At 02:56 PM 10/21/96 +0100, Tom Womack wrote:

A few column inches in the British Independent had Prof Avi Shamir (who I guess is the S in RSA) arrested in Israel, on (I believe) suspicion of involvement in a substantial fraud.

We should carefully note the use of the word "fraud" in this message, and presumably it's how the news story will describe the situation. Notice that the authors of the idea, "Binding Cryptography," repeatedly like to use the term "fraud" to describe sending bits with other than the prescribed pattern which shows that the key has been appropriately GAK'd. Further recall that the so-called "Bit Tax" idea, the one most recently proposed by that Belgian (?) Luc Soete, would apparently require that any data transmitter keep account of any data it sends, in order to collect some sort of tax, and thus any mistake in the count (either as a result of misinterpretation of the rules, or a disk crash, or a power surge, etc) would presumably turn a minor error into "tax fraud," or maybe they'll call it "bit fraud." My opinion was and is that one of the worst aspects of that bit tax idea was that it would automatically result in essentially everybody becoming unavoidably guilty of this "bit fraud", which from the name would presumably be criminalized. Further, unlike taxing the profits of the ISP or a gross tax on revenue which was analogous to a sales tax (neither of which had anything to do with the actual data being transmitted) a "bit fraud" situation would presumably be used to justify wiretapping, ostensibly just to count bits, but in reality would allow content monitoring as well. And since the ISP would be under the gun for such a charge, presumably the government could extort cooperation from him, particularly encouraging him to violate the terms of the agreement he may have previously signed with his customers and divulge information without a warrant. Isn't it interesting, however, that the term "fraud" can be misused to make what was previously not a crime into a crime? Don't you wonder why the authors of that "Binding Cryptography" idea don't explain why a person would agree to some kind of GAK'd encryption standard which would (given the repeated use of the word "fraud") leave him open to what could become criminal charges some day? After all, the term fraud implies that somebody is being misled, and seriously misled at that. However, most owners of equipment which is used to carry data on the Internet have only limited and marginal interest in the content of that data, and certainly would have no reason (absent some arm-twisting by government) to monitor and check the keys of the data it transmits. If I owned equipment which transmitted Internet data, I wouldn't consider myself "defrauded" if some data went over that circuit which didn't have the correct-GAK data included. Against whom, then, is this "fraud" against? There's an old saying: "When the only tool you have is a hammer, you treat all problems as though they are nails." Well, governments and its apologists and minions seem to think that the main tool they have is being able to declare something to be "fraud" and punish it accordingly, and naturally they're anxious to convert all problems to "fraud" problems. That's why Luc Soete wants a bit tax, and I think that's why our Dutch friends keep talking about fraud in their government-friendly GAK system. And I won't be surprised if Avi Shamir is yet another victim of the "fraudification" of cryptography. I wonder if Professor Shamir will now be receptive to a cryptographic solution to a political/governmental problem? Jim Bell jimbell@pacifier.com