Anonymous
2009-04-28 22:55:12 UTC
Registering "Assault Keys" -- How the Proposal to Register Encryption
Keys Has Ominous Parallels to Gun Control
The recent proposal that encryption keys be registered with the
government has some natural and terrifying implications. (For those to
whom this proposal is new, strange, or disturbing, please see the
debate raging mainly in the newsgroup "sci.crypt".)
Once the principle is established that private communications,
letters, faxes, modem transmissions, etc. must be in a form
readable--under court order, as Dorothy Denning's proposal goes--by
the government, and that "public key encryption" keys must be
registered with the authorities, then we can expect the following:
* _Classes_ of encryption keys, with some especially strong (in a
cryptograhic sense) keys being declared "assault keys," just as
certain classes of semiautomatic rifles have been branded "assault
weapons" and subjected to media villification and even confiscation by
the authorities. In analogy with firearms, there may be "Class 1"
dealers in "dangerous" keys.
* There may even be _bans_ on the registration (and hence use) of
certain classes of algorithms and key lengths. For example,
"civilians" may be allowed to use DES, but not RSA. Or the key length
may be restricted in various ways.
* Strict controls over the types of algorithms allowed. After all,
what use will a key be if the government can't run the algorithm?
This, by the way, will be another way to control the spread of
encryption technology: if only licensed, inspected, and approved
algorithms are acceptable to the key registration authorities,
innovation and experimentation will suffer. This may make RSA Data
Security, Inc., very happy, as it may get the "franchise," while users
of bootleg/contraband/experimental algorithms like PGP 2.0 ("Pretty
Good Privacy") face severe sanctions.
* Spot checks will have to be done to ensure compliance. This may be
done in various ways, such as by randomly checking bitstreams and
demanding the sender open the message. (Note: Many have posted that
this would not be possible. Untrue. The Rehnquist Supreme Court ruled
a couple of years ago that the police could enter a bus and ask the
passengers to "voluntarily" accept a search of their baggage. Failure
to volunteer, so reasoned the court, constituted probable cause for a
search! "Catch-22" meets "1984.")
* The penalties for noncompliance, or for hiding encrypted messages
inside other messages, will likely be severe, else widespread civil
disobedience and claims of "ignorance" will result. (Personally, I
_expect_ widespread noncompliance. Many people will even flaunt their
noncompliance, encrypting truly innocuous messages that few courts,
they will hope, will convict them for. Here in California, the
noncompliance rate for registration of those evil "assault weapons" is
estimated to be as high as 80%.)
(My best guess is that the "RICO" (Racketeer-Influenced and Corrupt
Organizations Act) and civil forfeiture approaches will be used to
simply seize the equipment of anyonone caught sending messages without
the suitable seals of approval. Such seizures, used with suspected gun
sellers, suspected X-rated video sellers, suspected drug dealers. and
so on, have had a profoundly chilling effect.)
* A registration system, even if well-intentioned and secured against
casual government snooping (and some of the multi-party escrow systems
may help do this), will still _greatly complicate_ the use of encryption
and will forestall certain very exciting applications of cryptology.
Many of the new proposals, for things like anonymous credentials to
protect privacy, for digital cash, and for cryptographic voting
systems, essentially require the _dynamic_ generation of keys! That
is, keys are generated frequently as part of the protocols...there is
not single static "public key" that one generates once and then takes
down to the crypto equivalent of the DMV for registration.
* As with guns, true criminals will of course ignore these laws.
Computer networks are already being used for messages that evade
wiretaps (as one example, a Mafia guy in New Jersey, on the run, used a
well-known computer service to communicate untraceably with his wife),
that are used for laundering information and money, and so on. Taking
encryption away from citizens will do nothing.
I urge readers to get involved in this debate.
"If encryption is outlawed, only outlaws--and the NSA--will have encryption."
Keys Has Ominous Parallels to Gun Control
The recent proposal that encryption keys be registered with the
government has some natural and terrifying implications. (For those to
whom this proposal is new, strange, or disturbing, please see the
debate raging mainly in the newsgroup "sci.crypt".)
