Peter Hendrickson writes:
Jim McCoy wrote:
ph@netcom.com (Peter Hendrickson) writes: [...]
Use of strong crypto would be a tip off that one is a terrorist.
If strong cryptography were unpopular and highly illegal, very few people would be using it. This makes it easy to identify suspects.
But the difference between strong crypto and weak crypto is not something which is visible to an outside observer unless they make the effort to attack a particular system or decrypt a message. [...] If mandatory GAK were imposed, reviewing messages is easy, even with inter-agency fighting. Or, encryption in general could just be forbidden if GAK created too much hassle.
Encryption itself will never be forbidden because there is far too much money riding on electronic commerce. An administration which tried to outlaw all encryption would soon find itself on the next train out of D.C. after the next election cycle. [And high-tech is definitely getting more politically aware and organized as the recent Calif. prop 211 shows] There are a lot of very powerful people betting on systems which require at least a minimal amount of encryption (at least enough to make random ciphertext transmissions common on the net.) Reviewing messages and actually finding stego'd messages is actually a very, very, hard problem for a program. This is the sort of AI problem which people have been working on for more than thirty years and no one has even come close to solving it. When you add in the fact that communication on the net is becoming more international there will be even more problems for such a program to solve (e.g. a Malay<->English translation program will throw a ton of false poitives into the mix for any program developed which somehow has enough understanding of English to detect messages whose grammar and word choice indicates a possible mimic function, if the two users communicate using mimic functions within the translation program itself you are completely screwed...)
What make such detection even harder is that a good crypto system generates output which is indistinguishable from noise, this makes it much easier to hide the fact that an encrypted channel is being used.
In practice I suspect that good stego is hard.
You are mistaken. Read Disappearing Cryptography to see just how easy it is, then check out Romana Machado's EzStego program (done in Java so it can be added to any web download with a bit of tweaking.) If the penalty for using bad stego is high enough you can be certain that natural selection will make certain that eventually the programs being used are top notch code :)
You don't have to be right every time when you look for it, just some of the time. When you see packets that seem kind of funny to you, the judge issues you a warrant and you search the suspect's house and computer very carefully. If stego is in use, the software that generated it can be found. Then you hand out a life sentence.
The problem is that you need to be able to prove that stego is in use, and this is a much more difficult task than you suggest. A good stego program will turn out bits which are indistinguishable from noise, so there is no way to actually _prove_ that stego is being used without actually breaking the cipher used in the stego routines. Remember, that life sentence you suggests requires "proof beyond a reasonable doubt" in US courts, bit rot from multiple image scannings or a bad microphone on a IP phone conversation should be more than enough for the accused to cast doubt into the minds of the jury members.
You might also identify suspects in other ways. Maybe that Jim McCoy is looking a little too successful or perhaps he made an unwise comment to a "friend" who reported him. That could easily be grounds for a warrant and subsequent change of quarters.
Get a warrant, search my system, find nothing but a bunch of applications and a collection of risque (but definitely legal) pictures which I exchange with a few friends. You may suspect that when the images are concatenated in a particular way the low-order bits form a stego filesystem but no one will be able to prove it in court.
The funny thing about noise in the information theory sense is that it can actually be _anything_ depending on context, and this sort of uncertainty is the bane of a legal system which is solidly grounded upon technicalities (such as the US legal system.)
Which technicalities protected the Japanese-Americans during World War II?
Few. OTOH the interment of Japanese-Americans occurred during a period of war, at a time when civil liberties were much more limited, and when Asian-Americans were second-class citizens with very little political power (that and the Korematsu decision was a complete piece of crap...) Today most US citizens distrust the US governement, civil liberties and protections are fairly well established in law and legal precedence, and we techno-nerds are actually the ones running the country :) [Actually the internment of Japanese-Americans was really a big land grab masquerading as a wartime necessity, but that does not change the fact that it happened...]
The legal system would have to be stretched considerably less to outlaw strong crypto and make it stick.
It would have to be shattered to make such a ban stick. Times have changed quite significantly since the 40s, and free speech rights and the first amendment have become rather important to our information society. jim