Encryption and the Law: The need for a legal regulatory framework for PKI

1
Encryption and the Law The need for a legal
regulatory framework for PKI

• Yee Fen Lim
• Department of Law
• Macquarie University

2
Outline

• Introduction
• Handwritten signatures
• Requirements of electronic signatures
• Digital Signatures
• Public Key Cryptography
• Public Key Infrastructure
• Digital Certificates
• Allocation of Liability

3
Introduction

• Signature issues in the digital environment
• Importance
• Commercial e-commerce (all sectors)
• Non-commercial

4
Handwritten Signatures

• Signature v. autograph
• Intention of the signer
• Signature is any mark that has been affixed by
  the signer with the intent to be bound by the
  contents of the document
• Once affixed, the signature and the document
  becomes one composite thing
• Integrity

5
Proof of Handwritten Signatures

• If a handwritten signature is disputed, then call
  on the following
• witness to the signature
• a person with intimate knowledge of the persons
  signature
• handwriting expert
• Authentication and Non-repudiation

6
Requirements of Electronic Signatures legal
status

• Integrity
• I love you does not become I love you not
• Non-repudiation
• Not me!
• Authentication
• Did Superman really write the message?
• Confidentiality
• Superman wants to keep his messages private

7
Types of Electronic Signatures

• Biometric signatures
• eg iris scans, finger-prints, voice (none totally
  perfect yet).
• Non-biometric signatures
• eg digital signatures

8
Digital Signatures

• Insecure
• eg initials at the end of emails
• Secure
• Uses encryption to code and decode
• Ensures confidentiality
• but what about integrity, authentication,
  non-repudiation?

9
Public Key Cryptography

• 2 key pairs 1 private key and an associated
  public key
• Private key kept secret by owner
• Public key published widely
• Golden rule anything encrypted with a public key
  can only be decoded with the private key, and
  vice versa

10
Public Key Cryptography Superman example

• Superman writes I love you
• Superman encrypts message with his private key
• Anyone with Supermans public key can decode the
  message
• Authenticity

11
Public Key Cryptography Superman example

• How does Superman ensure only Lois Lane can read
  his message?
• Superman encrypts his already encrypted message
  with Lois Lanes public key
• Only Lois Lane can decode the message as she is
  the one with the private key
• Confidentiality

12
Public Key Cryptography Superman example

• What about integrity?
• Include a pre-agreed one-way hash function with
  the original message
• eg I love you
• Use a1 b2 c3 .z26
• i9 l12 o15 v22 e5 y25 o15 u21
• Use sum 91215225251521124
• Hash is 124

13
Public Key Cryptography Superman example

• Include the hash of 124 in the message that is
  double encrypted.
• When Lois Lane receives the message, she can run
  the message through the pre-agreed hash function
• If she gets 124 as the result, then integrity is
  ensured. If not, then the message may have been
  tampered with.

14
Public Key Cryptography Superman example

• To save on processing, rather than encrypt the
  full message with the private key, most systems
  just encrypt the hash with the private key, and
  this becomes the digital signature ie different
  every time
• The private-key-encrypted hash plus the message
  is then encrypted with the recipients public key
  to ensure only the recipient can read the message.

15
Public Key Cryptography Superman example

• What about non-repudiation?
• Who is the signer?
• Was it really Superman?
• Related to authentication
• Public key infrastructure (PKI)

16
Public Key Infrastructure (PKI)

• System for distribution of public keys
• Reliability
• eg a web page simply listing the public keys of
  persons is not reliable as to source
• Web of trust
• Trusted third party to verify that the public key
  really does belong to whom it is said to belong

17
Public Key Infrastructure (PKI)

• Trusted third party is Certification Authority
  (CA)
• CA issues digital certificate verifying the owner
  of the public key
• A CA may use a third-party, a Registration
  Authority (RA), to perform the necessary checks
  on the person or entity requesting the certificate

18
Public Key Infrastructure (PKI)

• Can we trust the CA?
• Higher CA, Root CA (self-authenticates)
• Cross-verification creating certificate chain -
  web of trust

19
Public Key Infrastructure (PKI) Digital
Certificates

• Serial number - unique number from CA
• Key length
• Signature algorithm identity of algorithm
• Hashing algorithm
• Issuer name
• Validity period
• Subscriber details of owner of public key
• Subject public key - actual key certified
• Signature of CA

20
Public Key Infrastructure (PKI) Digital
Certificates

• Digital Certificates should
• provide strong and substantial evidence of the
  identity of the owner of public key (signer)
• Be used during operational period of valid
  digital certificate
• Have the rebuttable presumption that the digital
  signature on the digital certificate is that of
  the subscriber listed

21
PKI Rebutting the presumption

• Was the CA in the wrong?
• Was it an imposters public key that the CA has
  registered?
• Did someone else use Supermans public/private
  key without permission?
• Did Superman safeguard his private key properly?

22
PKI Revocation of Digital Certificates

• Credit card analogy
• If Supermans private key has been compromised,
  he should notify the CA
• CA can revoke Supermans digital certificate
• CA then posts the certificate on the certificate
  revocation list (CRL)
• Limitations upon the right of a recipient of a
  digital certificate to rely upon them
• Unreliable Digital Signatures Reasonable of
  Reliance

23
PKI Allocation of Liability

• Hardest Legal Issues involve the allocation of
  liability among Subscriber (key owner), CA and
  Relying Party
• eg1 Liability of CA to a Relying Party for
  binding the wrong public key to the identity of
  the subscriber named in the certificate.
• eg2 Liability of the Subscriber to the Relying
  Party upon unauthorised use of Subscribers
  private key following compromise of the private
  key

24
PKI Allocation of Liability

• For a Relying Party, the allocation of liability
  is paramount
• If a Relying Party does not know whether the CA
  can be trusted, or if the Subscriber is genuinely
  who they claim to be, then the Relying Party
  would not rely on the Digital Certificate

25
PKI Allocation of Liability

• Examples of where problems arise
• Inaccuracies in the Certificate
• Misrepresentation in the Certificate
• CA fails to revoke an invalid Certificate

26
PKI Allocation of Liability

• Closed systems
• Open systems (Internet)

27
PKI Allocation of Liability closed system
example

• Gatekeeper
• Health eSignature Authority (RA)
• Betrusted (formerly Securenet) is CA
• Individual certificates, location certificates
• Referrals, reports

28
PKI Allocation of Liability closed system
example

• 5.4 Keys and Certificates should only be used for
  Health related messages
• in transactions with HIC, or
• in transactions created by subscribers within the
  Health Sector but not where the transaction value
  is greater than 10,000
• Lists obligations and duties for each party
• Limit on liability - 1,000/5,000

29
PKI Australia

• Contract law (if there is a contract)
• including protection against unfair contractual
  liability allocation eg undue influence,
  unconscionable dealing, Contracts Review Act,
  ss51AA, 51AB 51AC TPA
• Law of negligence
• s52 Trade Practices Act
• Consumer protection legislation
• 500 transaction?

30
PKI Regulation Preferred approach

• Strict liability
• avoidance of concepts of negligence
• Reliance limits
• Actions key can be used for

31

• Thank you
• Yeefen.lim_at_mq.edu.au