Once the principle is established that private communications,
letters, faxes, modem transmissions, etc. must be in a form
readable--under court order, as Dorothy Denning's proposal goes--by
the government, and that "public key encryption" keys must be
registered with the authorities, then we can expect the following:
* _Classes_ of encryption keys, with some especially strong (in a
cryptograhic sense) keys being declared "assault keys," just as
certain classes of semiautomatic rifles have been branded "assault
weapons" and subjected to media villification and even confiscation by
the authorities. In analogy with firearms, there may be "Class 1"
dealers in "dangerous" keys.
* There may even be _bans_ on the registration (and hence use) of
certain classes of algorithms and key lengths. For example,
"civilians" may be allowed to use DES, but not RSA. Or the key length
may be restricted in various ways.
* Strict controls over the types of algorithms allowed. After all,
what use will a key be if the government can't run the algorithm?
This, by the way, will be another way to control the spread of
encryption technology: if only licensed, inspected, and approved
algorithms are acceptable to the key registration authorities,
innovation and experimentation will suffer. This may make RSA Data
Security, Inc., very happy, as it may get the "franchise," while users
of bootleg/contraband/experimental algorithms like PGP 2.0 ("Pretty
Good Privacy") face severe sanctions.
* Spot checks will have to be done to ensure compliance. This may be
done in various ways, such as by randomly checking bitstreams and
demanding the sender open the message. (Note: Many have posted that
this would not be possible. Untrue. The Rehnquist Supreme Court ruled
a couple of years ago that the police could enter a bus and ask the
passengers to "voluntarily" accept a search of their baggage. Failure
to volunteer, so reasoned the court, constituted probable cause for a
search! "Catch-22" meets "1984.")
* The penalties for noncompliance, or for hiding encrypted messages
inside other messages, will likely be severe, else widespread civil
disobedience and claims of "ignorance" will result. (Personally, I
_expect_ widespread noncompliance. Many people will even flaunt their
noncompliance, encrypting truly innocuous messages that few courts,
they will hope, will convict them for. Here in California, the
noncompliance rate for registration of those evil "assault weapons" is
estimated to be as high as 80%.)
(My best guess is that the "RICO" (Racketeer-Influenced and Corrupt
Organizations Act) and civil forfeiture approaches will be used to
simply seize the equipment of anyonone caught sending messages without
the suitable seals of approval. Such seizures, used with suspected gun
sellers, suspected X-rated video sellers, suspected drug dealers. and
so on, have had a profoundly chilling effect.)
* A registration system, even if well-intentioned and secured against
casual government snooping (and some of the multi-party escrow systems
may help do this), will still _greatly complicate_ the use of encryption
and will forestall certain very exciting applications of cryptology.
Many of the new proposals, for things like anonymous credentials to
protect privacy, for digital cash, and for cryptographic voting
systems, essentially require the _dynamic_ generation of keys! That
is, keys are generated frequently as part of the protocols...there is
not single static "public key" that one generates once and then takes
down to the crypto equivalent of the DMV for registration.
* As with guns, true criminals will of course ignore these laws.
Computer networks are already being used for messages that evade
wiretaps (as one example, a Mafia guy in New Jersey, on the run, used a
well-known computer service to communicate untraceably with his wife),
that are used for laundering information and money, and so on. Taking
encryption away from citizens will do nothing.
I urge readers to get involved in this debate.
"If encryption is outlawed, only outlaws--and the NSA--will have encryption."
--
.........................................................................
Timothy C. May | Crypto Anarchy: encryption, digital money,
***@netcom.com | anonymous networks, digital pseudonyms, zero
408-688-5409 | knowledge, reputations, information markets,
W.A.S.T.E.: Aptos, CA | black markets, collapse of governments.
Higher Power: 2^756839 | PGP 2.0 and MailSafe keys by arrangement.
.........................................................................
Timothy C. May | Crypto Anarchy: encryption, digital money,
***@netcom.com | anonymous networks, digital pseudonyms, zero
408-688-5409 | knowledge, reputations, information markets,
W.A.S.T.E.: Aptos, CA | black markets, collapse of governments.
Higher Power: 2^756839 | PGP 2.0 and MailSafe keys by arrangement.