cypherpunks-legacy
Threads by month
- ----- 2026 -----
- July
- June
- May
- April
- March
- February
- January
- ----- 2025 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1998 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1997 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1996 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1995 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1994 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1993 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1992 -----
- December
- November
- October
- September
- 130025 discussions
17 Dec '03
---------- Forwarded message ----------
Date: Fri, 18 Jul 1997 09:17:52 -0700 (PDT)
From: Declan McCullagh <declan(a)well.com>
To: fight-censorship-announce(a)vorlon.mit.edu
Subject: Brookings Inst. on crypto: "There are reasonable compromises"
Morton's Steakhouse is a true Washington institution. Nestled
in the heart of lawyer country, between K and L streets, the
clientele are well-heeled lobbyists hungry for red meat. Which
is all you'll find at Morton's, where the menu lists a fine
selection of slabs, all thick, bloody, expensive.
I had lunch at Morton's yesterday with a colleague, a fellow
from the NSA, and a gentleman from the armed forces. We
talked Net-regulation, censorship, and hacking. Most of all
we talked encryption, and crypto-compromises. This is a theme
you'll see repeated in this recent policy paper from the
liberal Brookings Institution:
There are reasonable compromises. A useful place to start
is a national cryptography policy... rigorous oversight
and accountability for government access to the keys
needed to intercept and read coded data, negotiation of
an agreement with our close allies on a global encryption
standard, and formation of a government/private sector
oversight body... the basic elements of a reasonable
compromise are now in sight and may yet be achieved...
Current initiatives that would allow export of any
technological solution, of unlimited strength, subject
only to the proviso that an acceptable key recovery
system be maintained with a suitably defined and trusted
party (including self-escrow), are headed in the right
direction...
-Declan
------------------
no. 21
Deciphering the Cryptography Debate
July 1997
By Kenneth Flamm
FOR THE PAST FIVE YEARS, the U.S. government and
America's information industries-producers and users
of computers, communications systems, software,
information services-have been locked in a bitter and
highly technical battle over cryptography policy: the
rules of the game for techniques used to scramble and
unscramble data. Such encryption and decryption is
vital in maintaining the confidentiality of
information (whether business information, financial
transactions, personal medical records, or government
secrets) passing through the exploding web of computer
and communications links joining this nation together.
The hard fought and often arcane debate has come to an
inconclusive and unsatisfactory draw that does little
to deal effectively with any of the conflicting
objectives-civil liberties, economic competitiveness,
law enforcement, and national security-brought to the
bargaining table.
This does not have to be. There are reasonable
compromises. A useful place to start is a national
cryptography policy built around four key
elements-strong cryptography put into wide use, a
strengthened legal framework and electronic logging
system that provides rigorous oversight and
accountability for government access to the keys
needed to intercept and read coded data, negotiation
of an agreement with our close allies on a global
encryption standard, and formation of a
government/private sector oversight body to review
both the overall security of our national information
infrastructure and the voluntary testing and
certification of encryption and security products.
Why Is Cryptography Important?
UNTIL THE MIDDLE OF THIS CENTURY, codemaking and
codebreaking were primarily the concern of governments
protecting diplomatic and military communications.
World War II was a turning point for cryptography. The
first primitive electronic computers were built by the
United States and Britain during that war and used to
break German and Japanese codes. Using technology and
methods that remained closely guarded military secrets
until the late 1970s, the Allies succeeded in building
electronic machines to break the supposedly
unbreakable codes used to encrypt virtually all Axis
radio messages. This allowed the Allies, for example,
to read signals sent by German submarines as they
reported their locations, send forces to destroy them,
and win the vitally important battle for the North
Atlantic shipping lanes.
After the war, U.S. codebreakers continued to play a
central role in the development of the fastest
possible computers of the day, so-called
supercomputers. In the late 1960s, others in the
military funded research into damage-resistant digital
communications networks that gave us the first working
prototype of today's Internet.
As computers and network use also took hold within
business in the 1960s and 1970s, cryptography (mainly
the domain of government in earlier decades)
increasingly began to protect sensitive business
information stored in private sector computers. With
outside computer links through communications networks
growing, the dangers of unauthorized penetration into
sensitive computer databases through these external
ties also multiplied. The financial sector led these
technological changes. As global financial markets,
national banking systems, and local automated teller
machines all went electronic, cryptographic systems
were installed to protect sensitive data coursing
through the digital arteries of finance.
Today, we are teetering at the precipice of an even
wider transformation of the basic infrastructure for
commerce. Telecommunications services, retailing, and
the electric power grid are already organized around
vast computer networks. Multinational companies link
global operations over international networks. By
1999, all U.S. government benefits will be paid
electronically. Doctors will access data and
communicate remotely with patients, businesses will
buy services from consultants, contractors will sell
to government, researchers will provide policy advice,
seminars will be organized-all over computer networks.
Vast savings in time and resources and improvements in
business productivity seem possible. For this leap
forward in our economic infrastructure to be realized,
however, the information running through the system
will have to be authenticated, verified, protected
from unauthorized access, and guarded against witting
or unwitting corruption.
Equally profound changes are going on within the
military establishments whose investments initially
spurred the computer revolution. Our post-Desert Storm
military forces are as dependent on complex
computerized command, control, and communications
networks as commercial industry. The Defense
Department is today groping toward an information
technology-based Revolution in Military Affairs, a
future in which sensors, intelligence databases,
command and control systems, precision munitions, and
smart weapons platforms are seamlessly linked together
in real time to deliver measured military force
swiftly, surely, and over great distances.
In contrast to the situation of forty years ago,
enormous private sector investments are today driving
the engine of information technology, with the
military largely drawing on commercial technology for
its particular variant of the information revolution.
Commercial and military computer and communications
systems-like the core industrial infrastructure
underlying modern military power-are hopelessly
intermingled within the sinews of the U.S. information
economy. A new term, information warfare, explicitly
recognizes that an attack designed to disrupt our
military capability or will to fight is as likely to
target nominally civil infrastructure, like
telecommunications networks, the electric power grid,
the banking system, or air traffic control, as any
purely military system.
Widespread use of effective cryptography to secure and
protect the rivers of data flowing through computer
and communications systems is needed now to enable the
further development of the information infrastructure
for tomorrow's high-tech economy and to protect
military capabilities dependent on that same
information infrastructure.
What Are the Issues?
The heated debate over cryptography policy is
fundamentally driven by rapid technological change.
The price of computing power has been dropping 20 to
30 percent annually over decades now, an order of
magnitude greater than anything measured during the
first great Industrial Revolution of two centuries
ago.
Computing power is used to both make and break codes,
and as the cost of computing power plummets,
cryptographic systems that once offered adequate
protection for data become insecure. By the same
token, however, cheaper computers also make it cost
effective to encrypt data where once it would have
been uneconomic. Paradoxically, then, plummeting
computing costs have both enabled the widespread use
of encryption to defend information security and
increased the ability of moderate to large
organizations (in the private sector and governments)
to afford the computing resources needed to
successfully attack once-capable encryption systems.
To balance these shifting forces, the United States
must grapple with multiple and often conflicting
objectives.
First, there are constitutional issues. On the one
hand, the United States has a well-established
tradition of respect for privacy and civil liberties
that is a bedrock of our society. On the other hand,
there are few absolute rights-under court order,
communications can be legally intercepted, and private
homes may be entered and searched. Encryption-like
"speaking in tongues"-might even be interpreted as a
form of speech and offered the greater protection that
freedom of speech enjoys. Historically, the government
has not attempted to control the use of encryption
within domestic U.S. borders but instead limited its
export overseas. Similarly, court orders are required
to lawfully intercept domestic telephone
conversations, but not for foreign traffic. The legal
framework protecting data communications-including
encryption of data-has not changed to address the many
new channels for expression (and surveillance of
expression) opened up by the computer revolution. It
is now appropriate to establish an organized and
systematic legal framework for our information
society.
Second, we need to use strong cryptography to enable
electronic commerce on the burgeoning information
infrastructure that is going up all around us. The
potential economic benefits from moving forward
rapidly to locate our businesses on the information
superhighway seem large. Without ironclad security,
however, no business is going to drive its sensitive
data up the on-ramp. Strong cryptography is a small
but vital piece in the systems that will provide
information security.
Third, U.S. companies are world leaders in computers
and communications, where success in global markets is
an essential ingredient in maintaining competitive
advantage. But the market for information technology
is one in which capable foreign competitors stand
ready to pick up the baton of technological leadership
should American firms stumble. The economic
preeminence of U.S. information technology
companies-and the resulting benefits to the U.S.
economy-are arguably at risk should U.S. producers be
blocked from selling important technology that is
available from foreign competitors.
