For Cypherpunks: A copy of mail I just sent to... libernet@dartmouth.edu, extropians@gnu.ai.mit.edu, prz@sage.cgd.ucar.edu, mike@eff.org, mkapor@eff.org [This is being sent out to a wide audiance. If you receive this, its because My friends, its rare of me to try to encourage panic. Occassionally, however, by panicing early we can avert a disaster later on. Risks, an internet mailing list, reported about a week ago on a proposal by Dr. Dorothy Denning, one of the most prominent people in the field of cryptography, that copies of all private encryption keys associated with public key cryptographic systems be held, effectively by the government, to permit them to read people's encrypted messages to each other. Naturally, such invasions of privacy will only be permitted "when a warrant is produced". It has been suggested that this idea might be taken up by several government agencies for "review". Many have noted that the dawning of cheap and effective cryptographic systems could spell the end of the ability of governments to invade people's privacy. Unfortunately, it appears that the government and its cronies have also realized this, and intend to take preemptive action. Our notion of civil rights has decayed so far that it is now considered a citizen's duty to not merely be quiet while he is enslaved but to actively cooperate with his own enslavement. Not merely must we put up with the indignity of the government being granted the right to read our papers and communications to each other, not merely has the FBI attempted to get legislation passed to make phone companies give them easier access to tap phone lines under color of "maintaining the current capability in the presense of new technology", but now it is suggested that we ordinary citizens must personally cooperate to make it easier for them to read our communications. We will be branded criminals if we fail to cooperate, presuming that ideas like this are enacted. It is crucial that the fiends proposing this be convinced that resistance will be too high to implement their plan. It is crucial that before they can even propose legislation that the threat here be brought to the attention of the news media. If the currently proposed FBI legislation were passed, a dictatorial government would have all the tools it would need to tap all the phones in the country -- the only thing restraining that behavior would be a system of warrants that could disappear with a mere change in attitude. If Denning's more serious and sinister idea were proposed for future enactment as legislation (this has not yet been proposed), it would become impossible for individuals to take any action to protect their own communications privacy from a dictatorial regime, even ignoring the question of abuses that could occur right now. I'm convinced that the only thing that prevented the FBI bill from passing this year was the fact that media attention was brought to bear. Its important that this new proposal be exposed to similar sunshine. Far be it for me to suggest restraint of free speech, but I would like to see people think of making such suggestions as having the social acceptability of calling a black person "nigger". Here, for reference, is a copy of an article Dr. Denning just posted to sci.crypt on usenet. I encourage people, rather than discussing this matter on libernet or extropians, to discuss this on sci.crypt where the topic is just breaking. Perry Metzger ---------------------------------------------------------------------- Article 6275 of sci.crypt: Path: shearson.com!uunet!uunet!think.com!sdd.hp.com!zaphod.mps.ohio-state.edu!darwin.sura.net!guvax.acc.georgetown.edu!denning From: denning@guvax.acc.georgetown.edu Newsgroups: sci.crypt Subject: Re: A Trial Balloon on Registered Keys Message-ID: <1992Oct27.143737.1574@guvax.acc.georgetown.edu> Date: 27 Oct 92 14:37:37 -0500 Distribution: world Organization: Georgetown University Lines: 94 The posting about the proposal I made at the NCSC for key registration is essentially correct. Let me add to it the following: 1. The government is not taking any action to curb crypto and is unlikely to take any such action in the near future. No proposal has been made and no government agency that I am aware of has plans to make such a proposal. The closest we've had to a proposal was a "Sense of Congress" resolution in Senate Bill 266 over a year ago. This would not have mandated anything, but said it was the sense of Congress that service providers should provide accesss to the plaintext of encrypted communications under a court order. It got a lot of opposition and was withdrawn. Thus, don't panic folks -- this was just me making a suggestion. I didn't realize I had that much clout to cause such a stir and call to arms! I expect that the next step will be government sponsored discussions about crypto policy, probably sponsored by NIST, at the recommendation of the Computer System Security Advisory Board headed by Willis Ware. That will provide a forum to work through these issues. 2. The reason I made the proposal is because I am concerned that we may be facing a major crisis in law enforcement. I expect many of you will say "that's wonderful" but I don't see it that way. Electronic surveillance has been an essential tool in preventing serious crimes such as terrorist attacks and destabilizing organized crime. The economic benefits alone are estimated to be in the billions. This issue is not about snooping on innocent citizens but about doing what we can do prevent major crimes that could seriously disrupt other liberties. The problem is likely to get even worse if criminals know they use the telecommunications systems without any chance of getting caught. 3. My proposal was to register your private key with a trustee, different from the government. The key would be encrypted under some other public key so the trustee couldn't decrypt it. I have suggested it be the key of the DOJ, but it could be another independent trustee. I believe this would provide acceptably good protection since someone would need to get a court order and then the cooperation of 3 agencies to get at your communications: the telecommunications provider (to get the bit stream), the first trustee (to get the encrypted key), and the second to decrypt it. Experience with the telecom providers has been that they are very fussy about court orders -- you have to get the semicolons right! You can get even more security by using Silvio Micali's "fair public-key cryptosystem" approach. Called "fair" because it is designed to strike a balance between the needs of the Government and those of the citizens. With his approach, you would break your key up into 5 parts and give it to different trustees. All 5 parts are needed to reassemble it, but it is possible to veryify the parts individually and as a whole without putting them together -- ingenious! He presented this at CRYPTO '92. 4. Someone suggested that law enforcement routinely taps without court order. This is an ungrounded claim for which I have never seen any evidence. Regardless, their ability to do this is disappearing with the new digital based technologies. They need the help of the service providers, who in turn ask for court orders. Court orders are not all that easy to get as law enforcers have to document why other approaches have failed etc. 5. Many people have noted that you could not enforce key registration. They may be right, but I am not throwing in the towel yet. Let's take phones, which is what law enforcers are most interested in. Products are emerging that you can attach to your phone and that will do DES encryption. Criminals and everyone else are most likely to use commercial products -- easiest to get and cheapest. The products could be designed so key registration would essentially be part of the sales process. There can be social benefit to government regulation even when regulation is not 100% successful. None of our laws prevent the acts they outlaw. But this does not mean we should get rid of all laws. 6. Some people have said we should not give up our privacy to the government. But the constitution does not give us absolute privacy. We are protected from unreasonable searches and seizures, but not reasonable ones in response to "probable cause" of crime. In all areas of our lives, the government can invade our privacy if they have good reason to believe we are engaged in major criminal activity. They can break into our homes, our safes, and so on. Do we really want a society where electronic communications cannot ever be broken when there is good reason to believe some major threat against society is being planned? Thank you for your comments and for encouraging those on the other news groups to move over to sci.crypt. I'll try to keep up with this newsgroup and respond to other comments if appropriate, but I honestly can't track them all. Dorothy Denning denning@cs.georgetown.edu (posting from guvax) ----------------------------------------------------------------------