George Orwell
2009-05-07 04:50:32 UTC
Still will stand out for traffic analysis purposes, however.
The analysis of this point demands a much closer consideration of how manypeople are using old vs. new crypto.
Consider just a few scenarios:
Scenario 1: By 2005, 99% of users have adopted Big Brother Inside crypto.
The remaining 1% consist of tired old Cypherpunks and ACLU diehards. The
FBI and NSA tag these messages and compile contact dossiers.
(This is the most favorable scenario for the government, but even it fails
to stop that 1% from communicating securely. And of course the traffic
analysis goals are partly thwarted by the use of remailers. I am assuming
remailers remain legal. If not legal in the U.S., surely legal somewhere in
the world. A familiar argument.)
Scenario 2: By 2005, an explosion of packet encrypters, bundlers of
packets, SWAN-type link encryption, and so on have been deployed. Packets
are flowing zillions of ways, as mixtures of frame relay, ATM, and all
sorts of data types. PipeNet systems are running constant-bandwidth
connectons between sites. A plethora of crypto systems are being used.
Government has attempted to mandate escrowed encryption for "new" crypto,
but a variety of "old" crypto remains legal for use in encrypting links, in
using with remailers, etc. The FBI and NSA find that 80% or more of all
traffic they try to intercept (*) is encrypted in ways they can't decipher.
Even if the citizen-units are being good sheeple and are using approved
escrow crypto, other crypto is hiding their packets.
(* By the way, as a sidenote, apparently lost in this debate about approved
crypto is the whole issue of the legality of FBI and NSA sniffing of
packets. We all know that UKUSA- and Echelon-type sniffing and surveillance
goes on, even though the NSA is ostensibly barred from domestic
surveillance, but the whole enforceability of a ban on unescrowed new
crypto will essentially require widespread sniffing of packets to ensure
compliance. As some packets will be in plaintext, does this not equate to
government reading e-mail? This surely is a major topic for discussion once
the escrowed crypto legislation is proposed.)
It is this compliance sniffing argument we made some years back, with
someone's immortal, "Use a random number, go to jail" line.
Scenario 3: Widespread use of wrappers. Or "superencryption." To forestall
traffic analysis, escrowed crypto is used. But the contents are
superencrypted with PGP or somesuch. If PGP remains legal to use, then such
superencryption surely cannot be illegal (as that would be mandating the
form of speech within a message, barred by the First). (This scenario would
not be ideal for all uses, as contact tracing would still be a concern.
Lots of issues here.)
Scenario 4: To thwart traffic analysis and monkeywrench escrowed
encryption, Cypherpunks and others grossly expand the use of "still legal"
old crypto. Sort of like PipeNet, with scripts used to send cover messages
to other users, to randomly selected sites, etc. Sending PGP-encrypted
dummy messages to thousands of public figures, for example. (And it doesn't
really matter what the contents are.)
I concede that sophisticated Bayesian pattern extraction programs can
perhaps still distill useful contact matching data, even out of tens of
thousands of bogus messages, but the practical effect of all this cover
traffic will be to make traffic analysis much more problematic than in,
say, Scenario 1.
And PipeNet sorts of contant-bandwidth systems make traffic analysis iffy.
Also, use of remailers, of course.
These are some of the scenarios. Some overlap. And the likely actual
future, circa 2005, will probably be a mix of several of these scenarios.
One thing is for sure, though: that the vast number of packages containing
crypto today will likely still be in heavy use.
The main point is that in a world with a million or so copies of PGP
already distributed, out on CD-ROMs sitting on thousands of bookshelves,
buried in vast numbers of hard disks, and yet still perfectly usable into
far into the next century (neither 112-128 bit IDEA nor 2048-bit RSA are
likely to be cracked in the next 100 years, barring breakthroughs in math).
This is the dilemma faced by the snoopers. The horse are out of the barn,
and closing the gate now is essentially pointless.
I believe strongly that those most in need in crypto--freedom fighters,
guerilla cells, drug dealers, pornographers, Mormons, Jews, abortionists,
Cypherpunks, etc.--will not be "too dumb" to use some of this "old" crypto.
I'd love to debate David Aaron or Dorothy Denning or William Reinisch in a
public forum on this point.
If I were in charge of making crypto hard to use in the US, I'd focus on
criminalizing the manufacture, sale, or distribution of new UN-escrowed
crypto.
And older crypto? Would you try to make it a felony to give, sell, or lendcriminalizing the manufacture, sale, or distribution of new UN-escrowed
crypto.
a CD-ROM that happened to have one of the millions of copies of PGP on it?
And would you make it a felony for someone to connect to a site in Italy or
Finland and download a crypto program?
(Yet another issue we aren't touching on here, that such laws would of
course have to try to criminalize imports. I grant you that some imports
are already illegal, as we all know so well, so I'm not claiming this is
not the case now. But a tiny little program that fits on a CD-ROM or DAT or
diskette or whatever is a rather hard thing to stop from being imported. As
we all must surely know by heart now.)
I predict that the legal issues regarding old crypto are so tough, and the
gains to LEOs so small in the long run, that they won't bother banning it.
Especially not in phase one.
Since we're discussing hypos, I'd love to hear your speculations about whatgains to LEOs so small in the long run, that they won't bother banning it.
Especially not in phase one.
"Phase Two" might be.
I welcome this discussion. It seems to me that much of the crypto debate
these days is mostly boring recitations of past positions. Those in
government are not even bothering anymore to try to defend their position,
to lay out what the legal safeguards might be.
(Remember all that mind-numbing detail about Clipper, about "LEAF"-fields,
about how many agencies or entities might hold the keys, about the various
fields and subfields within Clipper? As bad as Clipper was, there at least
had been much work put into the logistical and legal issues. Not enough, of
course, as the basic idea fell apart quickly enough, but at least a lot of
detail. Contrast that with the later Clipper 2, 3, and 4 stuff, where fewer
and fewer details emerged. And now we are speculating almost blindly on
what a "crypto ban" might look like. Probably because there really is no
set of Clipper-like details which can get around the basic reality that to
ban unapproved crypto would require police state measures.)
--Tim May
Just Say No to "Big Brother Inside"
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May | Crypto Anarchy: encryption, digital money,
ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets,
Higher Power: 2^3,021,377 | black markets, collapse of governments.
Il mittente di questo messaggio|The sender address of this
non corrisponde ad un utente |message is not related to a real
reale ma all'indirizzo fittizio|person but to a fake address of an
di un sistema anonimizzatore |anonymous system
Per maggiori informazioni |For more info
https://www.mixmaster.it