Contents Page

1Final Programme

Government Initiatives to Promote Secure Transactions on the InternetCHENG Y.C. 3

From Encryption to Electronic TransactionsLEUNG C.K. 14

Defence against ButTer Overflow ExploitsPOON Michael 25

Biometrics Security for E-commerce: Today and Its FutureWONG Lawrence Y.L. 37

Securing and Managing Online Communications StreamsTSANG Daniel 47

IP VPN SecurityHAISSAGUERRE Eric 63

Learning from VBS/LoveLetter and Other Malware ThreatsDYER Allan 78

Digital Certification Applications in E-commerceCHUNG Michael 84

Security and Control for Internet BankingHUI VIncent 109

Scorecard for Online Authentication TechnologiesLAU Gabriel 117

Computer CrimeBAILEY Paul

From Encryption to Electronic Transactions

C.K. LEUNG

Assistant Professor,Centre for Multimedia Signal Processing, EIE Department,

The Hong Kong Polytechnic University

Dr. C.K. Leung obtained his BSc(Eng), MPhil, and PhD degrees from the Departmentof Electrical & Electronic Engineering, University of Hong Kong. He is now anAssistant Professor in the Department of Electronic & Information Engineering, TheHong Kong Polytechnic University. His research interests include imagesegmentation with applications of information theory, computer security, and fastpacket/cell scheduling. His teaching activities include data communications, computernetworking, and computer security. He is a member of the Hong Kong Institution ofEngineers, a Chartered Engineer, and a member of the Institution of Electrical

Engineer.

14

From Encryption to Electronic Transactions

C.K. Leung, BSc. MPhil. PhD. CEng. MIEE. MHKIEAssistant Professor

Centre for Multimedia Signal ProcessingEIE Department. The Hong Kong Polytechnic University.

Email: enchikin@inet.polyu.edu.hk

Key TermsEncryption, Public Key Infrastructure, Digital Signature, Electronic Transactions.

AbstractCommunication over the Internet plays increasingly important roles for most

people in their daily lives. But it suffers from many security-related problems such aslack of confidentiality and no support for non-repudiation. To solve these problems,encryption techniques in various forms have been used. In private key encryption,the two communicating parties must share a common secret. Hence they must trusteach other. Such a mutual trust relationship is not always possible to maintain in theInternet. In public key encryption, the party who knows how to encrypt does notnecessarily know how to decrypt. There is no need for the two communicatingparties to share a common secret. Hence it is more suitable for the mode ofcommunication over the Internet for electronic commerce applications. Based onpublic key encryption, digital signature can be implemented. To promote the use ofpublic key encryption among a large number of users, the problem of propagation oftrust needs to be solved. This is achieved by setting up a Public Key Infrastructure(PKI). Traditional laws do not have provisions for recognizing electronic documentsand digital signatures. To' solve this problem new laws have to be adopted to grantlegal status to such new media of communication. Hong Kong has just implementedthe Electronic Transactions Ordinance to recognize the legal status of electronicdocuments and digital signatures. This paper reviews the private key and public keyencryption techniques, digital signature techniques, the features of a PKI, and theHong Kong experience in developing new laws to support electronic transactions.

I. IntroductionWith the increasing use of the Internet as a means of communication and as a

platform of various applications, the need of secure communication becomes more andmore obvious. By secure communication, we mean communication withconfidentiality, non-repudiation, authenticity, and privacy. To communicate betweentwo parties with confidentiality, one has to prevent any third party from knowing themessage contents being exchanged. A common approach to achieving confidentialityis to hide the message, the communication channel, or the entire communicationprocess from the potential adversaries. Another approach is to make thecommunication system private so that it is under the sole control of the communicatingparties. Shannon, a pioneer in information theory and theoretical secrecy, classifiedthese two approaches as "concealment systems" and "privacy systems", respectively[SHA93]. These two approaches are only useful when secret communication channelsare available, when the number of the users of the system is relatively small, or whenthe users themselves are he system designers. If the communication process involvespublic channels and a large number of users and system operators, concealment and

15

privacy systems cannot afford much secrecy and hence is not practical forcommunication with confidentiality by the general public.