Law enforcement objectives, in contrast, argue for
controls on use of strong cryptography (while
recognizing that cryptography also protects against
electronic crimes). Since the dawn of the age of
telephony, lawful wiretapping has been viewed as an
essential tool for police, the legal extension of the
right to enter and search under warrant. In the
information age, with the proliferation of digital
technology, cryptography has the potential to deny
police the lawful access that they now enjoy to voice
and data communications.
National security has been another powerful argument
for limits on encryption. Though not often discussed
openly, interception of foreign communications traffic
is in all likelihood one of the most valuable and
reliable sources of intelligence for defense and
foreign policy purposes. Routine use of strong and
difficult-to-break cryptography in, say, the global
public telephone network would be a nightmare scenario
for both law enforcement and the intelligence
community.
But we should also recognize that while global
availability of strong encryption may limit our
offensive gathering of foreign intelligence and
perhaps in the future, offensive "information
warfare," the global economic success of U.S.
information technology producers also has a positive
value for offensive intelligence gathering. Even the
strongest encryption technology may be rendered
vulnerable by the way it is administered and used. A
global marketplace dominated by the products of the
United States and its allies-which will be well
understood by a substantial community of American
technologists-will be much more transparent to allied
intelligence gathering than a world market dominated
by the unfamiliar and poorly understood products of
others.
And strong encryption, even if pervasive and
unbreakable, will nonetheless have a positive national
security value in protecting U.S. information from the
snooping of adversaries, political and economic. It
will also have significant value as a defensive
rampart against the information warfare offensives of
adversaries. Arguably the United States, now reliant
on the most advanced and pervasive information
infrastructure in the world, is also the nation with
the most to lose to disruption by a successful
offensive attack.
Finally, we must acknowledge that as more and more
aspects of our personal and economic lives are
connected to, and accessible over, the information
superhighway-things like medical records, corporate
accounts, personal travel plans, even daily calendars
and diaries-the "wiretapping" metaphor for permitting
government access to electronic information begins to
break down. It is no strain to forecast a
not-too-distant digital future in which almost
everything-all sorts of personal information, records,
even art and music-is stored or communicated
electronically, connected to or accessible through
some computer network. As the Worldwide Web reaches
out to encompass all aspects of our lives, a
surreptitious government access hatch begins to
resemble a special door built into the basement of our
homes through which government can enter without our
knowledge or consent.
Our Constitution's protections against "unreasonable
searches and seizures" should be our guide as we chart
these deep and unknown waters. Government access to
private information should be governed by clear rules
that "we, the people" make after open debate. Even in
simpler times, there have been occasional but deeply
disturbing instances in which individuals in
government have abused powers granted for legitimate
law enforcement and national security purposes. As
pervasive electronic tendrils from the information
superhighway reach into the nooks and crannies of our
lives, the potential damage from poor judgment (or
worse yet, corruption) by some individual in
government will be enormous. It is vital that a system
with clear guidelines and strict accountability be put
into place to oversee our national encryption policy
as we strike a balance among the multiple, legitimate
objectives.
Where Are We Now?
In the late 1970s, industry, in collaboration with the
U.S. government, developed a Data Encryption Standard
(DES) based on coding keys (sequences of binary
digits, or bits) that were 56 bits long. Though widely
used today, steady advances in computer performance
now make this system vulnerable (commercial
supercomputers almost double in power every year,
sufficient to "break" a key that is one bit longer in
some given time). Much stronger encryption systems are
used within the military and other parts of the U.S.
government. Until 1996, the State Department did not
readily permit the export of encryption systems using
keys longer than 40 bits, which can be easily broken
today.
The Clinton administration, recognizing the need to
promote commercial use of stronger encryption,
unveiled such a system in April 1993 (actually
developed under previous administrations but not
publicly promoted). The system used special computer
circuitry dubbed the "Clipper" chip, with decoding
keys issued in two parts and held by two separate
government agencies-within the Treasury Department and
the Commerce Department. This Clipper chip initiative
championed the concept of "key escrow," with
government holding copies of the keys used to encrypt
data, and argued for its voluntary adoption by the
private sector as a solution to increasingly evident
data security problems.
Since only stronger encryption systems using the
Clipper chip, or similar technology, were likely to be
approved for export, critics argued that the system
was not really voluntary. No U.S. multinational
corporation would want to build and maintain two
separate computer and communications networks-one for
domestic use and one for international use.
There were other practical objections. It was unclear
how foreign governments would react to companies
operating in their nations giving the U.S. government
the keys to read encrypted communications, or even if
this would be required. There was suspicion that the
Clipper chip, with its proprietary
government-developed technology, was not as secure as
advertised and might even allow surreptitious
government interception without appropriate legal
safeguards. Even more important, there was concern
that a government-mandated technical solution was
being imposed on an industry that was far more capable
and responsive to continuing technological change than
any cobwebbed and inflexible government bureaucracy,
and that industry itself through market forces was
much better able to work out the best solutions to its
information security problems.
Furthermore, argued much of U.S. industry,
increasingly capable foreign producers were beginning
to market and sell encryption systems that were
stronger than what U.S. industry would be permitted to
sell in export markets. The net effect of
administration policy, in this case, would be to tie
the hands of U.S. industry and leave an important and
growing segment of the information industry to foreign
producers, free to sell any and all strong encryption
products to customers anywhere.
Stung by these criticisms, the Clinton administration
withdrew and regrouped. In mid-1994, it offered up a
new proposal in which "trusted third parties" within
the private sector, rather than the government itself,
would act as key escrow agents. This did little to
silence industry critics.
Finally, in 1996 the administration revealed a new
plan and made some important changes in the direction
of its policies. There would henceforth be no
restrictions on exports of cryptographic systems-based
on key length or technology-if those systems contained
so-called key recovery features. That is, if U.S.
exporters could demonstrate a viable plan in which
trusted third parties (possibly including
"self-escrow" within user organizations) would hold
(and supply to government when presented "appropriate
legal authority") information that would permit
recovery of code keys and decryption of data,
unrestricted export of such encryption systems would
be allowed. Over an interim period of two years,
exports of non-key recovery 56-bit cryptography
systems would be permitted by producers demonstrating
a commitment to develop viable key recovery systems.
Cryptographic systems would be reclassified as a
dual-use commercial product, rather than a munition,
and export controls transferred from the State
Department to the Commerce Department (though the
Department of Justice would now play a new advisory
role in the export licensing process). Finally, an
explicitly international framework would be sought,
with mutual access to national key recovery agents
negotiated with foreign governments through carefully
defined legal procedures.
Though some in the U..S. business community continued
to object, initial reaction was much more favorable
than with previous cryptography initiatives. The
government had worked with U.S. business in developing
the new initiative, and a number of major U.S.
computer and software companies voiced support for the
general principles outlined in the initiative. (A
system that enabled recovery of their own encrypted
business data, in fact, was actually useful to
companies in dealing with the risks of employee
turnover.) Others took a wait-and-see approach.
The wait was not a long one. Within months, a number
of the proposal's initial supporters had publicly or
privately defected as the details of its
implementation were revealed. One major sticking point
was the government's apparent desire to involve itself
in frequent and detailed reviews of proprietary
company business plans and progress in developing key
recovery systems, as a condition for continued
approval of interim exports of 56-bit systems.
By mid-1997, some additional problems had become
visible. A U.S. attempt at internationalizing the key
recovery principle met only limited success: a draft
policy from the Organization for Economic Cooperation
and Development (OECD) recommended only that the
issues be left to national discretion. While the
United States, Britain, and France publicly supported
the idea (and Japanese officials made it clear
privately that they too would cooperate), opinion in
Germany was divided, and other countries hesitated.
Dueling bills-establishing a legal framework for key
recovery, decontrolling cryptography export-were
debated on Capitol Hill. On the face of it, another
impasse was shaping up.
In fact, however, with a little more flexibility and
some degree of innovation, the basic elements of a
reasonable compromise are now in sight and may yet be
achieved. For the first time, the varied interests at
stake are close enough to a workable solution to make
establishment of a functioning and effective national
cryptography policy a real possibility.
