specifically for military applications to guide weapons to their targets. And we now know that the 9/11 hijackers purchased GPS receivers, apparently for that very purpose. What does this mean? Does it mean we should ban the sale of GPS receivers to everyone? Think of the economic effects of such a draconian measure. Talk about throwing the baby out with the bathwater. Our economy is so dependent on GPS technology for all kinds of civilian applications despite the fact that it was originally developed solely for military use. Just like our economy is now dependent on strong crypto to protect e-commerce.

The question of whether strong cryptography should be restricted by the government was debated all through the 1990s. This debate had the participation of the White House, the NSA, the FBI, the courts, the Congress, the computer industry, civilian academia, and the press. This debate fully took into account the question of terrorists using strong crypto, and in fact, that was one of the core issues of the debate. Nonetheless, society’s collective decision (over the FBI’s objections) was that on the whole, we would be better off with strong crypto, unencumbered by government back doors. The export controls were lifted, and no domestic controls were imposed. This was a good decision because we took the time and had such broad expert participation. The 9/11 attacks did not change the wisdom of that collective decision, and although civil liberties on the whole have eroded since then, we haven’t lost our right to use strong crypto.

Pulver: Why is VoIP encryption important?

almost always meant it was a domestic law enforcement agency doing it with the phone company’s cooperation. Third, the international long distance lines could be intercepted by intelligence agencies from either party’s country or a third country.

The threat model for VoIP interception is much broader. Suppose a PC in your company is infected with spyware that can monitor all the IP traffic on the network, including VoIP packets. It can selectively record these phone calls on the hard disk as WAV files and organize them by caller and callee– brows-able like a TiVo player. This would allow someone to conveniently browse through them remotely, picking only the most interesting targets to listen to, perhaps the CEO talking to his counterpart in another company to discuss a merger or acquisition, or maybe the in-house corporate legal counsel talking to an outside law firm. Point-and-click wiretapping from the other side of the world– it could be done by a foreign government, the Russian mafia, or a freelance hacker. They don’t need to get a visa and travel to your country with alligator clips in their pocket. They don’t need the legal access that your own government enjoys. They can do it on a shoestring budget from anywhere in the world. Sophisticated wiretapping software can proliferate on the black market and be used by countless unskilled script kiddies. Wiretapping goes retail.

Just as the rise of e-mail and the cost differential between postal mail and e-mail spawned a massive spam problem, the rise of VoIP and cost differential for a criminal to wiretap the

Point-and-click wiretapping from the other side of the world–
it could be done by a foreign government, the Russian mafia, or
a freelance hacker.

Zimmermann: We’ve al ways known that phones can be wiretapped, but the average person doesn’t seem to worry about it. They generally assume they aren’t important enough to attract the scrutiny of government spying, and the government was always assumed to be the most likely party to listen to their calls. At least that’s been the case for the cen-tury-old public switched telephone network (PSTN).

But voice over IP is about to take over all our phone calls in the next few years. While historically the PSTN calls were sent over a closed circuit between the two parties, VoIP calls are sent over the Internet, a packet switched network, which allows much greater opportunities for interception. While secure phones never made much impact in the PS TN market, the need for encryption for VoIP phones is obvious.

The PSTN wiretapping threat model includes three major categories. First, someone could get close to their target’s office or home and attach alligator clips to the phone line outside. Second, the wiretap could be done at the phone company’s switch, which

PSTN versus VoIP networks will spawn a massive proliferation of wiretapping VoIP.

The most pessimistic doomsayers of a few years ago never imagined that things would get this bad on the Internet. The Internet today is riddled with professional criminals attacking