Secure communication is when two entities are communicating and do not want a third party to listen in. For this to be the case, the entities need to communicate in a way that is unsusceptible to

eavesdropping Eavesdropping is the act of secretly or stealthily listening to the private conversation or communications of others without their consent in order to gather information. Etymology The verb ''eavesdrop'' is a back-formation from the noun ''eave ...

interception In Ball game, ball-playing Competitive sport, competitive team sports, an interception or pick is a move by a player involving a pass of the ball—whether by foot or hand, depending on the rules of the sport—in which the ball is intended for ...

. Secure communication includes means by which people can share information with varying degrees of certainty that third parties cannot intercept what is said. Other than spoken face-to-face communication with no possible eavesdropper, it is probable that no communication is guaranteed to be secure in this sense, although practical obstacles such as legislation, resources, technical issues (interception and encryption), and the sheer volume of communication serve to limit

surveillance Surveillance is the monitoring of behavior, many activities, or information for the purpose of information gathering, influencing, managing, or directing. This can include observation from a distance by means of electronic equipment, such as ...

. With many communications taking place over long distance and mediated by technology, and increasing awareness of the importance of interception issues, technology and its compromise are at the heart of this debate. For this reason, this article focuses on communications mediated or intercepted by technology. Also see ''

Trusted Computing Trusted Computing (TC) is a technology developed and promoted by the Trusted Computing Group. The term is taken from the field of trusted systems and has a specialized meaning that is distinct from the field of confidential computing. With Trust ...

'', an approach under present development that achieves security in general at the potential cost of compelling obligatory trust in corporate and government bodies.

History

In 1898,

Nikola Tesla Nikola Tesla (;"Tesla"
. ''Random House Webster's Unabridged Dictionary''. ; 10 July 1856 – 7 ...

demonstrated a

radio controlled Radio control (often abbreviated to RC) is the use of control signals transmitted by radio to remotely operate a device. Examples of simple radio control systems are garage door openers and keyless entry systems for vehicles, in which a small ha ...

boat in

Madison Square Garden Madison Square Garden, colloquially known as the Garden or by its initials MSG, is a multi-purpose indoor arena in New York City. It is located in Midtown Manhattan between Seventh Avenue (Manhattan), Seventh and Eighth Avenue (Manhattan), Eig ...

that allowed secure communication between

transmitter In electronics and telecommunications, a radio transmitter or just transmitter (often abbreviated as XMTR or TX in technical documents) is an electronic device which produces radio waves with an antenna (radio), antenna with the purpose of sig ...

and receiver. One of the most famous systems of secure communication was the

Green Hornet The Green Hornet is a superhero created in 1936 by George W. Trendle and Fran Striker, with input from radio director James Jewell. Since his 1930s radio debut, the character has appeared in numerous serialized dramas in a wide variety of me ...

. During WWII,

Winston Churchill Sir Winston Leonard Spencer Churchill (30 November 1874 – 24 January 1965) was a British statesman, military officer, and writer who was Prime Minister of the United Kingdom from 1940 to 1945 (Winston Churchill in the Second World War, ...

had to discuss vital matters with

Franklin D. Roosevelt Franklin Delano Roosevelt (January 30, 1882April 12, 1945), also known as FDR, was the 32nd president of the United States, serving from 1933 until his death in 1945. He is the longest-serving U.S. president, and the only one to have served ...

. In the beginning, the calls were made using a voice scrambler, as this was thought to be secure. When this was found to be untrue, engineers started to work on a whole new system, which resulted in the Green Hornet or

SIGSALY SIGSALY (also known as the X System, Project X, Ciphony I, and the Green Hornet) was a secure voice, secure speech system used in World War II for the highest-level Allies of World War II, Allied communications. It pioneered a number of digital co ...

. With the Green Hornet, any unauthorized party listening in would just hear

white noise In signal processing, white noise is a random signal having equal intensity at different frequencies, giving it a constant power spectral density. The term is used with this or similar meanings in many scientific and technical disciplines, i ...