Seeking Common Ground
Four basic elements make up the core of what a
national cryptography policy should do. First and
foremost, strong cryptography-strong enough to resist
the attacks that rapidly improving computer technology
will continue to breed-must be available for routine
business use. In an integrated global economy, this
also means that it must be usable and exportable
around the world. Current initiatives that would allow
export of any technological solution, of unlimited
strength, subject only to the proviso that an
acceptable key recovery system be maintained with a
suitably defined and trusted party (including
self-escrow), are headed in the right direction. This
will permit market forces to determine the most cost
effective and flexible technologies, build in the
ability to respond dynamically to continuing
innovations in computer and communications technology,
and yet maintain the ability of law enforcement and
national security authorities to gain lawful access to
encrypted communications when a critical national
interest makes such access imperative.
But the government should be more forthright in
presenting its case. Though it is true that no
constraints on domestic use of encryption are being
proposed, the only product likely to gain wide
acceptance in today's global economy is cryptography
that is exportable to one's foreign subsidiaries and
business partners. The government should be crystal
clear in acknowledging that this debate is in fact
about the encryption systems that will be used widely
within the domestic U.S. economy. Also, key recovery
remains an untried and untested system. It is entirely
possible that a better solution to the cryptography
problem may be discovered as computing technology
advances, and policy should be flexible enough to
adapt if this happens. The critical thing is the
principle: strong encryption, widely available, with
the potential for lawful decryption by accountable
authorities.
The government still must establish clear principles
and a transparent cryptography policy. The new export
regulations do not explicitly address a large number
of significant issues (for example, backwards
compatibility of key escrow with interim 56-bit
systems, length of time escrowed keys must be kept for
different types of data) that are now being defined in
a piecemeal and private fashion as individual
companies' key recovery product development plans are
submitted with license requests. Various "exceptions"
to the infant policy- permitting the export of
stronger encryption without key recovery, for example,
in specialized financial applications, or to banks and
foreign subsidiaries of U.S. companies- are announced
weekly. A "black box" process ("just submit it, and
we'll tell you if it's OK") that sets limits on
cryptography without open discussion and debate and
forces Americans to struggle to infer the policy from
the sparse and sometimes inaccurate details published
in the press is totally unacceptable in an area this
important to the nation.
A second core element of a new national policy-and one
that has yet to be carefully addressed by any broad
initiative-is the construction of a clear, up-to-date
legal framework for, and safeguards on, government
access to encrypted data and communications.
Government access is only tolerable in pursuing the
legitimate social objectives outlined earlier. The
legal framework defining privacy and freedom of speech
in electronic data and communications is currently a
crazy, patchwork quilt with many holes in it. The
administration's new rules specify that key recovery
agents must hand over keys to the government within
two hours after receiving "appropriate legal
authority" but nowhere define precisely what this
authority must be. Is a court order required, or
merely a signature from a political appointee, and
under what circumstances? Our laws should be debated
and updated to define the answers better and more
comprehensively, given current and foreseeable
technological realities.
Careful attention must also be paid to the potential
for abuse or corruption. Even after appropriate legal
authority is granted on paper for some narrow purpose,
there is typically substantial room for interpretation
as to what is "reasonable" in deciding how wide to
cast an electronic net in trapping suspicious
communications and how to deal with unexpected
discoveries that turn up. Most government officials
can be expected to behave in a responsible and lawful
way, but an excessively curious or aggressive, or even
corrupt, official using a legal interception to "surf"
through data or communications beyond its intended
scope creates a potential for damage that will grow
just as quickly as the information superhighway
itself. The same computer technology that makes
electronic communication so cheap and pervasive also
makes it possible to electronically record and log,
with a permanent and verifiable audit trail, any
government interception of electronic communications.
Just as financial services companies safeguard against
abuse by logging and taping telephone contacts with
customers, comprehensive logs and a verifiable audit
trail should be automatically recorded and stored
electronically in each and every instance that a
government official intercepts private data or
communications. In addition, tougher standards for
private abuse of personal data and illegal access to
private communications should be included in whatever
new legal framework is adopted, and significant
penalties should be defined.
Third, a national cryptography policy must recognize
that the problems-and solutions-outlined above are
inherently international in scope. Law enforcement,
national security, regulation and oversight of global
finance and trade are all areas that span national
boundaries today and require cooperation among
governments. Just as our private sector works with its
foreign partners to define standards that allow it to
operate easily and effectively in global markets, the
U.S. government must work with foreign governments to
define an international encryption policy that makes
the U.S. approach compatible with foreign systems.
U.S. requirements imposed on U.S.-based businesses
must be compatible with the foreign environments in
which they operate.
U.S. requirements should also be no more onerous than
those imposed by foreign governments on their business
communities. A level playing field, with common global
rules of the game, is needed to avoid giving economic
rivals competitive advantages over one another. The
administration made an important and correct decision
in seeking an international consensus on the key
recovery approach to strong encryption and must be
sure to continue to work hard in seeking this common
global approach. While it has yet to achieve such a
consensus within the OECD, many of the key players
with the technical capability to ship advanced
cryptography products and affect global
markets-Britain, France, and (quietly) Japan-are
supporting the U.S. approach, and if a few more (like
Germany and Israel) can be brought on board, the
critical mass around which the core of an
international agreement can be assembled will exist.
Finally, with cryptography set to play such a key role
in tomorrow's information infrastructure, some new
institution that provides a framework for business and
government to jointly examine both the overall
security of our information infrastructure and the
integrity of its individual parts is needed. At the
micro level, we must recognize that acquiring a
cryptographic product is not like buying a computer or
auto- simply testing or using it within an
organization gives insufficient insight into its
quality or utility. The essence of an effective
cryptography system is what the most capable and
potentially hostile forces outside a business or other
organization can do with the system. There are also
obvious economic benefits from some sort of
government-industry testing and certification process
that spares individual customers a costly and
duplicative investment in determining the
effectiveness of a cryptography product (and makes use
of sensitive information that may be available only to
the government). At the macro level, the integrity of
our power grid, banking system, and phone network are
clearly as vital to our national security as the
number of transport aircraft the U.S. Air Force buys,
and both government and industry have an obvious
interest in scrutinizing the entire information
infrastructure and taking steps to reduce weaknesses
and vulnerabilities. Government and the private sector
should form an oversight body tasked with both
reviewing the overall integrity and security of the
national information infrastructure and creating a
voluntary testing and certification process for the
information security products developed by the private
sector.
A national cryptography policy built around these four
elements- strong cryptography put into wide use, a
strengthened legal framework and electronic logging
system that provides rigorous oversight and
accountability for government access to the keys
needed to intercept and read coded data, negotiation
of an agreement with our close allies on a global
encryption standard, and formation of a
government/private sector oversight body to review
both the overall security of our national information
infrastructure and the voluntary testing and
certification of encryption and security products-will
leave many (maybe even most) participants in the
current debate unsatisfied. An absolute right to
privacy would not be created in the electronic realm.
The government would probably face greater constraints
in seeking lawful access to electronic communications,
and maintenance of auditable records probably will
create some additional costs. Business is being asked
to bear some burden in keeping the keys needed to
decrypt confidential communications for a time.
Intelligence and national security officials will be
more dependent than ever before on cooperation with
their allied counterparts. Cooperation on common rules
of the game for encryption at the international level
will have to be carefully negotiated. None of this
will be painless. But it must be done if we are to
balance an important and complex set of interests as
we enter the next century, the age of the information
society.
Kenneth Flamm is a senior fellow in the Brookings
Foreign Policy studies program and the author of
Mismanaged Trade? Strategic Policy and the
Semiconductor Industry (Brookings, 1996). The views
expressed in this Policy Brief are those of the author
and not necessarily those of the trustees, officers,
or other staff members of the Brookings Institution.
-------------------------
Declan McCullagh
Time Inc.
The Netly News Network
Washington Correspondent
http://netlynews.com/
2
1
I welcome Hal's comments. Between this meaty discussion of crypto anarchic
issues, along with the equally meaty comments by Eric and others about
financial instruments, maybe we've temporarily exorcised the run of
"cyphernukes" trivia postings. (Not that nukes are trivial...I understand
that even one of them can ruin your whole day.)
Hal split his post up into three parts (that I've seen so far), but my
response would probably not be split the same way, ideally. But I'll go
ahead and answer each of his posts in order, or at least get started.
First, let me clarify some points very briefly, points that would
ordinarily come up in the response to the second and third parts.
* I've never thought that anonymous escrow agents would be large
corporations, or even companies of several or more people. In fact, many
trading and investment services are handled today by a single person. Many
underworld financial services--e.g., offshore banks--are handled by a
single person. New computer technology makes this more feasible than ever.
Additional staff, especially at the spear carrier level (office workers,
clerical staff, etc.), are security leaks, as Hal notes.
