by the recipient
to decrypt it. The keys come in pairs; an individual's encryption
key is paired with the decryption key. One key cannot be derived
from the other, so someone with the encryption key cannot decrypt
messages using that key. For example, Alice, an individual who
wants to communicate securely, generates an encryption key and a
corresponding decryption key. She keeps the decryption key secret;
this is called the private key. She publishes the encryption key;
this is called the public key. The public key is made so that
anyone can get a copy of it. Alice may email it to her friends,
post it on bulletin boards, link it to her World Wide Web homepage,
etc. When someone wants to send a message to Alice, first they find
her public key. They encrypt their message in their public key and
send the now-encrypted message to Alice. When Alice receives it,
she decrypts it with her private key. Even the person who encrypted
the message to Alice could not read the message once it was
encrypted. They did not have the decryption key.
Conclusion
Mail security means delivery to the addressee only, that is, with
confidentiality. The modern standard for confidentiality in mail is
the single white envelope, wherein almost all commercial mail
moves. Only a small portion of mail requires higher security than
that. However, unlike paper mail, the world of electronic mail is a
world of postcards. Messages travel from machine, to machine open
and available. Without encryption, only a combination of culture
and law act to protect confidentiality. An attorney's
communications with a client or about a client's matters have a
heightened need for privacy. The prudent lawyer will add to those
protections for email by placing their messages in the "envelope"
of encryption. Encryption alone will not provide adequate security
for the attorney's computer systems. However, it is an important
link in the computer security chain that cannot be ignored.
(c)
1994 ( 1998 Computer Law Section of the State Bar of
GeorgiaCompiled by Arlene Martin