, but the conversation would remain clear to authorized parties. As secrecy was paramount, the location of the Green Hornet was only known by the people who built it and Winston Churchill. To maintain secrecy, the Green Hornet was kept in a closet labeled 'Broom Cupboard.'' The Green Hornet used a

one-time pad The one-time pad (OTP) is an encryption technique that cannot be Cryptanalysis, cracked in cryptography. It requires the use of a single-use pre-shared key that is larger than or equal to the size of the message being sent. In this technique, ...

. SIGSALY was also never broken.

Nature and limits of security

Types of security

Security can be broadly categorized under the following headings, with examples: * Hiding the content or nature of a communication **

Code In communications and information processing, code is a system of rules to convert information—such as a letter, word, sound, image, or gesture—into another form, sometimes shortened or secret, for communication through a communicati ...

– a rule to convert a piece of information (for example, a letter, word, phrase, or gesture) into another form or representation (one sign into another sign), not necessarily of the same type. In communications and information processing, encoding is the process by which information from a source is converted into symbols to be communicated. Decoding is the reverse process, converting these code symbols back into information understandable by a receiver. One reason for coding is to enable communication in places where ordinary spoken or written language is difficult or impossible. For example, semaphore, where the configuration of flags held by a signaler or the arms of a

semaphore tower An optical telegraph is a line of stations, typically towers, for the purpose of conveying textual information by means of visual signals (a form of optical communication). There are two main types of such systems; the semaphore telegraph whic ...

encodes parts of the message, typically individual letters and numbers. Another person standing a great distance away can interpret the flags and reproduce the words sent. **

Obfuscation Obfuscation is the obscuring of the intended meaning of communication by making the message difficult to understand, usually with confusing and ambiguous language. The obfuscation might be either unintentional or intentional (although intent ...

Encryption In Cryptography law, cryptography, encryption (more specifically, Code, encoding) is the process of transforming information in a way that, ideally, only authorized parties can decode. This process converts the original representation of the inf ...

Steganography Steganography ( ) is the practice of representing information within another message or physical object, in such a manner that the presence of the concealed information would not be evident to an unsuspecting person's examination. In computing/ ...

** Identity Based * Hiding the parties to a communication – preventing identification, promoting

anonymity Anonymity describes situations where the acting person's identity is unknown. Anonymity may be created unintentionally through the loss of identifying information due to the passage of time or a destructive event, or intentionally if a person cho ...

** "

Crowds A crowd is as a group of people that have gathered for a common purpose or intent. Examples are a demonstration, a sports event, or a looting (classified in sociology as an acting crowd). A crowd may also simply be made up of many people goi ...

" and similar anonymous group structures – it is difficult to identify who said what when it comes from a "crowd" ** Anonymous communication devices – unregistered cellphones,

Internet cafe The Internet (or internet) is the Global network, global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a internetworking, network of networks ...

s **

Anonymous proxies An anonymizer or an anonymous proxy is a tool that attempts to make activity on the Internet untraceable. It is a proxy server computer that acts as an intermediary and privacy shield between a client computer and the rest of the Internet. It acc ...

** Hard-to-trace

routing Routing is the process of selecting a path for traffic in a Network theory, network or between or across multiple networks. Broadly, routing is performed in many types of networks, including circuit-switched networks, such as the public switched ...

methods – through unauthorized third-party systems, or relays * Hiding the fact that a communication takes place ** "Security by obscurity" – similar to needle in a haystack ** Random traffic – creating random data flow to make the presence of genuine communication harder to detect and

traffic analysis Traffic analysis is the process of intercepting and examining messages in order to deduce information from patterns in communication. It can be performed even when the messages are encrypted. In general, the greater the number of messages observ ...

less reliable Each of the three types of security is important, and depending on the circumstances, any of these may be critical. For example, if a communication is not readily identifiable, then it is unlikely to attract attention for identification of parties, and the mere fact a communication has taken place (regardless of content) is often enough by itself to establish an evidential link in legal prosecutions. It is also important with computers, to be sure where the security is applied, and what is covered.

