At 1:25 AM 9/4/95, Brian Davis wrote:
On Fri, 1 Sep 1995, Timothy C. May wrote:
I absolutely agree with this, though this doesn't mean I'll stop worrying about the government's plans for key escrow (GAK), about limits on key lengths, or about other efforts to thwart strong security.
I, of course, know of the "dislike" of GAK here. I am curious to know, however, if the "dislike" is because government would have access under any circumstances or if the primary worry is that government will cheat and get access when most would agree that they shouldn't (either by the judge "cheating" or a TLA stealing it).
In other words ... if it took agreement by a review board composed of non-LEA members of this list, would the escrow be acceptable??
[I'm addressing the basic issue of key escrow, or what Carl Ellison calls "GAK" (Government Access to Keys), not the current debate in D.C. about using some form of key escrow for exportable crypto. The debate on key escrow is really about the crypto citizens will use, not what will be allowed to be exported.] Speaking for myself--though I think this captures the feelings of many--my objection to GAK is on *principle*: * No government can tell me what language I must communicate in and what language I must _not_ communicate in. David Sternlight has characterized this position as "childish," as the whinings of spoiled children who don't want to be told what to do. If so, then Thomas Jefferson was surely the biggest child of all, as he and his compatriots developed and used secret codes for communications. No doubt King George would have found GAK quite useful. No, the point is really about whether people may speak and write in the languages they wish, or be ordered to speak and write in ways the government can monitor, with or without the "speed bump" of key escrow and court orders to release the escrowed keys. (Ironically, I just heard about a case in Texas where a judge ordered a mother to stop speaking in Spanish to her child at home, calling it "child abuse." The implications of this are self-evident.) "Escrow" of communications keys, when commanded by the government, is no different than requiring that all locks have duplicate keys "escrowed" with the police, or that all curtains and window shades have a special "invisibility mode" that "law enforcement" can enable under certain circumstances. "Key escrow," or GAK, is to most of us equivalent to universal wiretapping. Why not tape-record all calls and "escrow" the result?. Why not mount surveillance cameras in homes and "escrow" the result? All are essentially equivalent. The pernicious nature of the "escrow" idea, which I have to admit is a new twist on the surveillance state that was not anticipated by Orwell, Brunner, or any of the other writers on this topic, is that it says that surveillance is not so bad after all, because the results of the escrow will not be looked at except when "justified." By whom? And by what conceivable right can the government tell me I may not use the communication system and language of my choice? I have no doubt that such key escrow, or recording of all calls, or surveillance cameras, with escrowed results, would "stop" some crimes. Maybe even some serious crimes, even horrific crimes. So what? In a free society, we don't tell people what language they may speak in, and with whom, nor did we place microphones and cameras in their presence, even if we "escrow" the results and promise not to look unless a judge or a review panel says it's OK. There are undoubtedly crimes that would be stopped if surveillance cameras were placed in many places, private and public, with "video escrow." Friends of mine are developing micropower, tiny, ultrawideband radio "localizers," that could be used by parents to keep track of children, pets, luggage, etc. I have long joked with them about "position escrow," where the government will mandate that all citizen-units wear these devices (or have them implanted) so that their positions can be monitored. Would an "escrow" system make it any less unacceptable? The arguments for "position escrow," once the technology becomes available (surely by 1998-9) are very similar to those being made for communications escrow. Lots of crimes would be solved, and even OJ might be convicted, if a court could order the "position escrow" files opened. So what? That's now what a free society is about. The basic principle is the issue. There are other problems with key escrow, involving such things as how persistent the access keys will be (will a court order reveal past communications not covered by the order?), who will have access, etc. These are the things the government _wants_ us to focus on, as these can probably be fixed by sufficiently elaborate protocols...sort of. But the core issue is not being addressed, the core issue of surveillance and the government's plan to order us to speak only in certain approved modes. --Tim May ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^756839 | black markets, collapse of governments. "National borders are just speed bumps on the information superhighway."