Arise, cypherpunks, evil plans are brewing in the bowels of the Beast! I just read a summary of influential crypto guru Dorothy Denning's talk at the recent 15th National Computer Security Conference (held in Baltimore, don't you know, so con-vee-nient to Fort Meade). See the recent RISKS articles in comp.risks (esp. 13.86). Since RISKS is copyrighted, and we wouldn't to do anything to make the lawscums unhappy, I'll summarize: * Denning proposes that anyone using public key encryption over public networks be required to register their private keys with, for example, the Justice Department. * To avoid the risks of someone else getting the key, she suggests the private keys could be encrypted with the _public key_ of Justice, and then held by an independent agency. (Ostensibly, the encryption and registration could be done by the user himself, though some means of verifying compliance would have to be devised.) * To make use of the private key (for example, to read e-mail encrypted with the key), the government would have to get a court order, present it to the independent agency, take the key back to Justice, decrypt it with the private key of Justice, and then proceed with their surveillance and whatnot. This is ostensibly like the procedure for wiretapping. However, it would screw up the use of encryption in many ways. Registering a key would precluded frequent key changes, would probably cost some fee (on the order of $50, like a driver's license, I'd guess), and would of course greatly complicate the use of digital pseudonyms and all the other neat stuff we've talked about (but which caution tells me not to discuss here on an open and unsecured list...you can check my .sig to see where I stand, of course). My hunch is that Denning and the other "quaint" (cf. Sterling's "The Hacker Crackdown" for a description of how the crypto bigwigs interact with hackers at CFP and elsewhere) cryptheads have alerted the government to the _real_ threat of cryto tools. Position papers are being released as trial balloons, to prepare the way for a "Crypto Crackdown." I hope I'm wrong. We need more information. Let's talk to someone who went to this conference and get the Proceedings as quickly as possible. Cryptically Yours, --Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | PGP 2.0 and MailSafe keys by arrangement.