Borderline cases

A further category, which touches upon secure communication, is software intended to take advantage of security openings at the end-points. This software category includes

trojan horse In Greek mythology, the Trojan Horse () was a wooden horse said to have been used by the Greeks during the Trojan War to enter the city of Troy and win the war. The Trojan Horse is not mentioned in Homer, Homer's ''Iliad'', with the poem ending ...

keylogger Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording (logging) the keys struck on a keyboard, typically covertly, so that a person using the keyboard is unaware that their actions are being monitore ...

s and other

spyware Spyware (a portmanteau for spying software) is any malware that aims to gather information about a person or organization and send it to another entity in a way that harms the user by violating their privacy, endangering their device's securit ...

. These types of activity are usually addressed with everyday mainstream security methods, such as

antivirus Antivirus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware. Antivirus software was originally developed to detect and remove computer viruses, hence the name ...

software, firewalls, programs that identify or neutralize

adware Adware, often called advertising-supported software by its developers, is software that generates revenue by automatically displaying Online advertising, online advertisements in the user interface or on a screen presented during the installatio ...

and

, and web filtering programs such as

Proxomitron Proxomitron, the Universal Web Filter, is a filtering web proxy written by Scott R. Lemmon. This program was originally designed to run under Windows 95. All future development of the program was ceased in 2003 one year before its author's death ...

and

Privoxy Privoxy is a free non- caching web proxy with filtering capabilities for enhancing privacy, manipulating cookies and modifying web page data and HTTP headers before the page is rendered by the browser. Privoxy is a "privacy enhancing proxy", fil ...

which check all web pages being read and identify and remove common nuisances contained. As a rule they fall under

computer security Computer security (also cybersecurity, digital security, or information technology (IT) security) is a subdiscipline within the field of information security. It consists of the protection of computer software, systems and computer network, n ...

rather than secure communications.

Tools used to obtain security

Encryption

is a method in which data is rendered hard to read by an unauthorized party. Since encryption methods are created to be extremely hard to break, many communication methods either use deliberately weaker encryption than possible, or have

backdoor A back door is a door in the rear of a building. Back door may also refer to: Arts and media * Back Door (jazz trio), a British group * Porta dos Fundos (literally “Back Door” in Portuguese) Brazilian comedy YouTube channel. * Works so tit ...

s inserted to permit rapid decryption. In some cases government authorities have required backdoors be installed in secret. Many methods of encryption are also subject to " man in the middle" attack whereby a third party who can 'see' the establishment of the secure communication is made privy to the encryption method, this would apply for example to the interception of computer use at an ISP. Provided it is correctly programmed, sufficiently powerful, and the keys not intercepted, encryption would usually be considered secure. The article on

key size In cryptography, key size or key length refers to the number of bits in a key used by a cryptographic algorithm (such as a cipher). Key length defines the upper-bound on an algorithm's security (i.e. a logarithmic measure of the fastest known a ...

examines the key requirements for certain degrees of encryption security. Encryption can be implemented in a way that requires the use of encryption, i.e. if encrypted communication is impossible then no traffic is sent, or opportunistically.

Opportunistic encryption Opportunistic encryption (OE) refers to any system that, when connecting to another system, attempts to encrypt communications channels, otherwise falling back to unencrypted communications. This method requires no pre-arrangement between the two ...

is a lower security method to generally increase the percentage of generic traffic which is encrypted. This is analogous to beginning every conversation with "Do you speak

Navajo The Navajo or Diné are an Indigenous people of the Southwestern United States. Their traditional language is Diné bizaad, a Southern Athabascan language. The states with the largest Diné populations are Arizona (140,263) and New Mexico (1 ...

?" If the response is affirmative, then the conversation proceeds in Navajo, otherwise it uses the common language of the two speakers. This method does not generally provide

authentication Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an Logical assertion, assertion, such as the Digital identity, identity of a computer system user. In contrast with iden ...

but it does protect the content of the conversation from

. An

Information-theoretic security A cryptosystem is considered to have information-theoretic security (also called unconditional security) if the system is secure against adversaries with unlimited computing resources and time. In contrast, a system which depends on the computatio ...

technique known as physical layer encryption ensures that a wireless communication link is provably secure with communications and coding techniques.