* Family-based businesses are also common, where blood ties establish a
web-of-trust. Very common in Asia, the Middle East, and in other areas
where mistrust is a dominant concern. (The Mafia is known as the Family, of
course.) In many of these cultures, defections (in the game-theoretic
sense) are strongly disincentivized, by the blood ties and the
repercussions (ostracism at best, death in many cases).
* I agree strongly with Hal--and have argued this in several posts over the
past couple of years--that the "ecology of interacting anonymous agents"
merits much more study. We cite the fictional scenario of "True Names," and
we have limited exposure to such ecologies from the criminal underworld
(Triads, Mafia, Russians, Jamaicans, etc.), but few economic studies have
been done of such systems.
(My explicit focus in many of my posts on outlaw communities and outlaw
actions is not because I admire violent criminals, but because these
communities are obviously unable to use the legal systems of the modern
world and thus have developed and evolved their own legal codes of
sorts--sometimes with greater refinement than the so-called legal world.
David Friedman once agreed with me that much more study of underground
markets, criminal enterprises, and black markets in general is needed.)
On to Hal's comments. I'll only respond now to #1, then to #2, #3, etc.
later today.
>There has been some discussion here about how anonymity/pseudonymity
>can be applied to a wider range of relationships. One possibility
>that Tim May and others have mentioned is to have escrow agents be
>anonymous. (I will use "anonymous" and "pseudonymous" more or less
>interchangeably because the former term is more familiar. But I am
>really referring to a case where the agents maintain a certain amount
>of continuity via secret keys and such.)
>
>(Let me make it clear that I am not arguing that there SHOULD NOT be
>anonymous escrow agents. I am questioning whether they are likely to
>be viable entities due to the problems I am listing here.)
I'm not arguing, by the way, that such anonymous escrow agents (AEAs, for
brevity) will dominate conventional escrow agents, such as banks,
securities firms, etc. (all of which have certain escrow functions). But I
do expect that as more transactions leave the conventional "legal
world"--not because they are ipso facto illegal or criminal, but because
they are between parties who don't each others identities or nationalities
and hence are unlikely to agree that Afghani law, for example,
applies--that cyberspatial escrow/PPL agents will be more common. And if
they exist, outside the conventional legal structure for the reasons just
given, what reason is for them to be _non_-anonymous, that is, for them to
voluntarily reveal their phsysical identities, locations, etc.?
Hal mentions someplace that non-anonymity allows customers to check the
bona fides. Several points:
* Bona fides are easily faked. Cf. my posts on the 60,000 people in the
Witness Security Program (aka Witness Protection), most with
full-backstopped legends. The various governments of the world are expert
at creating such legends, including banks that meet their needs, transport
companies, and (probably) escrow services. So non-anonymity is not
necessarily what it's cracked up to be.
* Non-anonymity will likely expose the escrow agent to various pressures
and sanctions, including: lawsuits, subpoenas, threats by the parties
involved in an escrow, taxation, etc. Lots of complications. I can readily
imagine these pressures totally swamping the advantages of escrow. I
certainly know that any "non-anonymous" escrow agent will immediately be
beset by various pressures, legal, financial, and physical. I can't imagine
one operating for long in the U.S., for example.
* Non-anonymous escrow services in most jurisdictions (Hint: the operative
word is "jurisdiction") will of course not be able to handle transactions
that are illegal, e.g., information sales, drug money holding, etc. And
they likely face "know your customer" laws in many jurisdictions. [I
consider the idea of a non-anonymous escrow agent a non-starter, offering
essentially nothing of interest to identity-blinded users and instead
introducing unacceptable risks, pressures, and red tape.]
* If the customers, Alice and Bob, are anonymous (actually, pseudonymous,
of course), and are not associated with any jurisdiction, why should they
be interested in using a non-anonymous escrow agent, one who may be find in
favor of one party or another based on local law, based on pressures
applied by one party, etc.? Anonymous parties should be more comfortable
with AEAs, all other things being equal.
>The obvious problem I see with anonymous escrow agents is that it is
>much harder for them to become and stay trustworthy. With an
>identified (non-anonymous) agency, you can have a lot of information
>on which to base your judgement. You can look at its assets, at its
>employees and hiring procedures, at its record. You look at the
>jurisdiction in which it operates and judge what protection the legal
>system may offer. You can look at other agencies in that jurisdiction
>and what their track record has been.
Eric Hughes' "encrypted open books" protocol may be useful in verifying
assets. Pinging works, as do "reputation-rating services" which rate escrow
agents.
I look to the success of underworld escrow agents (a standard role for
criminal syndicates is to enforce certain transactions "fairly"). Granted,
they are not anonymous. But reputations do indeed build up, even with
pseudonyms (one might say _especially_ with nyms). Lots of issues.
>
>I would guess that most of that information would not be available
>from an anonymous escrow agent, at least not in a validated form.
>Perhaps some of it could be done with credentials (a blinded statement
>from a reputable accounting firm that (this?) escrow agency has assets
>of $X). But generally thinking I think it will be very difficult to
>get nearly as much high-quality information about an anonymous escrow
>agent.
By the way, Hal several times talks about the "assets" of the escrow agent.
In general, a bonding is not needed, as the held items are *of no value* to
the escrow agent, in many cases I can see. There are two cases to consider:
1. Items held by AEA are unusable to the AEA, e.g., encrypted secrets and
money. (There's the issue that the AEA doesn't know if it's holding
worthless bits or valid digicash, for example. Again, ways of approaching
this, and the protocols will likely evolve with time.)
2. Items, or one half of them at least, are usable by the AEA. For example,
the equivalent of $100,000 is transferred to the AEA.
It's mostly this second situation I'm dealing with, as Hal is. But I
mention the first to give a hint about using protocols which blind the
transactions even from the AEA. How it all shakes out is, not surprisingly,
unclear.
Also, webs of AEAs, somewhat like "reinsurance" amongst insurers, can have
positive effects. A complicated point to discuss here, but related to the
difficulty of maintaining frauds consistenly in the presence of multiple
agents, all unknown to each other.
>
>This leaves the possibility of using its public record to judge
>trustworthiness. It may be able to offer certified statements (again,
>credentials of a sort) from earlier customers to show that it behaved
>honestly. Tim has suggested "pinging" such businesses, performing
>various dummy transactions to make sure that they are still behaving
>honestly. All this can help establish a record, but how well can this
>be extrapolated into the future?
Bear in mind that an anonymous escrow agent (AEA) is effectively no
different from a _digital bank_! I thought this point was pretty clear, as
I was discussing AEAs in the context of being a slightly different kind of
bank, but maybe it wasn't.
Consider one's bank today, even a small, poorly-capitalized one. It can
always 'defect' and claim that one's money was already withdrawn, (Yes,
there are complicated crypto protocols designed to prevent this, or lessen
the chances. The crypto community is generally interested in mathematical
rigor, not surprisingly, but reputations are crucial as well. Time-binding,
evolutionary game theory, etc.)
>One of the problems with anonymity which has no underlying identity
>certification is that you are pretty much forced to adopt the stance
>that "the key is the identity." Your only channel of communication
>with the agent is via its key, and any message signed with that key
>has to be assumed to be coming from the agent. There is nothing else.
Yes, the purist stance. What else could there be and still act as we wish
it to? This is not to say that customers could not voluntarily arrange all
sorts of additional checks and balances, such as:
- biometric security (retinal, thumbprint, earlobe shape, voice, handwriting)
- protocol limits ($1000 a day withdrawal, required "co-signers," etc.)
(co-signers, time delays, guardians, all are possible, and may even be a
good idea...I, for one, would take steps to make sure that my total assets
are not accessible via a single number. Nothing unusual about this, just a
small matter of programming.)
>The problem with this is that keys are not people. People, and
>businesses, have a certain continuity, a certain predictability. Keys
Well, Hal, this argument applies to all pseudonymous exchanges, not just
the AEA idea. (A meta-point I've made in several ways is that parties to
these transactions will be "first-class" objects, that is, there is no
compelling reason to have a distinction between "customers," "merchants,"
"bankers," and "escrow agents." Such niche distinctions may evolve, as
agents fill various roles more than others, but the software structures
need not skew the transactions in any preferential way. I can imagine many
transactions in which agents fill several roles. Indeed, we all do this
with cash all the time: we act as buyers, sellers, holders of money in
trust, cashers of checks, etc.)
>do not. A key may change its personality, literally overnight, and
>you will not have any warning about this. In an identified business,
>if it changes hands, acquires new management, or has some other change
>which might lead to new behavior, you generally have some warning
>(especially if it is a business which is selling trustworthiness, in
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
A nice turn of phrase, and a key one. AEAs are nothing if not sellers of
trustworthiness. You all know the drill here.