To provide confidentiality services to the general public at an affordable price, thesystems must be marketed as a commercial commodity. The system designers andimplementers must be separated from the end users. The degree of confidentialitycannot rely on the secrecy of the system design and implementation. It is the end userwho would control the secrecy of the communication process and the controlprocedure should be simple and effective. These requirements can be met by applyingencryption techniques, which are categorized into "private key" (or "symmetric key")

and public key (or "asymmetric key) encryption.Private key encryption is effective for secret communication between two parties

who know each other, trust each other, and share some secret before actualcommunication takes place. Obvio~ly such requirements are not easily met bycommunication over the Internet. In contrast, public key encryption can support secretcommunication between two parties who are strangers to each other and who may nottrust each other. Other security services such as digital signature and communicationwith non-repudiation can also be supported by public key encryption. However, publickey encryption has its own problems. First, the encryption and decryption process ismuch slower than private key encryption. Second, there is the problem of propagationof trust among all communicating parties.

When it comes to serious applications over the Internet, such as electronictransactions involving millions of dollars, solving the technical problems is notenough. There is the need to legally recognize electronic documents exchanged duringa transaction, and to make them admissible to court in case disputes arise.

The organization of this paper is as follows. In section II we will discuss theterminologies and features of private key encryption. In section III we discuss detailsof public key encryption and digital signature. In Section IV we discuss the issues of apublic key infrastructure. In Section V, we discuss the recently enacted ElectronicTransactions Ordinance in Hong Kong and the related issues that come with thedeployment of a large-scale public key infrastructure. To cater for the widest spectrumof readers, the treatment of this paper will be tutorial and qualitative.

II. Private Key EncryptionFor the purpose of illustration, an encryption system can be represented in Fig. 1.

A user transforms a piece of message, called the "plaintext", to a "ciphertext" by theuse of an encryption process and a controlling parameter called a "key", Kl. Thisprocess is called "encryption". The ciphertext is a string of meaningless messages.There is a reversible process through which the ciphertext can be transformed back tothe original plaintext. The reverse transformation is called decryption. The decryptionprocess is also controlled by a key, K2. If the Kl and K2 are the same, this is called aprivate (or symmetric) key system. If the Kl and K2 are different, the system is calleda public (or asymmetric) key system. Public key encryption will be discussed indetails in next section.

Fig. Encryption and Decryption

16

The secrecy of the encryption system only lies in the uncertainty of choosing akey, but not in the details of the encryption and decryption processes. Someone mayargue that by keeping the details of the encryption and decryption processes secret thedegree of the secrecy can be made higher. In practice this is not the case due to threereasons. The first is that there may be some design flaws inherent in a particularencryption algorithm. If the details of the algorithm are kept as secret the public maynot be able to scrutinize them to uncover such flaws. Subsequently any body whoknows the details of the algorithm would have an advantage over all other users interms of breaking the ciphertext generated by the algorithm. Good encryptionalgorithm can resist comprehensive analysis and still maintains its secrecy eventhough the details of operation are made known to the public. An example of a goodencryption algorithm is the Data Encryption Standard (DES) [DES??]. This algorithmhas been analyzed by many crypto-experts and yet still maintains its strength [ELI93].The second reason is that if an encryption system is to be marketed as a commercialcommodity, the production process would invariably involve many different parties.It would be very difficult, if not impossible, to keep the encryption process a realsecret. The third reason is related to implementation. If the encryption process is to beimplemented in software, it is relatively easy to reverse engineer the program codes touncover the details of the process. A possible way to prevent reverse engineering isput the codes into a piece of temper-resistant hardware. But this approach suffersfrom relatively high costs and lacks flexibility.

There have been much efforts made in breaking codes [KIP99]. Let us investigatehow an adversary can get the original plaintext from the ciphertext without knowingwhich key has been chosen for encryption. If the adversary can do this, we say thatthe ciphertext is "broken". It is assumed that the third party knows the details of theencryption process, all possible keys, and the statistical properties of the plaintext. Ifthe adversary gets a pair of plaintext and ciphertext for a particular communicationsession, he may try all possible keys to encrypt the captured plaintext until theencrypted message matches the captured ciphertext, and then the key is found.Thereafter the adversary can use the key to decrypt subsequent messages that areencrypted with the same key. So for secure communication with encryption, it wouldbe a good habit to change the key frequently.

If only the ciphertext is captured but, the adversary may detennine the key in thefollowing approach. Based on all information about the encryption system, theadversary can calculate the "probability that the plaintext is X given the capturedciphertext is Y and the key is Z". If it is found that the probability that "plaintext=M,ciphertext= Y, key=K" is 1, then the ciphertext is broken.

