“Not even the tip of the iceberg”

President of the Swiss Confederation, Ueli Maurer, is currently testing a crypto phone. ETH News talked to his namesake, ETH professor and cryptography expert Ueli Maurer, about secure IT, the NSA and the threat of a cyberwar.

Enlarged view: Tap-proof mobile phone
The Federal Council plans to procure tap-proof mobile phones. (Photo: iStockphoto)

ETH News: The President of the Swiss Confederation, Mr Ueli Maurer, plans to procure tap-proof mobile phones for the Federal Council, according to the external page media. Is it actually possible to create completely tap-proof mobile phones?
Ueli Maurer: Technically, communication devices can be made completely secure. With the help of the right encryption technology, secure communication via an unsecure line is possible using a code. This code can be made so secure that even the NSA won’t be able to decipher it in a hundred years. I’d bet anything on that.

That sounds good, so what is the problem?
It is not the code but the implementation of the hardware and software platform that is the problem. This is similar to internet banking where encryption is very secure. But this is of no use if your computer is not secure and has a virus, for instance.

Enlarged view: Ueli Maurer
Cryptography expert Ueli Maurer. (Photo: Giulia Marthaler / ETH Zurich)
“Nowadays information security needs to be on the agenda of CEOs and boards of directors.”Ueli Maurer

How should secure Federal Council mobile phones be built?
The prerequisite is secure end-to-end encryption for the entire communication path from one mobile phone to another. Furthermore, the electronic components must be shielded to block radiation. A secure mobile phone must also not have any flaws, as is the case today for commercial mobile phones.

What are these flaws?
These flaws may allow data to be accessed externally. This may be an unintentional backdoor for a virus in the software due to poor programming or an intentional loophole that enables a device to be externally accessed and data to be extracted. Hardware can also be affected: a chip that radiates or a random generator that only generates zeroes, for example. These type of faults are possibly integrated at the behest of intelligence agencies and in such a way that they cannot be found. To date, however, unencrypted mobile phones are usually accessed via communication systems.

What should the Federal Council consider when choosing crypto phones?
If the Federal Council introduces secure mobile phones, it must procure phones that have an entirely spotless platform, from the hardware to the software and encryption. This means finding a trustworthy manufacturer that does not use a questionable operating system.

Will commercial mobile phones also become securer in the future?
The question is whether there is a market for tap-proof products. When I think how CEOs today still talk business over normal mobile phones I feel that there must be a market out there for intelligence agencies do not only fight terrorism, they also carry out economic espionage. So, nowadays information security needs to be on the agenda of CEOs and boards of directors.

Why have secure devices not been available sooner?
The problem is that not everyone acts in concert. It’s not like flight safety, road safety or medical safety, where everyone has the same aim – greater safety. As we are currently discovering, there are opposing interests in information security. Intelligence agencies do not want us to communicate securely. Which is also why solutions that are technically possible are not yet offered.

Were you surprised that the NSA intercepted important politicians’ mobile phones?
No. Intelligence agencies make full use of the technical facilities they possess. We are still right at the beginning of the information society. At present, phone tapping cases are generally passive attacks, but this is not even the tip of the iceberg. It is just the beginning. What we are seeing here are the precursors to an actual “cyber war”.

What do you mean by cyberwar?
A cyberwar is any type of attack against the information systems of companies and state authorities, from wiretapping to manipulation and even complete paralysis of infrastructure. This has, in fact, already happened. In Iran, turbines in a uranium enrichment plant were destroyed by a virus. We easily accept that a dictator be wiretapped for reasons of fighting terrorism, but it becomes an uncomfortable topic when we talk about wiretapping European politicians. This is where the objectionable side of the information society comes through. Information technology has a great potential to bring about change, it is developing at a rapid pace and we are barely able to predict its evolution.

Can we protect ourselves from cyberwar?
I am sceptical as to whether the current development can be brought under control. We would need to entirely revise and reinvent the way in which information systems are being developed today. This would mean refraining from, as has usually happend to date, pragmatically patching together software but rebuilding it from scratch in an expert process – systematically thinking, specifying and then programming. Software would have to be simpler and more verifiable. Product liability for software products would also be necessary. Yet, this would be a great shift in paradigm and I don’t see this happening anytime soon.

Ueli Maurer is a professor of computer science at the ETH Zurich. He is the head of the information security and cryptography research group at the Institute of Theoretical Computer Science.

JavaScript has been disabled in your browser