>which case it will probably provide customers with an unusual degree
>of access to the business's internals.) But with an anonymous
>business this is not the case. An escrow agent who has been as steady
>as the sunrise for years may, without any warning, become totally
>dishonest. Hidden behind the shield of anonymity there is no way for
>its customers to discover the change.
Webs of anonymous escrow, the "laying-off" of escrowed amounts to a set of
other AEAs (picked by customers, mutually, like a jury perhaps) could
further lessen risks. (My hunch: Sets of AES, picked this way by the
parties, could increase confidence exponentially. My hunch is that the math
of DC-nets and remailer networks is isomorphic. I'll think about this some
more.)
>What are the motivations for an anonymous escrow agency to stay in
>business, to not take the money and run? Legal sanctions would
>presumably be ineffective. One proposal is that as long as the
>expected future stream of income is worth more than the current value
>of all contracts being held by the agent, it is worthwhile for it to
>be honest.
This is a powerful incentive, history has shown. (On a tangent, one reason
'dishonesty' is now rampant, with people wiggling out of contracts and
finding ways to reneg on deals is that we've largely replaced local
sanctions--including things like tarring-and-feathering cheats--with
"governmental actions," which can take many years to reach justice, if
then.)
>
>There are a couple of problems with applying this. First, it is
>necessary to know about how many contracts the agent is holding at one
>time. But this will be complicated by the possible desire on the part
>of many customers to keep their activities secret (even beyond their
>presumed shield of anonymity). So there must always be the worry that
>more contracts are in progress than you suspect. This is especially
>true when you consider the possibility that other agencies may
>secretly be owned by this one.
Hence the use of multiple AEAs, picked by the customers "randomly" (or
based on private reasons) and mutually (protocol: each submits list of
acceptable AEAs, intersection is picked, or variants of this idea). Makes
collusion more difficult. (Anonymity helps becasue pressures cannot
directly be applied. Back channels exist, though, perhaps. Playing
"Anonymous Monopoly" might be a useful thought experiment.)
...
>But combine this with the ease with which a key can change its
>personality without warning and it suggests that even a long track
>record of stability could be fragile. The business is passed from
>father to son, it is acquired, it is coerced away, the owner
>experiences a change of circumstances due to illness or other
>catastrophe, and suddenly the agency has changed. Now, future income
>doesn't look so attractive compared to present money. Now, the owners
>have an incentive to close the business and (I firmly think the word
>applies) cheat their customers.
Yes, this is a risk. But also a risk in non-anonymous transactions. (The
people boarding the jets to Brazil.)
Well, this ends on a minor comment rather than a major essay point, but
perhaps this is best.
Meanwhile, the best sunshine part of the day has passed without me getting
down to the beach, so I'll close now and try to get out and catch some
remaining rays.
The remaining posts from Hal I'll respond to tonight.
(ObNukeThread: Micronukes with yields of a kiloton or less are possible
with as little as 10 grams of Pu. The key is the computer-intensive design
and precise implosion sequenve. But such secrets will be amongst the first
high-value secrets sold in digital black markets. I'm not worried: so we'll
lose a couple of cities someday. Big deal. Six billion people and
more...they'll make more.)
--Tim May
..........................................................................
Timothy C. May | Crypto Anarchy: encryption, digital money,
tcmay(a)netcom.com | anonymous networks, digital pseudonyms, zero
408-688-5409 | knowledge, reputations, information markets,
W.A.S.T.E.: Aptos, CA | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."
1
0
-> In article <199311192308.AA02672(a)access.digex.net>
> You know that I have a JD from Georgetown and a Masters from some
> ( not accidently unnamed ) school in International Relations.
Bloody hell, it's David Sternlight! :-)
G
<-
That, my friend, is an insult the scope of which I will not tolerate
Any further comments along these lines will result in a
(probably frivolous) suit.
1
0
Please forgive the bandwidth waste.
Mr Hughes,
As the host displayed in your list post headers is unreachable
from my site, I mailed to your soda.berkeley.edu address.
Has this mail reached you?
Same person?
(Your server stored PGP key indicates the soda address)
-uni- (Dark)
1
0
>sw(a)tiac.net (Steve Witham) writes
>
>> Saying that a bad government is just representing bad people gives it more
>> credit than is due.
John Kreznar responds-
>You leave me wondering what you mean by ``bad people''. As someone near
>here (Eric?) is fond of reiterating, never attribute to malice that
>which can adequately be explained by ignorance or stupidity. Bad
>people? Well, maybe, but it's mostly ignorant-bad, not malicious-bad.
Yah. I just meant "bad" to stand for something we were discussing: people who
want to benefit from your being taxed, or restrict your freedoms gratuitously.
>Majority or not, the constituents strongly influence the bureaucrats.
Right, the problem is more than just people in government.
I was just contradicting the idea that (as Tim May says) people get the
government they deserve. Certainly not all people, maybe not most "deserve"
this deal.
> A
>good recent example familiar to readers of this list is the EFF with its
>shrill and incessant campaign
Yeah, I said that cleverness, etc. helped to influence but left out
persistence, volume, high profile. But not representativeness.
> to all of us to pressure politicians to do
>this or that. Thanks to the EFF's efforts, proponents of government
>surveillance can now claim the cooperation of a leading representative
>of data communications users.
Yup. Whoops. There's a footnote in one of Bruno Bettleheim's books--
he says professional organizations resemble the guards recruited from among
the prisoners in concentration camps. They both start out wanting to defend
their fellows from the tyrants, but through compromise they end up being
the ones who deliver the tyranny.
>> It's the structure of government that needs changing.
>
>The social cancer would need to be cured. It's hard to believe that
>what would result would embed anything like ``government''.
You're right, the problem is bigger than government. Also, I was using
"government" in the sense of "whatever way protection services are
arranged for" rather than "government as we know it". (But I've blabbed
enough about that usage.)
--Steve
- - - - - - - - - -
It is said a Shao Lin priest can walk through walls.
Looked for, he cannot be seen.
Listened for, he cannot be heard.
Touched, he cannot be felt.
2
1
Forwarded message:
> Date: Sun, 20 Jul 1997 08:03:09 -0400
> From: Robert Hettinga <rah(a)shipwright.com>
> Subject: Re: Will Monolithic Apps Dominate?
> I'm beginning to think that until it's possible for a given processor to
> autonomously buy the software it needs for cash in an auction market, and
> then download and install that software, all at run time, the
> superscalibility of an environment where software is dispersed through the
> network (again, "surfacted" is not a bad word to describe this), and run in
> the smallest possible bits at the processor level just won't happen.
>
> Nonetheless, I do think that the linux gang is going in the right
> direction, especially since most most of the cash-settlement technology we
> on this list have all come to know and love is more likely to be used in
> linux than anywhere else.
You should look into Plan 9 with purchasing extensions to its job-processor
scheduling scheme. This would allow several interesting features:
- anonymous execution of jobs
The person scheduling the job would have no idea exactly where the
job was running, only that it was at the time the least expensive
alternative available.
- anonymous processor selection
The person owning the machine would not know where all the processes
currently running come from since it would not be possible to turn
the execution key into an actual machine address.
- automatic and anonymous software selection
Jobs don't need to have the required software or even where it might
be located. The job would need to understand the catalog scheme in
place to locate the software (think of a library card system).
Since the OS already bids for processor space it would not require a
major architecture mod to include E$/crypto functions.
> Finally, there's the issue of Mhyrvold's software-as-a-gas idea. That is,
> that bloatware is a direct result of Moore's Law.
I have to disagree. Bloatware comes from the way we look at software
(ie generalize & modularize it) and the way we impliment it (ie libraries).
While it makes the programmers job easier it makes the amount of software
required for the job larger that required because the libraries have
functions and features that aren't used (in this product). Bloatware won't
be fixed unless we (ugh) go back to monolithic project design with most
code custom built with little re-use from previous versions. I suspect it is
easier to buy another 4M of RAM than to pay the programmers to re-create the
wheel each time a new version comes out.
____________________________________________________________________
| |
| _____ The Armadillo Group |
| ,::////;::-. Austin, Tx. USA |
| /:'///// ``::>/|/ http:// www.ssz.com/ |
| .', |||| `/( e\ |
| -====~~mm-'`-```-mm --'- Jim Choate |
| ravage(a)ssz.com |
| 512-451-7087 |
|____________________________________________________________________|
3
2
An interesting suggestion, though I think putting the bags in bins
marked "W.A.S.T.E." may do just about as well :-)
Aside from Tim's observation that the Enemy can often detect
hashish, bombs, etc., greatly reducing the utility of the system,
it's also a system designed for couriers to take bags back to
hotel rooms and steal the Newtons from them before routing them
on their way.