The third possibility is that the adversary may know that the plaintext is from aparticular language, say English, and the adversary knows this language structurewell. The adversary may try all possible keys to decrypt the ciphertext until thedecrypted text confonns to that language structure (e.g. all words are English, allsentences are grammatically correct, the entire message is meaningful). If there isonly one such decrypted text after all keys have been tried, the ciphertext is broken.

The probability calculating method is largely theoretical and is seldom used inpractice to break a ciphertext since it is very difficult to calculate the probabilities.The other two methods are examples of "brute force" attack, which are very popular.The effectiveness of these methods depends on whether all the keys can be tried in areasonable time. From this point, it is easily seen that there is no absolute secrecy foran encryption system. With a total of N possible keys, the encryption system onlyputs the adversary in a position O.5N times worse than a legitimate user on average.

17

For instance, if it takes I second for a legitimate user to decrypt a message and thenumber of possible keys is 1000, an adversary might have to spend an average of 500seconds to break the system if the adversary has got a plaintext-ciphertext pair. Withthe availability of high-speed computers nowadays, a very large number of keys isnecessary to put an adversary in a sufficiently difficult position to decrypt themessages when compared to the legitimate user. There are examples that specializedhardware is built to break an encryption system and the only counter measure is toincrease the number of possible keys [EFF98].

For private key encryption, the same key will be used both for encryption anddecryption. A consequence of this feature is that the party who encrypts a messagewill know how to decrypt it, and vice versa. This feature makes private keyencryption unsuitable for communication between two parties who do not trust eachother. Suppose Alice sends an encrypted message "I owe Bob ten dollars" to Bob. IfAlice denies having composed the encrypted message, it will be very difficult for Bobto prove to a third party that the encrypted message is indeed created by Alice but notby Bob himself. In this respect, private key encryption cannot support non-repudiation. Private key encryption is being used widely despite this short-comingsince it is efficient and good encryption algorithms are available. Examples of popularprivate key encryption systems are the Data Encryption Standard [DES??] and theInternational Data Encryption Algorithm [IDE93].

III. Public Key EncryptionAs has been discussed in the previous section, private key encryption is limited to

communication between mutually trusted parties since both parties share a key. Itwill be difficult for a third party to decide who has actually generated an encryptedmessage in case dispute arises. With the invention of public key encryption [DIF76],this limitation is removed.' A public key encryption system is depicted in Fig. 1 if Klis different from K2. Without loss of generality, we may assume that a key can beused for both encryption and decryption. To illustrate the operations of the publickey encryption system, we may assume that a user Alice generates a pair of key Kland K2 according to the public key encryption algorithm (e.g. the RSA algorithm),and then passes out K2 to the public while keeping Kl secret. K2 is Alice's publickey and Kl is her private key. Different modes of communication are possible withthe use of the private key and the public key [SAL96].

(A) Communication with ConfidentialityAnyone who knows Alice's public key can communicate with her with

confidentiality. Bob may send encrypted messages to Alice by using K2, Alice'spublic key, as the encryption key. On reception of the encrypted message, Alice candecrypt the ciphertext by using her private key KI. No other user can decrypt theciphertext since they do not know Alice private key. If a two-way communication isneeded, Alice may send encrypted messages to Bob by using Bob's public key toencrypt the messages to be sent. The basic requirement is that all communicatingparties should know each other's public key. However, communication withconfidentiality is seldom achieved by using public key encryption directly since theencryption speed will be quite slow. A mixture approach is usually used. Public keyencryption is employed to negotiate a session key between the two communicatingparties. Subsequently private key encryption is used to encrypt messages to beexchanged by the negotiated session key.

18

(B) Communication with non-repudiationAnother mode of operation is that Alice uses her private key Kl to encrypt

messages and sends them to Bob. When Bob receives the encrypted messages, he candecrypt them using Alice's public key and obtain the plaintext. Since anyone who hasAlice's public key can decrypt the ciphertext, this mode of communication cannotafford confidentiality. The encryption process can support non-repudiation. Bob canprove to a third party by presenting both the ciphertext and the decrypted plaintextthat the encrypted message is indeed created by Alice and no one else since onlyAlice knows the private key Kl, which must have been used to generate theciphertext, otherwise the ciphertext cannot be decrypted by K2. In this case,encrypting a message by Alice's private key is equivalent signing it. In practicedigital signature is not generated in this way since public key encryption is usuallyquite slow and it would not be efficient to encrypt the entire message just forsignature purposes. An alternative scheme is more widely used. This scheme makesuse of a kind of function called "hash function" in addition to public key encryption.

