‘High Risk Vendors’ and Government eavesdropping

Last Tuesday, Parliament debated the Telecommunications Infrastructure (Leasehold Property), Bill. Well, actually, it didn’t. Several Tory backbenchers and a Labour shadow Minister hijacked the debate with amendments seeking to exclude ‘High-Risk Vendors’ (by which they mean Huawei) from UK telecoms networks. They did not provide any evidence to support their concerns, and the speeches sometimes bordered on a witch hunt.

Robert Harrison and Paul Reynolds have both written balanced and insightful articles on Huawei for Lib Dem Voice. The Government currently proposes to limit ‘High-Risk Vendors’ to the access network, and 35% market share. In a comment on Paul’s article, I explained how the 5G standards are designed to prevent any eavesdropping within the access network.

There is a well-documented case where an equipment supplier has been compromised by a foreign Government so that it could intercept the secret communications of other nations. But this is neither Huawei nor China: the company is Crypto AG, and the foreign Government is the USA.

An investigation by the Washington Post has discovered that for decades the CIA covertly owned the Swiss company Crypto AG. This company supplied equipment to over 120 countries to encrypt their diplomatic communications, including Iran, India, Pakistan, South American countries, and even the Vatican. The equipment supplied to many of these countries was compromised so that the CIA could easily break the codes.

The story begins in World War Two, when more than 140,000 mechanical encryption machines were built for US troops to use, to a Crypto design. After the war, the US made a deal with the founder of Crypto to only supply the more sophisticated models to certain ‘friendly’ countries and to supply weaker systems to the rest. It also provided covert funds for ‘marketing’.

In the 1960’s electronic circuits began to supersede mechanical machines, and Crypto risked being squeezed out of the market. To avoid this, Crypto launched a new all-electronic model, which was entirely designed by the US National Security Agency (NSA). These did not have ‘back doors’, but the intentional weaknesses in the algorithms significantly reduced the time needed to break the codes.

In 1970, the CIA and the BND (the German security agency) jointly purchased Crypto from its founder. In 1993, Germany pulled out, citing the diplomatic risk of being exposed. The business declined and would have gone out of business without cash injections from the US Government. But the intelligence kept coming – largely because of bureaucratic inertia. The covert operation was finally closed in 2018 -a victim of encryption moving from hardware to software.

Today, a smartphone application like WhatsApp has end-to-end encryption that is so secure that US authorities are seeking a ‘back door’ to enable them to eavesdrop on communications using it.

So, for Donald Trump and Huawei, it is a case of ‘Do what I say, not what we have one’.

Links:

‘Robert Harrison’ (2nd para):

https://www.libdemvoice.org/huawei-and-5g-a-liberal-democrat-approach-63289.html

‘Paul Reynolds’ (2nd Para):

https://www.libdemvoice.org/huawei-and-5g-the-tip-of-the-iceberg-for-johnson-63303.html

‘Washington Post’ (4th para)

https://www.washingtonpost.com/graphics/2020/world/national-security/cia-crypto-encryption-machines-espionage/

* Simon Pike is Data Officer of Newbury and West Berkshire local party and a member of South Central Region executive.

Read more by or more about .
This entry was posted in Op-eds.
Advert

4 Comments

  • Laurence Cox 11th Mar '20 - 7:30pm

    Simon,

    Perhaps you can explain why the 11 Lib Dem MPs voted with the Tory backbenchers on this: https://hansard.parliament.uk/Commons/2020-03-10/division/FBA89338-F136-489A-AAEC-1A36946D31E2/TelecommunicationsInfrastructure(LeaseholdProperty)Bill?outputType=Party

    A case of do what I say, not what I do?

    Incidentally, the USA were only following our example. After WW2 the USA and UK encouraged other countries to use the Enigma machine, without revealing that we had cracked them.

    https://www.quora.com/Where-did-all-of-the-thousands-of-Enigma-machines-end-up-after-the-end-of-WW2#

  • Phil Beesley 11th Mar '20 - 8:40pm

    Please define how a vendor relationship works when the customer disbelieves the seller.

    If you do not trust the seller, you have to walk away.

  • Laurence; I understand that the main concern of Lib dem parliamentarians about Huawei is the human rights aspect of the use of Huawei equipment in represssion of the Uigher population. If, it is disappointing that no LIb Dem spoke in the debate to say so – as voting with the Tory rebels gives the impression that they support their views.

    Phil; The Government is not the customer of Huawei network equipment, it is the network operators (and the Tory back benchers are certainly not the customers). As is widely reported, Huawei equipment is subject to far more detailed scrutiny than other vendors, and both the operators and the National Cyber Security centre are comfortable about it being deployed in the access part of the network. Two of the most serious failures of mobile networks have been on Ericsson infrastructure, both deliberate eavesdropping and network outage due to poor software:
    Eavesdropping: https://spectrum.ieee.org/telecom/security/the-athens-affair
    Disruption: https://www.ofcom.org.uk/__data/assets/pdf_file/0014/175010/o2-network-outage-cceb.pdf

  • Laurence Cox 12th Mar '20 - 4:17pm

    @Simon, the amendment they voted on was:

    “(f) the operator does not, after 31 December 2022, use vendors defined by the National Cyber Security Centre as high-risk vendors.”—(Sir Iain Duncan Smith.)

    There is nothing here about human rights and, as you said, our MPs made no attempt to introduce that issue during the debate. Apart from the security aspects, the principal concern seemed to be that Huawei could achieve an effective monopoly through their financial strength, indeed this point was made strongly by Sir Ian Duncan Smith. Hansard is the authoritative record of Parliament’s proceedings and to fail to ensure that our MPs gave any other reason for supporting this amendment, means that we shall never be able to point to Hansard in the future as our reason for voting for the amendment.

    At the very least, we should have tabled an amendment objecting to the use of prisoner labour in the manufacture of Huawei equipment and, if that was not called for debate, made an intercession as other MPs did during the debate.

    https://www.ft.com/content/8912445a-5bd3-11ea-8033-fa40a0d65a98

Post a Comment

Lib Dem Voice welcomes comments from everyone but we ask you to be polite, to be on topic and to be who you say you are. You can read our comments policy in full here. Please respect it and all readers of the site.

If you are a member of the party, you can have the Lib Dem Logo appear next to your comments to show this. You must be registered for our forum and can then login on this public site with the same username and password.

To have your photo next to your comment please signup your email address with Gravatar.

Your email is never published. Required fields are marked *

*
*
Please complete the name of this site, Liberal Democrat ...?

Advert



Recent Comments

    No recent comment found.