On a slightly mroe serious note, I have seen some transport remailer systems
operating, though without the crypto hardware involvement.
I had a project that absolutely, positively had to get computers to
Colorado overnight, but our building's shipping department insisted
on using their regular arrangements anyway. The local carrier in
New Jersey assembled my boxes and anything else going to Denver in
big crates, shipped them by and air-freight company to another local
carrier in Denver, who unpacked the crates and delivered it locally.
I wasn't surprised when I got there that the equipment hadn't arrived -
what surprised me was that they didn't have a record that said that
my package number 12345 was in crate number 67890 which had/hadn't arrived.
"No, we just pack them, and when they get to Denver they'll open the crates
and see what's in each one. You gotta problem wi' dat?"
(Since we weren't interested in anonymity, and were interested in reliability,
any future packages went FedEx so we could track them.)
I once talked with a guy who did his more private mail transactions
through a Mexican postal worker in Tiajuana; any mail that came
to the PO box would get put in bigger envelopes and mailed to his real address,
and he'd send the guy another $10 to cover the next package;
when he wanted to send mail privately, he'd mail it to the PO box
along with $10, and the guy would mail it to the real address.
Bill
1
0
Date 8/30/94
Subject FWD>This is currently being
From Dave Banisar
To Crypto List
>From CPSR FWD>This is currently being pos
--------------------------------------
From: "Shabbir J. Safdar" <shabbir(a)panix.com>
Message-Id: <199408300318.AA07665(a)panix2.panix.com>
Subject: This is currently being posted to Usenet.
To: vtw-announce(a)vtw.org
Date: Mon, 29 Aug 1994 23:18:18 -0400 (EDT)
[updated August 29, 1994 shabbir]
*********************************************************************
DISTRIBUTE
WIDELY
*********************************************************************
Table
of
contents:
Status
of
the
bills
Five
things
you
can
do
RIGHT
now
to
stop
Digital
Telephony
Records
of
legislators
supporting/opposing/wavering
on
DT
Digital
Telephony
bill
FAQ
The
VTW
Press
Release
Sample
Letter
To
The
Editor
Who
are
we
and
how
can
you
contact
us?
-------------------------------------------------------------------------------
STATUS OF THE BILLS (updated 8/10/94)
Aug 18, 94 HR 4922 reported back to committee (write to Rep. Jack Brooks!)
Aug 11, 94 Sen. Leahy & Rep. Edwards hold a joint hearing on the bills in
Wash. DC at 1pm in Rayburn 2237.
Aug 10, 94 HR 4922 referred to Subcomm. on Civil and Constitutional Rights
Aug 10, 94 SB 2375 referred to Subcomm. on Technology and the Law
Aug 9, 94 Rep. Hyde officially cosponsors HR 4922
Aug 9, 94 HR 4922 referred to House Judiciary Committee
Aug 9, 94 SB 2375 referred to Senate Judiciary Committee
Aug 9, 94 Identical House and Senate bills are announced by their
respective
sponsors, Rep. Don Edwards (D-CA) and Sen. Patrick Leahy (D-VT)
EFF states the legislation is "not necessary".
VTW will be monitoring this legislation in the same way that we monitored
the Cantwell bill, with the blow by blow, day to day updates that cost
us significant long distance bills. :-)
We're not asking for money though. Don't send us money; we don't want it
and it causes us bookkeeping work. Call/write your legislator
instead
and
relay
to
them
the
sample
communiques
below.
-------------------------------------------------------------------------------
FIVE THINGS YOU CAN DO *RIGHT* NOW (in their order of importance)
1. Write to the House Judiciary Committee Chairman, Jack Brooks (D-TX)
and ask him to oppose the Digital Telephony bill. (HR 4922)
2. Fax/mail a copy of the VTW press release to your local newspaper, tv
station, call-in show (everything from NPR to Rush Limbaugh), etc.
3. Write to your legislator (especially if s/he is on the Judiciary
Committee (House or Senate) and ask that they oppose the Digital
Telephony bills. (SB 2375/HR 4922)
4. Forward a copy of this FAQ to three friends who don't know about it.
Or, print it out and place it on a bulletin board at work, at school,
hand it out, etc.
5. Write a letter to the editor of your local newspaper, opposing the
Digital Telephony bill.
1. CALL/WRITE TO REP. JACK BROOKS, HOUSE JUDICIARY COMM. CHAIRMAN
Sample phone Communique:
Rep. Jack Brooks
Phone: (202) 225-6565
Dear Mr. Brooks,
The recent Digital Telephony bills (HR 4922 & SB 2375) disturb me
greatly. The FBI has not yet made their case that justifies
building wiretap functionality into the telephones of 250 million
people to justify the privacy intrusion.
Please oppose HR 4922 and SB 2375.
Sincerely,
_______________________
Sample fax/letter Communique:
Rep. Jack Brooks
2449 RHOB
Washington, DC 20515
Phone: (202) 225-6565
Fax: (202) 225-1584
The Honorable Jack Brooks,
Please oppose Senator Leahy's and Representative Edwards'
Digital Telephony bills (HR 4922 & SB 2375). This legislation
asks us, the American public, to trade our privacy to ensure law
enforcement's future ability to continue to perform wiretaps.
Unfortunately, the FBI has yet to make its case to the public
to prove that it is unable to administer significant numbers of
wiretaps. Telecommunications technology is very new and the change of
pace in it is very rapid. The Digital Telephony bills are premature
and should not be considered until:
-the standards bodies are appointed and include privacy rights
groups (not just the Electronic Frontier Foundation) at both
the technical and policy levels
-the standards are defined and accepted by the three
stakeholders (law enforcement, common carriers, and privacy
rights groups)
-an adequate oversight agency has been given the authority
previously allocated to the FCC
-the technology has advanced to a point where the effect of
such a broad ruling on the undustry can be ascertained.
Please oppose HR 4922 & SB 2375.
Sincerely,
_______________________
If you want to help make legislators responsible for their actions,
report this information back to vtw(a)vtw.org. We'll add their
position to our database.
2. Take the press release attached and fax/mail/email it to local tv
stations, radio stations, callin shows, newspapers, etc. Drop a note
to vtw(a)vtw.org, where we'll track the coverage.
3. Forward this file to your friends and coworkers. Use it when you
phone call-in shows; educate everyone you know. This is literally
a "net" effort. Few people outside of the Internet know about this
legislation; they would be horrified to discover its existence. Help
educate them.
4. Call/write your legislator and ask them to oppose the Digital
Telephony bill. Use the sample communiques above. To find your own
legislator, contact the League of Women Voters in your
area.
5.
Write
a
letter
to
your
local
newspaper's
editorial
page
about
the
Digital
Telephony
bill.
We
have
attached
a
sample
editorial
page
letter
that
you
might
base
your
letter
upon.
Feel
free
to
use
significant
license.
-------------------------------------------------------------------------------
LIST OF LEGISLATORS SUPPORTING/OPPOSING/WAVERING ON DIGITAL TELEPHONY
-REPRESENTATIVES
All addresses are Washington, D.C. 20515
Dist ST Name, Address, and Party Phone Fax
==== == ======================== ============== ==============
16 CA Edwards, Donald (D) 1-202-225-3072 1-202-225-9460
2307 RHOB
House sponsor of the 1994 Digital Telephony bill
6 IL Hyde, Henry J. (R) 1-202-225-4561 1-202-226-1240
2110 RHOB
Cosponsor of the 1994 Digital Telephony bill
-SENATORS
P ST Name and Address Phone Fax
= == ======================== ============== ==============
D
VT
Leahy,
Patrick
J.
1-202-224-4242
na
433
RSOB
Washington,
D.C.
20510
Senate
sponsor
of
the
1994
Digital
Telephony
bill
-------------------------------------------------------------------------------
DIGITAL TELEPHONY BILL FAQ
What are the (DT) Digital Telephony bills and where did they come from?
The DT bills were initially introduced by the Bush administration
presumably at the request of the FBI. The initial proposals were
very unpopular and met with great opposition, preventing them from
moving through Congress.
The current incarnations of the legislation (SB 2375 & HR 4922) have
several features, but basically require the same thing: common carriers
must be able to provide law enforcement officers with court orders
access to personal communications. (eg, if the FBI presents a court
order for a wiretap on your phone calls to NYNEX, NYNEX should be able
to provide the FBI with the ability to intercept your communications
under the terms of the court order.) To do this will require changes
in the telephone equipment we use today. Since this will obviously
cost money, the bill appropriates $500 million in Federal money to
these carriers to compensate them for the changes.