(C) Digital SignatureA hash function operates on a message with arbitrary length to generate a much

shorter fixed length "message digest". The message digest plays the role of the"finger print" of the original message. A cryptographic hash function should have thefollowing properties. First, the details of the hash function could be made known tothe public. Second, if the original message is modified slightly, the message digestshould change substantially. Third, it should be very difficult to "invent" a messagethat has the message digest same as a given one. Fourth, it should be very difficult tofigure out two different messages that have the same message digest. An example ofsuch a hash function is the MD5 algorithm [RFCl32l].

With the use of a cryptographic hash function, Alice can sign an electronicdocument in the following ways. Firstly Alice applies the message to a hash functionto obtain the message digest. Secondly she encrypts the message digest with herprivate key Kl to generate the digital signature. Finally Alice packs the digitalsignature together with the original message and transmits the whole package (i.e.the signed document) to Bob. On receiving the package, Bob can verify Alice'sdigital signature in the following ways. Firstly Bob takes out the digital signature anduses Alice's public key to decrypt it to recover the message digest. Secondly Bobruns the message through the same hash function to obtain the message digest. Themessage digest generated by Bob is compared to the recovered message digest. Ifthey are identical, Alice's signature is verified. The entire operation of the digitalsignature scheme is shown in Figs. 2a and 2b.

IV. Public Key InfrastructureWith the use of digital signatures, communication in the Internet can be made

trustworthy. For instance, suppose Bob has downloaded a program from a web site ina trial-and-buy exercise. If the software vendor digitally signs the program, Bobknows that the program he has downloaded is really the program developed by thesoftware vendor and has not been modified after the vendor has signed it. Bob canfeel confident in running the program without the fear that it has been modified in anunauthorized way (e.g. contaminated by a virus).

A major problem with public key encryption is that if Bob gets Alice's publickey to verify documents signed by Alice, Bob must be sure that this key is reallyAlice's public key but not someone else's. For a small community of users who

19

know and trust each other, the public key distribution problem is relatively easy tosolve. For instance if Bob knows Alice personally and a face-to-face meeting ispossible, Alice may write down her public key in a piece of paper and passes it toBob. But for communication in the Internet, such kind of convenience is not alwayspossible. Maybe Bob and Alice only have the first encounter in the course of anelectronic transaction; or maybe it is extremely difficult for them to meet face to facedue to great physical distance of separation. For a large community of public keyencryption user, the distribution of the public keys in a reliable manner is the majorproblem. This problem can be solved by having a "trusted third party (TTP)" to actas the central point of exchanging public keys for all users.

Fig. 2a Digital signature generation

I t Signed message received by Bob

Verificationresult

L j'---l decrypt

tAlice's public key

Fig. 2b Digital signature verification

(A) Trusted Third Parties and Certification AuthoritiesA TTP is a third party that all users of the public key encryption system trusts. A

TTP is a third party because it is not involved in the transactions among the users,hence can act impartially. The users are confident in depositing their public keys inthe TTP. They are equally confident in retrieving public keys from it. Hence the TTPcan act as a central repository for the storage and delivery of public keys.

The next problem is how a TTP can distribute the public keys securely. It is tobe noted that a public key is designed to be circulated as widely as possible. In thisrespect, there is no question of confidentiality about the public keys. However, apublic key should never be modified after it is generated. For instance, if Alicegenerates her public key and deposits it at a TTP, this key should never be changedotherwise someone may impersonate Alice to receive encrypted message or to

20

l

generate Alice's digital signature. A method to protect a public key is to sign it bythe TTP. Since a public key is only a string of numbers, it would be more useful toinclude some related information (such as the user's identity, or the validity period ofthis public key) when the public key is delivered to other users. The public key andthe related information constitute a document called a "certificate", which is signedby the TTP. Hence a TTP is also called a "certificate authority", or a "certificationauthority" (CA) since its major function is to handle the certificates of the users.

