I frequently find myself explaining to the uninitiated the whole crypto mess, and have come up with a line of arguments which I find work fairly effectively. Basically, I take the tack that strong encryption will help prevent crime, espionage, and terrorism, while weak and/or GAKed crypto will promote it. There are good arguements for this position. We lock our houses, cars, etc. This activity is promoted by the police as a crime prevention measure, although it unquestionably makes it more difficult for them to serve search warrants, etc. They realize that good locks prevent far more crime than would their unfettered access to unlocked property. Crypto works the same way as good locks, but in the data sphere. While it would clearly make court-authorized wiretaps more difficult (but not impossible), it also stops the far more frequent unauthorized interception of messages by criminals (whether in or out of government). At this point I usually give some recent examples of losses that might have been prevented by good crypto - cell phone cloning fraud and eavesdropping, the recent credit card sniffer, etc. Going back a couple of years, some hackers on the west coast modified major backbone routers to record ftp and telnet passwords, etc. If the audience is aware of the putative info-war threat, I can work that in as another threat that good crypto can put a stop to. If the question arises 'well, why does the FBI, etc, seem so worried about the widespread use of crypto?', I have a response. "There's an old saying: 'When you're up to your ass in alligators, it's hard to remember that you're trying to drain the swamp.'" We have law enforcement agencies because we want people and their property to be safer. However, the FBI and other LEAs actually do very little to directly *prevent* crime; almost all of their efforts are post-facto, designed to catch criminals, or make it easier to catch them, *after* they've already committed one or more offences. While a criminal in jail is only rarely a menace to society at large, most criminals get away with many crimes before they are caught - if this was not the case, there would be no such thing as a 'career criminal'. LEAs have little motivation to prevent crime - there is not much career or budget boost in a robbery which did not take place, a murder which was not committed, or a spy who could not get the data he sought. Widespread and effective use of good crypto acts before the fact, preventing crimes from occuring in the first place. While it certainly would make some wiretaps more difficult (and here I bring up the very low number of wiretaps preformed in the US compared to the number of crimes), on the balance it is clear that the use of good security is a win. If you ask most people if they had a choice between a high crime rate with some of the criminals being caught, and a much lower crime rate with a slightly higher chance of them getting away, most people who are not part of the LEA establishment will instantly opt for the latter. As for GAK, there are two basic arguements I use. First, I ask them how they would feel if their town required that copies of all house, car, and file cabinet keys be deposited with the local cops 'just in case they need to serve a search warrant'. Most people are rightly appalled by the idea. Secondly, I describe the idea of key escrow agencies and "TTPs", and how they would create huge storehouses of private keys. I point out what a target of opportunity these archives would provide to criminals and spies - by compromising the security of a single site, they could unlock the private, confidential information of thousands of individuals and corporations. Depending on the audience, I might bring up Filegate, Aldrich Ames, the Walker case, etc, to demonstrate that even the government can't be relied on to keep secrets ("despite their best intentions"), and re-emphasize the catastrophic single-point-of-failure that GAK represents. In short, it's possible to pro-crypto, anti-GAK without ever getting near sounding anti-government; in fact, being pro-crypto, anti-GAK can be a conservative, anti-crime, law & order position. Peter Trei trei@process.com