Steganography

("hidden writing") is the means by which data can be hidden within other more innocuous data. Thus a watermark proving ownership embedded in the data of a picture, in such a way it is hard to find or remove unless you know how to find it. Or, for communication, the hiding of important data (such as a telephone number) in apparently innocuous data (an MP3 music file). An advantage of steganography is

plausible deniability Plausible deniability is the ability of people, typically senior officials in a formal or informal chain of command, to deny knowledge or responsibility for actions committed by or on behalf of members of their organizational hierarchy. They may ...

, that is, unless one can prove the data is there (which is usually not easy), it is deniable that the file contains any.

Identity-based networks

Unwanted or malicious activities are possible on the web since the internet is effectively anonymous. True identity-based networks replace the ability to remain anonymous and are inherently more trustworthy since the identity of the sender and recipient are known. (The telephone system is an example of an identity-based network.)

Anonymized networks

Recently, anonymous networking has been used to secure communications. In principle, a large number of users running the same system, can have communications routed between them in such a way that it is very difficult to detect what the complete message is, which user sent it, and where it is ultimately coming from or going to. Examples are

Tor Tor, TOR or ToR may refer to: Places * Toronto, Canada ** Toronto Raptors * Tor, Pallars, a village in Spain * Tor, former name of Sloviansk, Ukraine, a city * Mount Tor, Tasmania, Australia, an extinct volcano * Tor Bay, Devon, England * Tor ...

I2P The Invisible Internet Project (I2P) is an anonymous network layer (implemented as a mix network) that allows for censorship-resistant, peer-to-peer communication. Anonymous connections are achieved by encrypting the user's traffic (by usin ...

Mixminion Mixminion is the standard implementation of the Type III anonymous remailer protocol. Mixminion can send and receive anonymous e-mail. Mixminion uses a mix network architecture to provide strong anonymity, and prevent eavesdroppers and other atta ...

, various

anonymous P2P An anonymous P2P communication system is a peer-to-peer distributed application in which the nodes, which are used to share resources, or participants are anonymous or pseudonymous. Anonymity of participants is usually achieved by special routin ...

networks, and others.

Anonymous communication devices

Typically, an unknown device would not be noticed, since so many other devices are in use. This is not assured in reality, due to the presence of systems such as

Carnivore A carnivore , or meat-eater (Latin, ''caro'', genitive ''carnis'', meaning meat or "flesh" and ''vorare'' meaning "to devour"), is an animal or plant Plants are the eukaryotes that form the Kingdom (biology), kingdom Plantae; they ar ...

and unzak, which can monitor communications over entire networks, and the fact that the far end may be monitored as before. Examples include

payphone A payphone (alternative spelling: pay phone or pay telephone or public phone) is typically a coin-operated public telephone, often located in a telephone booth or in high-traffic public areas. Prepayment is required by inserting coins or tel ...

, etc.

Methods used to "break" security

Bugging

The placing covertly of monitoring and/or transmission devices either within the communication device, or in the premises concerned.

Computers (general)

Any security obtained from a computer is limited by the many ways it can be compromised – by hacking,

keystroke logging Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording (logging) the keys struck on a keyboard, typically covertly, so that a person using the keyboard is unaware that their actions are being monitore ...

, backdoors, or even in extreme cases by monitoring the tiny electrical signals given off by keyboard or monitors to reconstruct what is typed or seen ( TEMPEST, which is complex).

Laser audio surveillance

Sounds, including speech, inside rooms can be sensed by bouncing a

laser A laser is a device that emits light through a process of optical amplification based on the stimulated emission of electromagnetic radiation. The word ''laser'' originated as an acronym for light amplification by stimulated emission of radi ...

beam off a window of the room where a conversation is held, and detecting and decoding the vibrations in the glass caused by the

sound wave In physics, sound is a vibration that propagates as an acoustic wave through a transmission medium such as a gas, liquid or solid. In human physiology and psychology, sound is the ''reception'' of such waves and their ''perception'' by the ...

