Re: Why is cryptoanarchy irreversible?
At 4:00 PM 11/7/1996, Jim McCoy wrote:
ph@netcom.com (Peter Hendrickson) writes: [...]
Once a terrorist has strong crypto, why should they stop using it if it becomes illegal?
Use of strong crypto would be a tip off that one is a terrorist.
If strong cryptography were unpopular and highly illegal, very few people would be using it. This makes it easy to identify suspects.
But the difference between strong crypto and weak crypto is not something which is visible to an outside observer unless they make the effort to attack a particular system or decrypt a message. Such an attack is beyond the capacity of most municipal or state governements and is a difficult and expensive task for federal agencies other than the NSA (who would nto be pleased if their machines were suddenly at the beck and call of the FBI or any other organization; never underestimate the power of inter-agency infighting :)
If mandatory GAK were imposed, reviewing messages is easy, even with inter-agency fighting. Or, encryption in general could just be forbidden if GAK created too much hassle.
What make such detection even harder is that a good crypto system generates output which is indistinguishable from noise, this makes it much easier to hide the fact that an encrypted channel is being used.
In practice I suspect that good stego is hard. You don't have to be right every time when you look for it, just some of the time. When you see packets that seem kind of funny to you, the judge issues you a warrant and you search the suspect's house and computer very carefully. If stego is in use, the software that generated it can be found. Then you hand out a life sentence. Yes, this would be somewhat expensive. But if the number of suspects is small, it is completely feasible. You might also identify suspects in other ways. Maybe that Jim McCoy is looking a little too successful or perhaps he made an unwise comment to a "friend" who reported him. That could easily be grounds for a warrant and subsequent change of quarters.
The funny thing about noise in the information theory sense is that it can actually be _anything_ depending on context, and this sort of uncertainty is the bane of a legal system which is solidly grounded upon technicalities (such as the US legal system.)
Which technicalities protected the Japanese-Americans during World War II? As you probably know, these people were not protected by our legal system. Their bank accounts were frozen and they were forced to sell their property in less than two weeks. They were effectively stripped of their assets. Then, they were carted off to concentration camps and left there for years. This was allowed to happen because there was strong public support for it. The legal system would have to be stretched considerably less to outlaw strong crypto and make it stick. Peter Hendrickson ph@netcom.com
Peter Hendrickson writes:
Jim McCoy wrote:
ph@netcom.com (Peter Hendrickson) writes: [...]
Use of strong crypto would be a tip off that one is a terrorist.
If strong cryptography were unpopular and highly illegal, very few people would be using it. This makes it easy to identify suspects.
But the difference between strong crypto and weak crypto is not something which is visible to an outside observer unless they make the effort to attack a particular system or decrypt a message. [...] If mandatory GAK were imposed, reviewing messages is easy, even with inter-agency fighting. Or, encryption in general could just be forbidden if GAK created too much hassle.
Encryption itself will never be forbidden because there is far too much money riding on electronic commerce. An administration which tried to outlaw all encryption would soon find itself on the next train out of D.C. after the next election cycle. [And high-tech is definitely getting more politically aware and organized as the recent Calif. prop 211 shows] There are a lot of very powerful people betting on systems which require at least a minimal amount of encryption (at least enough to make random ciphertext transmissions common on the net.) Reviewing messages and actually finding stego'd messages is actually a very, very, hard problem for a program. This is the sort of AI problem which people have been working on for more than thirty years and no one has even come close to solving it. When you add in the fact that communication on the net is becoming more international there will be even more problems for such a program to solve (e.g. a Malay<->English translation program will throw a ton of false poitives into the mix for any program developed which somehow has enough understanding of English to detect messages whose grammar and word choice indicates a possible mimic function, if the two users communicate using mimic functions within the translation program itself you are completely screwed...)
What make such detection even harder is that a good crypto system generates output which is indistinguishable from noise, this makes it much easier to hide the fact that an encrypted channel is being used.
In practice I suspect that good stego is hard.
You are mistaken. Read Disappearing Cryptography to see just how easy it is, then check out Romana Machado's EzStego program (done in Java so it can be added to any web download with a bit of tweaking.) If the penalty for using bad stego is high enough you can be certain that natural selection will make certain that eventually the programs being used are top notch code :)
You don't have to be right every time when you look for it, just some of the time. When you see packets that seem kind of funny to you, the judge issues you a warrant and you search the suspect's house and computer very carefully. If stego is in use, the software that generated it can be found. Then you hand out a life sentence.