(B) Public Key InfrastructureIf Bob gets Alice's certificate from a Certification Authority (CA), and if Bob

knows the CA's public key, Bob can verify Alice certificate. If the Alice's certificateis a genuine one, Bob can then retrieve Alice's public key from the certificate. WithAlice's public key at hand, Bob can verify any document that claims to have beensigned by Alice. Bob can also send encrypted messages to Alice with Alice's publickey as the encryption key. Such an arrangement is illustrated in Fig. 3.

Fig. 3 A Certification Authority and Its Subscribers

If Bob and Alice always communicate with each other, Bob can downloadAlice's certificate from the CA once and then store for future use. This eliminates theneed of interrogating the CA every time Bob communicates with Alice and verifiesAlice's signature. However, since there is the possibility that someone's private keyis lost, forgotten, or compromised in some ways, there must be a provision for theusers to revoke his or her certificate before it reaches its expiry date. For thispurpose, the CA would publish a Certificate Revocation List (CRL) to inform allusers which certificates have been revoked. If Bob needs to verify Alice's signature,Bob must check the CRL to determine whether Alice's certificate is still valid. If itis, then Bob can use Alice's public key to verify the signature. It is the requirementof checking the CRL that makes digital signature verification an on-line process.

In a large community, there may exist many CA's, and a particular CA (CA1)may deposit its own public key to another CA (CAZ). CA2 may sign and then issue acertificate to CA 1. In this manner, all the CA' s may form a "web of trust"interlinking each other and a public key infrastructure (PKI) is formed [ADA99]. Anexample of a PKI is as shown in Fig. 4.

21

CAI

)\

/ \ /..

Issuance of~p.rtifi('.~tP.

Fig. 4 A Public Key Infrastructure

(C ) Propagation of TrustIn Fig. 4, if Bob needs to verify Alice's signature, he has to get certificates of

CA6, CAt, CA2, and CA5. Because CA5 issues a certificate to Bob, Bob can trustCA5. Similarly, Bob can trust CA2, CAt, and CA6, and finally Bob can trust Alice'scertificate issued by CA6. Such a web of trust is very useful for a large community ofusers to communicate with each other.

A problem remains when it comes to using a CA' s public key to verify thecertificates it issues. How can Bob obtain CA5's public key, as for the PKI in Fig. 4?If CA5's public key is contained in CA5's certificate, who is going to sign thiscertificate? If another CA signs it, the problem becomes "how can Bob obtain thatCA's public key". It is evident that such questions are endless and there is need ofroot of trust in a PKI. In practice, that Bob can trust the public key of CA5 in Fig. 4is taken for granted because CA5 issues certificate to Bob. But the technical problemis that if CA5's public key is delivered to Bob electronically, it must be protected bya certificate and this certificate must be signed by someone. In some practicalexamples such a certificate is "self-signed", i.e. CA5 signs its own certificate anddelivers it to Bob. Technically speaking a self-signed certificate does not have anysecurity afforded by a digital signature scheme since everyone who has got a publickey and private key pair is able to generate a self-signed certificate, and claims it tobe CA5's self-signed certificate. If a CA has been in operation for a long time and itspublic key is widely known, and can be verified from different sources, the problemof root of trust does not exist. Bob can easily get CA5's public key which he thinks istrustable. Of course this only works for careful users. If a careless user downloads aCA's self-signed certificate from a vicious web site and relies on the public key toverify certificates of other users, he may be at risk because that self-signed certificatemay not contain the genuine public key of the CA in question.

V. Electronic Transactions Ordinance in Hong KongAs part of the Digital 21 initiative, Hong Kong has started to introduce new laws

to facilitate electronic transactions in 1999. An Electronic Transactions Bill was

22

issued for public consultation. In March 2000 the Bill was passed and enacted as theElectronic Transactions Ordinance (ETO).

The ETO is modeled closely after the UNCITRAL Model Law on ElectronicCommerce [UN96]. The purposes of the ETO are several. The first is to grant legalstatus to electronic documents in a way same as their paper-based counterparts. Thesecond is to define digital signature in terms of the public key encryption and hashfunction model, to grant legal recognition status to digital signatures, and to makethem admissible to Court if they are signed by users who have subscribed to arecognized Certificate Authority (RCA) for a digital certificate. The RCA scheme isa voluntary scheme only. It is not forbidden to operate a CA business in Hong Kong.A CA can apply for recognition from the Director of Information TechnologyServices Department voluntarily. Once recognition is granted to a CA, the digitalsignatures of its subscribers will be admissible to court. In order to gain recognitionby the Government, a CA has to operate in a trustworthy manner fulfilling therequirements laid down in a Code of Practice. In order to have a quick start-up of thePKI in Hong Kong, the ETO grants RCA status to Hongkong Post.