Systems offering partial security

Cellphones

Cellphones can easily be obtained, but are also easily traced and "tapped". There is no (or only limited) encryption, the phones are traceable – often even when switched off – since the phone and SIM card broadcast their International Mobile Subscriber Identity ( IMSI). It is possible for a cellphone company to turn on some cellphones when the user is unaware and use the microphone to listen in on you, and according to James Atkinson, a

counter-surveillance Countersurveillance refers to measures that are usually undertaken by the public to prevent surveillance, including covert surveillance. Countersurveillance may include electronic methods such as technical surveillance counter-measures, which is ...

specialist cited in the same source, "Security-conscious corporate executives routinely remove the batteries from their cell phones" since many phones' software can be used "as-is", or modified, to enable transmission without user awareness and the user can be located within a small distance using signal

triangulation In trigonometry and geometry, triangulation is the process of determining the location of a point by forming triangles to the point from known points. Applications In surveying Specifically in surveying, triangulation involves only angle m ...

and now using built in GPS features for newer models. Transceivers may also be defeated by jamming or

Faraday cage A Faraday cage or Faraday shield is an enclosure used to block some electromagnetic fields. A Faraday shield may be formed by a continuous covering of conductive material, or in the case of a Faraday cage, by a mesh of such materials. Faraday cag ...

. Some cellphones (

Apple An apple is a round, edible fruit produced by an apple tree (''Malus'' spp.). Fruit trees of the orchard or domestic apple (''Malus domestica''), the most widely grown in the genus, are agriculture, cultivated worldwide. The tree originated ...

iPhone The iPhone is a line of smartphones developed and marketed by Apple that run iOS, the company's own mobile operating system. The first-generation iPhone was announced by then–Apple CEO and co-founder Steve Jobs on January 9, 2007, at ...

Google Google LLC (, ) is an American multinational corporation and technology company focusing on online advertising, search engine technology, cloud computing, computer software, quantum computing, e-commerce, consumer electronics, and artificial ...

Android Android most commonly refers to: *Android (robot), a humanoid robot or synthetic organism designed to imitate a human * Android (operating system), a mobile operating system primarily developed by Google * Android TV, a operating system developed ...

) track and store users' position information, so that movements for months or years can be determined by examining the phone. The U.S. Government also has access to cellphone surveillance technologies, mostly applied for law enforcement.

Landlines

Analogue landlines are not encrypted, it lends itself to being easily tapped. Such tapping requires physical access to the line which can be easily obtained from a number of places, e.g. the phone location, distribution points, cabinets and the exchange itself. Tapping a landline in this way can enable an attacker to make calls which appear to originate from the tapped line.

Anonymous Internet

Using a

third party Third party may refer to: Business * Third-party source, a supplier company not owned by the buyer or seller * Third-party beneficiary, a person who could sue on a contract, despite not being an active party * Third-party insurance, such as a veh ...

system of any kind (payphone, Internet cafe) is often secure, however if that system is used to access known locations (a known email account or 3rd party) then it may be tapped at the far end, or noted, and this will remove any security benefit obtained. Some countries also impose mandatory registration of Internet cafe users.

are another common type of protection, which allow one to access the net via a third party (often in a different country) and make tracing difficult. Note that there is seldom any guarantee that the

plaintext In cryptography, plaintext usually means unencrypted information pending input into cryptographic algorithms, usually encryption algorithms. This usually refers to data that is transmitted or stored unencrypted. Overview With the advent of comp ...

is not tappable, nor that the proxy does not keep its own records of users or entire dialogs. As a result, anonymous proxies are a generally useful tool but may not be as secure as other systems whose security can be better assured. Their most common use is to prevent a record of the originating IP, or address, being left on the target site's own records. Typical anonymous proxies are found at both regular websites such as Anonymizer.com and spynot.com, and on proxy sites which maintain up to date lists of large numbers of temporary proxies in operation. A recent development on this theme arises when wireless Internet connections ("

Wi-Fi Wi-Fi () is a family of wireless network protocols based on the IEEE 802.11 family of standards, which are commonly used for Wireless LAN, local area networking of devices and Internet access, allowing nearby digital devices to exchange data by ...

