Banks seeking to gag crypto research

The bank, the credit card company, the Singhs and their £50,000 are embroiled in a case that could, say researchers, stifle legitimate cryptography research into banking security systems

Diners Club on Friday went to the High Court in London to try to get an order gagging public disclosure of cryptographic vulnerabilities in the technology used to protect withdrawals from ATMs.

At risk is the right of a Cambridge research student to include previously published cryptographic research in his PhD thesis, the extent to which banks and other big companies can use the law to keep vulnerabilities in their systems secret (even though the secrets appear to be leaking out), and over £50,000 that used to belong to a South African couple, Anil and Vanita Singh.

The case has its roots in March 2000, when over £50,000 was withdrawn during 190 separate transactions at ATMs in Britain from the Singhs' Diners Club card account. The Singhs say they did not withdraw the money, and claim that at the time, they were in South Africa, where they live. But Diner's Club International says that because all the computer systems involved are secure, the Singhs must be responsible for the withdrawals. It is seeking to recover the money from the Singhs, and the case is due to be heard in the High Court from 3 to 14 March.

To help their case, the Singhs asked three cryptography experts based in Cambridge to act as defence witnesses: Ross Anderson of the Cambridge Computer Laboratory, and his students, Richard Clayton and Michael Bond, the latter of whom is writing a PhD thesis which in part looks at vulnerabilities in ATM systems. It is evidence from these witnesses which Diners Club is, says Anderson, seeking to oppressively gag.

Lawyers acting for Citibank (a joint applicant in the case) and Diners Club sent a fax this week to Ross Anderson that contained a draft order ordering that they attend a preliminary hearing on Friday to determine whether evidence should be heard in camera. In Anderson's comments, which he submitted in a letter to the Queen's Bench Division because he could not attend the hearing, he said the terms of the secrecy order are "oppressive" and "inappropriate in the extreme".

The problem is, according to Anderson, that the "gaping vulnerabilities in the design of the cryptographic equipment used by the applicants and by other banks involved... are of significant scientific interest and are relevant to public policy." They have, wrote Anderson, already been widely published and even incorporated into undergraduate teaching. Some of the vulnerabilities were verified by tests at the Cambridge Computer Lab on one of the affected types of machine.

If the gagging order were granted, stopping publication of any evidence, it would, wrote Anderson, prohibit Bond from including in his thesis information that he has already published. Furthermore, the order "would suppress scientific research and teaching, and it would undermine the rights of many other victims of the current wave of 'phantom' withdrawals from cash machines."

The phantom withdrawals Anderson referred to are an increasingly common phenomenon, according to a posting he made to the Cryptome security mailing list.

"For the last couple of years or so there has been a rising tide of phantoms," he wrote. "I get emails with increasing frequency from people all over the world whose banks have debited them for ATM withdrawals that they deny making. Banks in many countries simply claim that their systems are secure and so the customers must be responsible. It now looks like some of these vulnerabilities have also been discovered by the bad guys. Our courts and regulators should make the banks fix their systems, rather than just lying about security and dumping the costs on the customers."

The case is due to begin on 3 March.

For all security-related news, including updates on the latest viruses, hacking exploits and patches, check out ZDNet UK's Security News Section.

Let the editors know what you think in the Mailroom.