Does this include bulletin boards and Internet sites like Netcom, America
OnLine?
No, the legislation specifically identifies common carriers.
Information Services, such as these above, are not common carriers.
How will this affect me?
Imagine there's a giant socket on the side of the phone company's equipment
that says "FOR FBI USE ONLY" in giant red letters. Imagine if the fine
for not implementing that socket was $10,000 per day for the phone company.
How many communications carriers do you think will make any noise about
the privacy of their customers' communications?
Now imagine that you were asked to pay the bill for this. The proposed
budget for implementing this functionality is $500 million dollars for
1995-1998.
Just how many wiretaps per year are there?
In 1992 there were less than 1,000 wiretaps performed. It is important
to note that the legislation is targeted towards wiretaps that the
government says they cannot implement. Since there is thus far no
published evidence of unimplementable wiretaps, turning the nation's
phone system into a giant eavesdropping device to prevent a problem
which has not yet been documented or become widespread, sacrifies too
much privacy for too little gain.
Is there ever a legitimate need for law enforcement to conduct wiretaps?
Yes, according to the 1992 Government Accounting Office's "Report on
Applications for Orders Authorizing or Approving the Interception of
Wire, Oral, or Electronic Communications (Wiretap Report)", there were
919 wiretaps authorized in 1992 (there were no requests denied). There
were 607 individuals convicted as a result of these wiretaps. Although
this is not an excessive amount, it is not ignorable either. However
607 convictions is infinitesmally small when one considers the number
of people convicted yearly in the US. Furthermore, the report does
not specify if any wiretaps were unimplementable because of advancing
technology. The FBI maintains that advancing technology will prevent
this, though this has not yet been documented. VTW feels that until
the the FBI makes their case to the public, this bill should not be
considered as legislation.
Why should I be worried about this bill?
THE BILL IS VAGUE REGARDING STANDARDS SETTING
The bill requires industry standards groups to be formed to work with
law enforcement to create technical standards for this functionality.
There are a number of problems with this. First is that these
standards bodies may not have even been appointed yet, giving
incredible power to a presently unnamed group that will be responsible
for appointing those bodies. Secondly, these standards bodies do not
currently include any public input. There is a delicate balance
involved in wiretapping vs. a citizen's privacy. The standards bodies
that are proposed do not have any provisions for public input.
Public-interest and/or privacy groups should be included at every level
(including the technical level) in order to ensure that this balance is
found. Without such input, the standards are likely to sacrifice
privacy while giving more functionality than is needed by law
enforcement to do its job.
THE STANDARDS SHOULD BE ACCEPTED BEFORE THE LEGISLATION IS PROPOSED
The DT legislation is vague regarding the standards for wiretapping
functionality. Many of the questions and problems we have with this
legislation stem from the vagueness of the details regarding the
standards. The standards body should be appointed (with
representatives from law enforcement, industry, and the public at both
the technical and high level) and the standards accepted before the
legislation is proposed.
THE BILL PUTS GREAT POWER INTO STANDARDS AND COMMITTEES THAT DO NOT EXIST
YET
By empowering standards bodies that do not exist, and mandating
standards that do not yet exist, great power is given to those
individuals who can appoint the members of the standards bodies.
Furthermore, no process is mandated for the appointment of the members
of these standards bodies.
THE BILL DOES NOT APPOINT AN ADEQUATE OVERSIGHT AUTHORITY
In many situations the (FCC) Federal Communications Commission is
appointed to be the final arbiter if industry standard bodies cannot
agree on technical standards. The FCC currently serves the interest of
industry in regulating the communication carriers. Because the
Commission serves the interest of both groups, there is a conflict of
interest. A different ageny should be appointed and given the FCC's
oversight authority.
TELECOMMUNICATIONS TECHNOLOGY IS NOT MATURE
Telecommunications is a very new technology. Within the last twenty
years, we have seen amazing advances in the technology. Ordering the
implementation of such a broad privacy- sensitive function will have
far-reaching effects on the future of the technology. This legislation
should wait until the technology is more stable.
-------------------------------------------------------------------------------
PRESS RELEASE
[Please fax this to your local newspaper]
Voter's Telecommunications Watch invites fellow
citizens to join its media awareness campaign by
emailing or faxing this press release to one of
two media institutions.
East of the Mississippi:
Burlington Times
email: _________
fax: ___________
West of the Mississippi:
San Jose Mercury-News
email: _________
fax: ___________
VTW is also experimenting with a fax/email chain
letter. The document "An Open Letter on Digital
Telephony" is currently circulating the Internet.
VTW has also prepared an FAQ for Digital Telephony.
Point your gopher to panix.com (port 70) and check
under the VTW main menu entry, or use the URL:
FOR IMMEDIATE RELEASE
NEW YORK, NY -- 08/22/94 -- Contrary to popular belief, not all online
civil libertarians support the Government's attempts to ensure the FBI can
wiretap every citizen. Voter's Telecommunications Watch (VTW), a New
York-based online activism group, working in conjunction with the
Electronic Privacy Information Center (EPIC) and other privacy advocates,
is working to energize and focus the grassroots opposition to the recently
introduced Leahy-Edwards Digital Telephony Bill (H.R. 4922, S. 2375).
The Digital Telephony Bill would require telecommunications
service providers to design all their equipment to allow FBI agents and
other government officials to wiretap any telephone conversation -- only
if there is a court order permitting it, of course, the FBI promises.
Adding this feature to the telecommunications system is costly -- so
costly that the bill appropriates $500 million taxpayer dollars to
reimburse phone companies for their "reasonable" expenses. "It's
objectionable for the FBI to try to make us pay for invading our own
privacy," says Alexis Rosen, co-founder of Public Access Networks
Corporation, a regional public Internet provider.
According to FBI Director Louis Freeh, there were 183 wiretaps in 1993
that would have been facilitated by the digital telephony mandates.
"Should we really spend half a billion dollars for a couple of hundred
wiretaps that compromise the privacy of two hundred million Americans?"
asks Simona Nass, President of the Society for Electronic Access, a New
York-based organization devoted to issues of civil liberties and public
access.
VTW is spearheading a drive to defeat the bill. Using the Internet
to keep millions of electronically-connected citizens informed, VTW
workers have put together summaries and analyses of the legislation and
are tracking the bill's movements through the byzantine halls of Congress.
Using this informations, citizens can inundate their representatives at
optimum moments. VTW is tracking each influential legislators' position on
the Digital Telephony initiative, and periodically publishes a scorecard
summary of their positions, party, districts and contact information.
To access VTW's anti-Digital Telephony effort, join the VTW
electronic
mailing
list
by
sending
Internet
e-mail
to
vtw-list-request(a)panix.com.
Information
is
also
available
via
Internet
Gopher
in
the
VTW
area
of
gopher.panix.com
(port
70).
For
further
information,
contact
Steven
Cherry
at
718-596-2851.
PRESS
CONTACT:
Steven
Cherry
(718)
596-2851(voice
mail)
stc(a)acm.org
(electronic
mail)
-------------------------------------------------------------------------------
SAMPLE LETTER TO THE EDITOR
[Note, this is Steven Cherry's "Open Letter" on Digital Telephony. Please
do not submit it to the New York Times. -Shabbir]
An Open Letter Regarding Digital Telephony
Digital Telephony, embodied in bills entered into Congress by Sen.
Leahy (S.B. 2375) and Rep. Edwards (HR. 4922), would require that
telecommunications carriers alter their equipment so as to allow
wiretaps and similar surveillance to be performed at the companies'
offices, or the offices of law enforcement. In a word, to make
telecommunications equipment, "wiretap friendly"; to make a wiretap
order executable "at the press of a button."
With the help of some civil liberties activists, the bill admirably
distinguishes between common carriers and information services. Only
the former are subject to its provisions. But the distinction, while
clear in the abstract, is hard to make in practice. The mom-and-pop
neighborhood bulletin board service or Internet provider is excluded,
but even if it is providing store-and-forward message-passing
for an individual or other small provider?
Indeed, the very definition of common carrier in the proposed
legislation is problematic, as the definition relies on that used
in the Communications Act of 1934, when just now that Act is being
overhauled finally, after sixty years.
The bill's authors have sensibly and cleverly left out of the
legislation all the details of implementation. It is impossible to
object to the bill on the grounds of being unworkable. It is also
difficult to object on grounds of the risks to individual privacy,
insofar as the risks are largely unquantifiable by virtue of being
largely unknown.