") are left in their unsecured state. The effect of this is that any person in range of the base unit can

piggyback Piggyback, piggy-back, or piggybacking may mean: Transport * Piggyback (transportation), something that is riding on the back of something else Art, entertainment, and media * Splash cymbal piggybacking, mounting a cymbal on top of an already ...

the connection – that is, use it without the owner being aware. Since many connections are left open in this manner, situations where piggybacking might arise (willful or unaware) have successfully led to a defense in some cases, since it makes it difficult to prove the owner of the connection was the downloader, or had knowledge of the use to which unknown others might be putting their connection. An example of this was the Tammie Marson case, where neighbours and anyone else might have been the culprit in the sharing of copyright files. Conversely, in other cases, people deliberately seek out businesses and households with unsecured connections, for illicit and anonymous Internet usage, or simply to obtain free

bandwidth Bandwidth commonly refers to: * Bandwidth (signal processing) or ''analog bandwidth'', ''frequency bandwidth'', or ''radio bandwidth'', a measure of the width of a frequency range * Bandwidth (computing), the rate of data transfer, bit rate or thr ...

Programs offering more security

Secure instant messaging Instant messaging (IM) technology is a type of synchronous computer-mediated communication involving the immediate (real-time) transmission of messages between two or more parties over the Internet or another computer network. Originally involvin ...

– Some instant messaging clients use

end-to-end encryption End-to-end encryption (E2EE) is a method of implementing a secure communication system where only communicating users can participate. No one else, including the system provider, telecom providers, Internet providers or malicious actors, can ...

with

forward secrecy In cryptography, forward secrecy (FS), also known as perfect forward secrecy (PFS), is a feature of specific key-agreement protocols that gives assurances that session keys will not be compromised even if long-term secrets used in the session ke ...

to secure all instant messages to other users of the same software. Some instant messaging clients also offer end-to-end encrypted file transfer support and group messaging. *

VoIP Voice over Internet Protocol (VoIP), also known as IP telephony, is a set of technologies used primarily for voice communication sessions over Internet Protocol (IP) networks, such as the Internet. VoIP enables voice calls to be transmitted as ...

– Some VoIP clients implement

ZRTP ZRTP (composed of Z and Real-time Transport Protocol) is a cryptographic key-agreement protocol to negotiate the keys for encryption between two end points in a Voice over IP (VoIP) phone telephony call based on the Real-time Transport Protocol ...

and SRTP encryption for calls. * Secure email – some email networks are designed to provide encrypted and/or anonymous communication. They authenticate and encrypt on the users own computer, to prevent transmission of plain text, and mask the sender and recipient.

and I2P-Bote provide a higher level of anonymity by using a network of anonymizing intermediaries, similar to how

works, but at a higher latency. *

IRC IRC (Internet Relay Chat) is a text-based chat system for instant messaging. IRC is designed for group communication in discussion forums, called '' channels'', but also allows one-on-one communication via private messages as well as chat ...

and web chat – Some IRC clients and systems use client-to-server encryption such as SSL/ TLS. This is not standardized.

Criminal use

Several secure communications networks, which were predominantly used by criminals, have been shut down by law enforcement agencies, including:

EncroChat EncroChat was a Europe-based communications network and service provider that offered modified smartphones allowing encrypted communication among subscribers. It was used primarily by organized crime members to plan criminal activities. Polic ...

, Sky Global / Sky ECC, and

Phantom Secure Phantom Secure was a Canadian company that provided modified secure mobile phones, which were equipped with a remotely operated kill switch. After its shutdown, criminal users fled to alternatives including ANOM, which turned out to be a honeypot ...

. In September 2024 Eurojust, Europol, and law enforcement agencies from a number of countries took down a secure communication service used for organized crime. The encryption network was operated by equipment and personnel in Sweden, Ireland, the Netherlands, France, Spain, Italy, Australia, and Canada.

References

External links

* {{DEFAULTSORT:Secure Communication Secret broadcasting Internet privacy Espionage techniques