Re: The great GAK crack (making GAK economically impossible)
This seems to ignore a possible worst-case scenario, in which the only products which are ultimately approved wrap the key using a special law enforcement key, for example. If the Powers that be can mandate "escrow" --- really GAP, Gov't Access to Plaintext --- then it can be mandated to take a particular form that is defined to be tractable. At 05:25 PM 9/15/97 -0700, Tim May wrote:
At 8:41 AM -0700 9/15/97, nospam-seesignature@ceddec.com wrote:
If I have to GAK my keys, and there then exists a pgp-gak, then we simply recruit the same CPU power that generated the millions of DES keys to just run pgpk-gak with the shortest keylength and send billions of keys to the GAKserver each week. Many from out of the US if pgp-gak becomes available there.
My test software uses a loop that generates a new pair every few seconds on a pentium (and found some very obscure bugs). I would be required to send all those to the gak.gov. If they really want them...
What it probably means is the govenrment will issue keys or have to license people to create them.
"There ain't no such thing as free escrow."
Some fee will be collected to register keys. "To defray costs" (never mind that the government is the party _requiring_ the damned escrow!).
This will stop the "flooding attacks" which a free key escrow system would generate. It will also, sadly for us, put an end to many applications where keys are generated quickly, transiently, and on an ad hoc basis. There simply will be no time to register the keys, and the $10 (or whatever) processing fee will be unacceptable for these applications.
--Tim May
There's something wrong when I'm a felon under an increasing number of laws. Only one response to the key grabbers is warranted: "Death to Tyrants!" ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
At 9:07 PM -0700 9/17/97, geeman@best.com wrote:
This seems to ignore a possible worst-case scenario, in which the only products which are ultimately approved wrap the key using a special law enforcement key, for example. If the Powers that be can mandate "escrow" --- really GAP, Gov't Access to Plaintext --- then it can be mandated to take a particular form that is defined to be tractable.
By the way, I hope this "GAP," or "government access to plaintext," term does not spread too widely. (A couple of people were using it at the Saturday Cypherpunks meeting.) While perhaps technically correct, it loses some of the simplicity of the "government access to keys" meme. And people already understand what "keys" are...trying to explain "plaintext" to lay audiences is another barrier to getting our point across. Besides, I'm not entirely convinced that the proposed versions of unSAFE won't also give access to keys. So I suggest we stick to GAK. It also has the right onomotopoetic etymology, which GAP surely does not have. --Tim The Feds have shown their hand: they want a ban on domestic cryptography ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
participants (2)
-
geeman@best.com -
Tim May