The problem is that you need to be able to prove that stego is in use, and this is a much more difficult task than you suggest. A good stego program will turn out bits which are indistinguishable from noise, so there is no way to actually _prove_ that stego is being used without actually breaking the cipher used in the stego routines. Remember, that life sentence you suggests requires "proof beyond a reasonable doubt" in US courts, bit rot from multiple image scannings or a bad microphone on a IP phone conversation should be more than enough for the accused to cast doubt into the minds of the jury members.
You might also identify suspects in other ways. Maybe that Jim McCoy is looking a little too successful or perhaps he made an unwise comment to a "friend" who reported him. That could easily be grounds for a warrant and subsequent change of quarters.
Get a warrant, search my system, find nothing but a bunch of applications and a collection of risque (but definitely legal) pictures which I exchange with a few friends. You may suspect that when the images are concatenated in a particular way the low-order bits form a stego filesystem but no one will be able to prove it in court.
The funny thing about noise in the information theory sense is that it can actually be _anything_ depending on context, and this sort of uncertainty is the bane of a legal system which is solidly grounded upon technicalities (such as the US legal system.)
Which technicalities protected the Japanese-Americans during World War II?
Few. OTOH the interment of Japanese-Americans occurred during a period of war, at a time when civil liberties were much more limited, and when Asian-Americans were second-class citizens with very little political power (that and the Korematsu decision was a complete piece of crap...) Today most US citizens distrust the US governement, civil liberties and protections are fairly well established in law and legal precedence, and we techno-nerds are actually the ones running the country :) [Actually the internment of Japanese-Americans was really a big land grab masquerading as a wartime necessity, but that does not change the fact that it happened...]
The legal system would have to be stretched considerably less to outlaw strong crypto and make it stick.
It would have to be shattered to make such a ban stick. Times have changed quite significantly since the 40s, and free speech rights and the first amendment have become rather important to our information society. jim
-----BEGIN PGP SIGNED MESSAGE----- On Thu, 7 Nov 1996, Peter Hendrickson wrote:
If mandatory GAK were imposed, reviewing messages is easy, even with inter-agency fighting. Or, encryption in general could just be forbidden if GAK created too much hassle.
How would this be possible? The latest GAK proposal is for companies to store keys instead of the government. There is the potential for colaboration between a TLA and an "escrow" company. It is also possible for a TLA to illegally obtain the keys from the company's database. However, it would still be impossible to review every message. Even if the government had full access to all encryption keys, it would still be technically infeasible to review every message.
In practice I suspect that good stego is hard. You don't have to be right every time when you look for it, just some of the time. When you see packets that seem kind of funny to you, the judge issues you a warrant and you search the suspect's house and computer very carefully. If stego is in use, the software that generated it can be found. Then you hand out a life sentence.
Good stego is possible. Stegoing data in jpegs is very secure and probably infeasible to detect. This scenario is not entirely unrealistic -- in some states a rise in electrical bills is enough to get a judge to issue a search warrant to search the suspect's home for evidence of marijuana cultivation. However, I find the life sentence idea pretty unrealistic. You are assuming that there will be wide support for tough restrictions on crypto. This is not currently the case and I doubt it would ever get to this point. Not very many people are currently supporting any life sentence for anyone who is in possession of explosives, despite the increase in terrorist activity. Gun-control advocates aren't supporting laws that will give a life sentence to anyone who owns a gun. Given that many people who believe in gun-control and tagants in explosives are against GAK, why do you think there will be such a revolt against strong crypto? Mark - -- finger -l for PGP key PGP encrypted mail prefered. -----BEGIN PGP SIGNATURE----- Version: 2.6.3 Charset: noconv iQEVAwUBMoK68yzIPc7jvyFpAQHN5QgAhsvpuZPwvGV32VTlzS+fRuLXXwWDqmQL 0/etFQkdo0aOwOm8qnGHQzq796tOQVDBFVE8QJSiQqCqukETc1G+E2IDqA53Yl5f xhCfKjBOcp2ZA63ZjKZYd6nVKnoxlgnz5BfVlShMVdxFDszo2SC4HqSvBhRDOjZr npGhDPRiabTWEs4tAXUvh5ymelCBtgdLmDAjPKPgTYnloWUIUNBkGQ1pvRYD/lAs OeL/OPJNNicmKFx1kN9Xx6NP/IYhmS9qUE0qQ0iPUWo8hILqA4ZgIaxY826M6ikQ 6/RMsBzIg03xzrWw4gOYB2HyC0Hk/sDTgMNiHxYvy6ugfzdweO/yCg== =mlYb -----END PGP SIGNATURE-----
participants (3)
-
Jim McCoy
-
Mark M.
-
ph@netcom.com