---------- Forwarded message ---------- Date: Sat, 22 Sep 2001 11:11:01 +0100 From: Jason <Jason.Gruber@btinternet.com> To: cryptography@wasabisystems.com Subject: Fw: [ISN] Aust Defence wont disclose stance on encryption ----- Original Message ----- From: "InfoSec News" <isn@c4i.org> To: <isn@attrition.org> Sent: Friday, September 21, 2001 8:38 AM Subject: [ISN] Aust Defence wont disclose stance on encryption
http://www.zdnet.com.au/newstech/security/story/0,2000024985,20260593,00.htm ?chkpt=zdnn_nbs_h
By Rachel Lebihan, ZDNet Australia 20 September 2001
Australias Department of Defence wont disclose if it will answer the US governments call to arms in restricting encryption technologies, and despite widespread support in the States for a ban on cryptography, experts say its unlikely to happen.
ZDNet previously reported that the question of restricting the use of encryption tools is a matter of serious debate in the US, where officials have been quick to blame the use of cryptography for the surveillance breakdown that failed to detect signs of the recent US-focused terrorist attacks.
The US has called for international support in its encryption crackdown but Australian government departments have been quick to pass the buck or keep their mouths shut as to whether or not the country will rally to support its US counterpart.
Minister for communications Senator Richard Alstons office didnt return phone calls to ZDNet Australia and the Attorney Generals department referred the matter to the Department of Defence, which said: It goes into the realms of defence and we dont comment on that.
According to reports from the US, there is widespread support for a ban on "uncrackable" encryption products, with 72 percent of Americans agreeing that anti-encryption laws would be "somewhat" or "very" helpful in preventing a repeat of the September 11 terrorist attacks.
However, according to Laura Chappell of US-based Protocol Analysis Institute, a ban is unlikely to happen. Although over-the-counter decryption tools are readily available over the Internet we use the same tools for troubleshooting on our own networksto not allow vendors to distribute them is impossible, she told ZDNet Australia.
The encryption issue is a double-edged sword...in the US we want to vote electronically so encryption must be tremendously advanced and secure. Alternately, we don't want the terrorists to have encryption better than our government, she said.
Chappell believes that although a ban on cryptography wont happen, those who write encryption technology will probably cooperate more with the government to help them detect when terrorist communication is going occurring.
This is the first time ISPs have really cooperatedthe government usually has to bend over backwards until its nose bleeds to get even a little cooperation, Chappell said.
According to Grant Bayley, founder of 2600 Australia ( www.2600.org.au/), a hub of information on computer security, if there are serious moves in the United States to crack down on encryption, the Australian Government will surely following suit.
However, such a privacy-restrictive move isn't likely to be a quick one, given that additional laws would need to be created, debated, presumably senate-examined and passed, according to Bayley. A sudden backflip on privacy enhancements to a position of restricting cryptography and allowing much greater government surveillance of citizens isn't likely to go down well with an election looming, Bayley added.
Bayley said it wouldnt surprise him if developers were asked by the government for decryption assistance, however, In my opinion, there's more problems associated with putting the genie back in the bottle than there have been with letting the genie out.
I think the non-technical pollies in Washington are looking for every reason to avoid pointing the finger at the reduced human capabilities of their surveillance and intelligence organisations, he said.
Alex Shiels, who runs a Web site relating to cryptography, censorship and free speech, agrees that no Western government is likely to outlaw cryptography because it's essential to the finance and e-commerce industry.
What we might see though is mandatory key escrow, where users are required to lodge their decryption keys with a government agency, to be made accessible to law enforcement when a warrant is granted, Shiels said, bringing into the debate the fact that corrupt or incompetent escrow agency officials could release keys to the wrong person.
US corporations are bracing themselves for cyberterrorism attacks. Australia needs to do the same. Encryption forms a critical part of online security and internet defences. Any government moves to limit the use of encryption, including key escrow schemes, will weaken those defences, Shiels said.
At the end of the day, Chappell believes that corporate America will win out.
Corporate America is not going to break down the walls and allow a government state.
What happens in Australia remains to be seen.
- ISN is currently hosted by Attrition.org
To unsubscribe email majordomo@attrition.org with 'unsubscribe isn' in the
BODY
of the mail.
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com