Re: Final Solution to the Crypto Problem
Tim May wrote:
Namely, once the infrastructure is deployed, once most electronic commerce is handled via card tokens (and card readers are actually pretty cheap, and volume will drive the price down further), the President can cite some kind of national emergency, or widespread tax evasion, or whatnot, to announce that beginning on suc-and-such a date all cards must be licensed, even to domestic users.
Not to diminish the validity of Tim's alarm, is there not reason to anticipate that these tokens will be crackable. And thus continue the race between crypto enforcers and crackers? In addition to the recent successes against smart cards, there seems to be trouble with the government's program for widespread use of Fortezza cards, according to complaints of various military and civilian sites. The Fortezza site at ljl.com seems to have been set up so that open, easily accessible information could be gotten by the harried military users (see, for example, the list of Fortezza complaints at http://infosec.nosc.mil ). Moreover, there is surely to be continued competition among the players who are trying to increase their market share -- both government and commercial, both domestic and international. Will they not continue to attack each other's crypto products? And will not each nation's government continue to subsidize their favored producers in international economic and military contentions? The point is made on cypherpunks that the odds are increasingly on the crackers even if there are periodic gains by behind-the-scenes plots among the enforcers and there temporary allies (as Tim notes, these are often short- term romances). And that hardware systems are the most vulnerable due to their illusory physical security -- the fatal conceit that brawn can beat brains in crypto, as it claims it used to do in iron- and fire-power (that was before iron became subservient to code). Finally, take a look at the history of these "emergency" Executive Orders outlined in No. 12924 posted by Peter Junger. Then look at the predecessors to those at www.house.gov. They go back through several administrations and confirm what Hal first raised: there is a concerted effort to get around accountability for the continuation of the so-called emergency, and successive Congresses have been complicit in the camouflage.
I think it's apparent that the events of Friday, with the other shoe to drop on Monday (the H-P/Intel/Microsoft/etc. Final Capitulation), signal to us that we are in a State of Emergency. The Presidents of this country are in the habit of declaring such States of Emergency, often essentially secretly (in that the sheeple know little of such things, and those who speak of NSDDs and PDDs and EOs are demonized by the media as "conspiracy nuts" and "militia members"). Maybe it's time for us to stop flaming about Vulis and his allies, and concentrate on the Real War. At 8:17 PM -0500 11/16/96, John Young wrote: ...
Not to diminish the validity of Tim's alarm, is there not reason to anticipate that these tokens will be crackable. And thus continue the race between crypto enforcers and crackers?
Well, don't misunderstand me. I'm not saying "Give up." In fact, the transparent nature of the government's "voluntary key escrow for domestic users" strategy should cause redoublings and retriplings of our efforts. As John's SWAN program emphasizes, there still are no _import restrictions_ on crypto (and there may be severe constitutional impediments, as we've debated several times). Get enough alternate channels using non-GAK crypto, and even the latest Clipper won't succeed. And sabotaging the GAK scheme in more devious ways remains an option. (I hear some nym on BlackNet is still bidding $125,000 payable to any offshore account for certain details related sabotaging GAK.) "The government announcement is disastrous," said Jim Bidzos,.."We warned IBM that the National Security Agency would try to twist their technology." [NYT, 1996-10-02] We got computers, we're tapping phone lines, I know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1,257,787-1 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
I would like to dampen a little of the panic and FUD that seems to be breeding on the question of the "national emergency" declared to keep the bulk of the Export Administration Act regulations in effect after the statute itself lapsed by its own terms. [Note, by the way, that the EAA rules are the *mild* ones. The *tough* ones are still in force and are not going away ... kill the EAA rules, and they start reclassifying everything back to the Military List?] Whether you like it or not, Congress has delegated to the President sweeping authority to declare "national emergencies" due to foreign threats. In wartime the authority is very extensive; in peacetime almost as great. The authority is found in the "International Economic Emergency Powers Act" (IEEPA). While the President's determination that an "emergency" exists is not reviewable, actions taken under IEEPA authority *are* reviewable, indeed more reviewable than acts taken under the export control laws. Of course since the delegation of power is broad, it's often hard to win. There have been LOTS of Presidential declaration of "emergencies" under IEEPA and its predecessor statutes (e.g.the "trading with the enemy act", which still applies in wartime). Indeed, there are fewer today than before Congress attempted to reform the system and required most of the large number of emergencies in force to cease. For example, every time the President orders an embargo, e.g. against Iran, the statute requires that he first declare an "emergency". My point is not that Congress was wise to give the President this power. That's debatable; it's even more debatable that the intent was for it to be quite as broad as the courts have found it to be (see e.g. Harold Koh's book, The National Security Constitution, for more info). And, the point is not that Presidents are using this power in a wise or measured way. It's obvious that they are not. At any given time since WWI, many many (too many) "national emergencies" have been in force. And, the point is especially not that this President was wise to declare an emergency on these facts (although in his defense, several previous presidents did exactly the same thing when previous editions of the EAA lapsed; it seems to be something of a tradition...). Rather, my point is a simple one. The fact that the President has declared an emergency here is primarily a technical legal event. It is not a sign that martial law is about to be declared, that they are coming to take you or your [fill in blank] away, or that anything fundamental has changed. Multi-year emergencies in which the executive uses one statute to compensate for the Congressional decision/failure to pass another statute is not, I submit, a particularly telling sign of a mature and healthy democracy. But this goes to large and gradual processes, not to anything that suddenly happened. Again, for some background on all this, written before the Nov. 15 anouncements, see http://www.law.miami.edu/~froomkin/articles/planet_clipper.htm#POSTSCRIPT A. Michael Froomkin | +1 (305) 284-4285; +1 (305) 284-6506(fax) Associate Professor of Law | U. Miami School of Law | froomkin@law.miami.edu P.O. Box 248087 | http://www.law.miami.edu/~froomkin Coral Gables, FL 33124 USA | It's warm here.
Cpunks has become an existance proof that the benefits of anarchy are not worth the price. Aga, Vultis, it's a damned shame your parents didn't teach you not to shit where you live. -- ``I tell you, we are here on earth to fart around, and don't let anybody tell you any different.'' Kurt Vonnegut, quoted in Harpers (11-95)
participants (4)
-
John Young -
Michael Froomkin - U.Miami School of Law -
scs@lokkur.dexter.mi.us -
Timothy C. May