The very clever lack of any practical detail, however, leads the
prudent citizen to question the public expenditure of $500,000,000
-- the figure is likely far too high, or far too low. Indeed, all we
know is it is unlikely to be correct, and we therefore object to it as
being unrealistic to the needs of the enterprise. In point of fact,
one other thing is known about this figure -- it is but a fraction
of the total expenditures resulting from the mandates of the bill.
The balance will be borne by the common carriers, who, in turn, will
either have to raise rates, reduce services, or restrict investment
and expansion of their business at the very moment in the history
of telecommunications that calls for them to do just the opposite.
Indeed, the very forces of technological change that caused law
enforcement to request this bill demand that it be defeated.
We would like to return to the issue of increased risks for a
moment. While unquantifiable, they are equally undeniable. The more
facile the system, the more it will be overused and error-ridden.
We must of course balance risk with reward. Who would refuse an
extra paycheck for fear of getting a papercut? We must ask, what are
the rewards of digital telephony?
The FBI Director has variously stated the number of cases where a
wiretapping was subverted by a digital switch or signal, offering
contradictory figures from a low of 80 to a high of 183. The
Director has not said all of them, or even any of them, were cases
where a conviction was not obtained, or where a conviction could
have been obtained with the wiretap, or could only have been
attained with a wiretap. Of course, only these last possible
instances really lend any justification to digital telephony.
It is quite clear that digital technology offers more challenges to
law enforcement than digital switches and signals. The object of a
wiretap can easily use unbreakable encryption to protect the privacy
of his or her communications. While the transmission of a message
would be intercepted, the content would still evade the eyes and
ears of law enforcement. Indeed, any, or all, of these 80 or 183
cases could have been subsequently frustrated by encryption even had
digital telephony solved the initial digital barrier.
Let us state the potential rewards as generously as possible -- or
even more generously than possible. There were approximately 1000
wiretaps in 1993. Let us imagine, contrary to actual fact, all of
these to be subverted by digital technology. Let us imagine the
number to double in coming years. (Any or all of which could remain
private through encryption.) 2000 cases. Weighed against these are
the 200 million Americans whose security and privacy are compromised
by digital telephony.
Well, what if the number of wiretaps doubles again, and again and
again? Don't 20,000 or 30,000 wiretaps, hypothetically, justify?
Perhaps. But what kind of society needs so many police listening in
on the private lives of so many people? At what point do we regret
the lack of a public policy debate on mass wiretapping of the
American citizenry?
We do not live in a police state nor will we. And so we are back to
supposing a massive technological effort at great expense to achieve
a modest wiretapping program of small, perhaps almost nonexistent,
benefit.
To sum up, it is as if the entire city of population 25,000, were to
have its telephone system restructured, its citizen's phone privacy
compromised, all to make effective a wiretap on a single alleged drug
peddler or gangster, which wiretap may or may not help in convicting
the offender, if indeed he or she is guilty. All at a cost of $62,500
to the taxpayers, and more to the local telephone companies and their
ratepayers.
For all these reasons, the unclarity, the expense, the risks to
privacy, and the lack of substantive benefits, separately and
together, we oppose this bill.
Steven Cherry stc(a)acm.org
-------------------------------------------------------------------------------
CONTACT INFORMATION
The Voters Telecomm Watch is a volunteer organization dedicated to
monitoring federal legislation that affects telecommunications and
civil liberties. We are based primarily out of New York, though we
have volunteers throughout the US.
Voters Telecomm Watch keeps scorecards on legislators' positions on
legislation that affects telecommunications and civil liberties.
If you have updates to a legislator's positions, from either:
-public testimony,
-reply
letters
from
the
legislator,
-stated
positions
from
their
office,
please
contact
vtw(a)vtw.org
so
they
can
be
added
to
this
list.
Voice
mail: (718)
596-2851
General
questions:
vtw(a)vtw.org
Mailing
List
Requests:
vtw-list-request(a)vtw.org
Press
Contact:
stc(a)vtw.org
Gopher
URL:
gopher://gopher.panix.com:70/11/vtw
WWW
URL: We're
working
on
it.
:-)
-------------------------------------------------------------------------------
1
0
Responding to msg by nobody(a)ds1.wu-wien.ac.at () on Sun, 28 Aug
2:32 AM
>So basically the protocols are interesting in an
>academic way, and we could sit here and discuss the
>possibilities, but then I suppose a discussion about
>atomic bombs will likely be of greater impact on our
>future than crypto anarchy will.
Out of your several thoughful comments this one strikes some
sparks.
Terror of nuclear weapons is universal. Nothing about crypto
anarchy is terrifying (yet).
A link between the two is not fanciful because of the challenge
to those who hold secrets posed by crypto anarchy.
One singularity of the nuclear arsenal was that few people
actually know its capability. Its secrecy is a part of the
threat. The same is true of the more general national security
apparatus, most of whose power derives from privileged
knowledge of weapon-systems capabilities.
By extension of state power, under the rubric of national
security, to other areas of government, often under the guise
of intelligence and law enforcement needs, we have a society
where a small number of economic, scientific, political,
military and law enforcement persons hold privileged secrets
and a very large citizenry who does not. Because of suspected
abuse of privilege, these keepers of secrets are no longer
trusted.
Electoral politics, once thought to offer means to throw the
scoundrels out, now feeds this suspicion, rather than relieving
it, because little of entrenched power structures are changed
by the voting process. The public process merely cosmetizes
the means for exploiting the the secret privileges of the few.
The crypto and related technological and civil issues discussed
on this list might be viewed as exploring how to redirect the
science and technology, heretofore used sustain a national
security-driven economy, toward creating the apparatus for a
more just and benefical civil society, one less fraught with
military, police and economic insecurity and fear of the tools
of privileged secrecy.
Mastering cryptography and devising ways to put it to
remunerative use are honorable and constructive alternatives to
enduring unresponsive government. If successful they will set
examples, and provide tools, for others to diminish state
dependency.
However, there is still the task of proving that crypto anarchy
is not itself a play for power by those who write and master
its cryptographic code. But better to test that in the public
arena rather remain hidden and protected by state secrecy.
Fierce opposition should be expected, not least by demonizing
crypto anarchy. It will probably begin within the crypto
anarchy enterprise under the guise of skeptical criticism and
provocative baiting.
It is worth recalling that classical black anarchy, the secret,
lethal version as distinguished from open black flag type, is
used by despots to justify their ruthless measures. Black
anarchists, as agents of despots, mingle with avowed
flag-wavers to spy and provoke acts that lead to repressive
crackdowns. Black anarchists never announce themselves as such
but may freely admit to being "anarchistic" as a wild-eyed
subterfuge. Inept provocations sometimes reveal them but the
most able are never detected.
John
1
0
Ryan Lackey wrote:
>Does anyone know how open the Mondex architecture is? Is it in any way
>possible to set up a competing system with your own card manufacture
>and issuing bodies for currencies which can be used in deployed Mondex
>POS terminals without too much hassle?
>[...]
Wesley Felter <wesf(a)mail.utexas.edu> wrote:
>As I understand it, Mondex is a completely closed system. Everything that
>you don't absolutely need to know is undocumented. Since you can settle
>offline, the potential for fraud is frightening; unless I'm getting the
>benefit of these, um, weaknesses in the system, I don't want there to be
>any. The lack of privacy seems to be somewhat of a smokescreen; since you
>can settle offline, they don't have a really accurate way of tracking
>transactions except at the interface between e$ and other forms of money
>or goods (like their POS terminals and ATMs).
>
>Can you hack Mondex? They say you can't...
David Jones,a computer science professor at McMaster University and
president of Electronic Frontier Canada, has written an interesting
article on the subject of Mondex security:
>Here's my latest article published online in "The Convergence".
>Please visit the web page version because it has lots of hyperlinks
>to related documents, including some never before published on the Net
>(e.g., Australian bank report on Mondex security)
>
> http://theconvergence.com/columns/djones/07121997/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Mondex: A House of Smart-Cards?
With e-cash, privacy is illusory and security is questionable
by David Jones
Mondex International has already conceded that its electronic
'cash' isn't really as private as they once claimed. Now critics
are questioning whether their security is all it's cracked up to be.
If crooks managed to create counterfeit cyber-cash, and if Mondex
failed to detect it quickly enough, the deposits backing up the
electronic currency could be drained dry, leaving customers out
of pocket -- unable to redeem the 'value' on their cards.
Do participating banks have any contingency plans for what
Mondex calls its 'meltdown scenario'?
[...]
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--
Martin Janzen janzen(a)idacom.hp.com
1
0