A point to note is that the ETO does not cover encryption. This is understandablebecause the major aim of the ETO is to help flourish electronic commerce. In thisrespect the need of legal recognition for electronic documents and digital signature ismore urgent than the need to promote encryption services for the general public.Furthermore, encryption is a very sensitive issue because the widespread use ofstrong encryption methods for everyday communication has always pros and conswhen privacy and law enforcement are concerned. Tension can have been createdbetween a Government and the civilians when such pros and cons are discussed[HOF95, WHI98]. It will be a good idea to avoid the issue of encryption when a lawfor electronic transactions is to be formulated.

Apparently the root of trust problem has not been solved by the ETO. Anexample case will make this clear. Suppose Bob receives a document signed byAlice, and Alice is a subscriber to a recognized CA. This document is admissible tocourt. When Bob presents the signed document and Alice's certificate, Bob has toprove that Alice's certificate is indeed signed by the recognized CA. Hence Bobneeds the public key of the recognized CA. But it is unclear who would sign therecognized CA's certificate. To solve this problem, it was once suggested that thepublic key of a recognized CA be published in the Hong Kong Government Gazette,as a formal and legal announcement of the public key. But this approach has not beentaken. It remains to be seen how a user can prove to a third party that the public keyof a particular recognized CA does indeed correspond to that recognized CA.

Despite this minor issue, the ETa represents a quick and major step Hong Konghas taken to promote electronic commerce and put electronic transactions on aformal and legal platform.

VI. SummaryIn this paper, we have presented a qualitative description of private key and

public encryption, digital signature, public key infrastructure, and Hong Kong'sElectronic Transaction Ordinance. With the applications of public key encryptiontechniques, digital signature techniques, and with legal recognition granted to thestatus of electronic documents and digitally signatures, communicating and doingbusiness over the Internet can be more convenient and secure. All these factors willhelp cultivate electronic commerce.

23

AcknowledgementThe author acknowledges the support received from the Centre for MultimediaSignal Process (CMSP), The Hong Kong Polytechnic University, in preparing this

paper.

References

[ADA99] Adams, Carlisle, Understanding public-key infrastructure: concepts,standards, and deployment considerations, Macmillan Technical Pub,Indianapolis, 1999.

National Bureau of Standards, Data Encryption Standard, U.S,Department of Commerce, FIPS pub. 46, January 1977.

[DES??]

Diffie, W. and M. Hellman, "New Directions in Cryptography", IEEETransactions on Infonnation Theory, 22 (1976): 644-654.

[DIF76]

Electronic Frontier Foundation, Cracking DES: secrets of encryptionresearch, wiretap politics & chip design, O'Reilly & Associates, Inc.,Washington, D.C, 1998.

[EFF98]

Eli Biham and Adi Shamir, Differential Cryptanalysis of the DataEncryption Standard, Springer-Verlag, New York, 1993.

[ELI93]

Hoffman, Lance J., Building in big brother: the cryptographic policydebate, Springer-Verlag, New York, 1995.

[HOF95]

International Data Encryption Algorithm, USA patent 5214703, 1993,Description can be found at the web-site

http://www.ascom.ch/infosec/idea.html

[IDE93]

Kippenhahn, Rudolf, Code breaking: a history and exploration,Overlook Press, Woodstock, N.Y., 1999.

[KIP99]

Rivest, R., "The MD5 Message-Digest Algorithm." Internet Requestfor Comments 1321, 1992.

[RFC1321]

Salomaa, Alto, Public-key cryptography, 2nd ed., Springer, New York,

1996.[SAL96]

Shannon, C.E., "Communication Theory of Secrecy Systems",reprinted in Claude Elwood Shannon: collected papers, Institute ofElectrical and Electronics Engineers, New York, 1993.

[SHA93]

United Nations, UNCITRAL Model Law on Electronic Commercewith Guide to Enactment, United Nations, 1996.

[UN96]

Diffie, Whitfield, Privacy on the line: the politics of wiretapping andencr}'ption, Mff Press, c 1998.

[WHI98]

24