Many of us believe that a crypto ban is inevitable. The only question for us is whether it'll happen sooner or later. Seen in this perspective, all that industry and civil liberties lobbies can do is delay the ban. But is this necessarily a good thing? Here are some reasons to believe that an ealier ban might be preferable to cypherpunks. 1. An earlier ban will do less damage to existing infrastructure. 2. A ban can not and will not stop crypto. It will force people to work around it, but ultimately it will not achieve its goal. We might as well start working around it sooner. 3. A ban will eventually be lifted, because of the impracticality of GAK, abuses, wide-spread security problems caused by added complexity or hackers stealing the master keys, ineffectiveness, sympathetic courts etc. The sooner it comes into effect, the sooner it goes away. 4. A ban will focus public attention on crypto, especially if it creates some of the problems mentioned above. This will accelerate deployment of crypto after the ban is lifted. In summary, the government is obligated to try and eventually fail to ban crypto. We might as well let them get it over with. I'm not suggesting that the professional lobbists stop their efforts (they shouldn't, if only for appearances sake), but it might be time for the rest of us to focus our attention on more important matters.
"3. A ban will eventually be lifted, because of the impracticality of drug enforcement, LEA corruption, the creation of black market drugs of questionable quality, gangs raiding evidence room stockpiles, ineffectiveness, sympathetic jurors, etc. The sooner it goes into effect, the sooner it goes away." Once a massive enforcement agency is founded, as we've seen time and again this century, it rarely gets smaller and more limited in scope, and _very_ rarely ever goes away altogether. And rest assured that, like the IRS, EPA, and the Park Service, this new agency will have its own Special Weapons teams, snipers, APV's...everything a self-respecting TLA needs. -stonedog On Thu, 18 Sep 1997, Wei Dai wrote:
3. A ban will eventually be lifted, because of the impracticality of GAK, abuses, wide-spread security problems caused by added complexity or hackers stealing the master keys, ineffectiveness, sympathetic courts etc. The sooner it comes into effect, the sooner it goes away.
At 10:45 PM 9/18/97 -0700, Wei Dai wrote:
Many of us believe that a crypto ban is inevitable. The only question for us is whether it'll happen sooner or later. Seen in this perspective, all that industry and civil liberties lobbies can do is delay the ban. But is this necessarily a good thing?
Yes. Later is bad, but sooner is worse. First of all, "Soon" means "We lost already", while "Later" means "We haven't lost yet, even though it looks pretty much like we're going to lose later, but we're still fighting them on the seas and the beaches and the bowling greens and we've taken out the occasional deserving politician with a well-placed bowling ball." Also, "Later" might mean "Clinton's out of office, and some of the Republicans have gotten in the habit of pretending they like privacy as long as Clinton opposes it, even though it's traditionally been the Republicans' job to rip off our privacy."
1. An earlier ban will do less damage to existing infrastructure.
Wrong - the more time we have to deploy crypto, get the world used to it, and make it an indispensible part of the industry, the more infrastructure there is. Infrastructure is good, and if we build some and they tear it down, that's just more people lobbying against the Bad Guys. Suppose the Feds tell half the country they need to replace their new cellphone.... Bad enough they have to replace their Verisign key that all their Netscape Mail uses. Also, an early ban means the infrastructure gets built with Big Brother Inside. Suppose the digital signature infrastructure gets built where every cellphone needs a Social Security Signature Number to operate so they can find your Voluntary Escrow Key, and every bank transaction is required to be traceable; compare that with a Carl Ellison style signature system that doesn't need names, only authorizations. And there's a whole lot of digital cash infrastructure to be built, that's only starting emerge as the big financial institutions get on board. If crypto gets banned early, there's no chance of a Chaumian or agnostic or even vaguely private system getting adopted, and once the Bad Infrastructure is in place, it doesn't matter if the laws get relaxed, because the banks won't change. The timing is especially sensitive because the Diffie-Hellman patent just expired, and Merkle-Hellman and Hellman-Pohlig go next month, and the whole field becomes legal for Americans to work in without license restrictions and for Non-North-Americans to write software they can sell in the US without licensing. That means there should be a lot of new products emerging in the next year or so - and Escrowed Key Certification Authorities are especially silly in a Diffie-Hellman environment, where you're using the registered part of your key to sign a random half-key used to generate the session key....
2. A ban can not and will not stop crypto. It will force people to work around it, but ultimately it will not achieve its goal. We might as well start working around it sooner.
Momentum is good - more people working around it, and more people working against it, and more people hassling their Congresscritters.
3. A ban will eventually be lifted, because of the impracticality of GAK, abuses, wide-spread security problems caused by added complexity or hackers stealing the master keys, ineffectiveness, sympathetic courts etc. The sooner it comes into effect, the sooner it goes away.
No, the sooner it goes into effect, the later the things built with it go away. Think of all the places your Social Security Number has spread, partly by design and partly because it's a convenient database key. Will your Public Key Infrastructure ID be on all your digital transactions? Who's going to bother replacing that with the infrastructure needed for Web Of Trust business relationships? Furthermore, in an Escrowed Society, encryption gets built with the id and signatures on the outside and the privacy inside, so it's easy to trace whose communication you're wiretapping. That kind of architecture isn't easily replaced, even if the key is no longer escrowed, so traffic analysis becomes easy even after message reading becomes harder.
4. A ban will focus public attention on crypto, especially if it creates some of the problems mentioned above. This will accelerate deployment of crypto after the ban is lifted.
In summary, the government is obligated to try and eventually fail to ban crypto. We might as well let them get it over with.
We've blown them off over Clipper 1, Clipper 2, Clipper 3, and Clipper 4. Better to blow them off over Clipper 5 and Clipper 6 than give in. Thanks! Bill Bill Stewart, stewarts@ix.netcom.com Regular Key PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
On Fri, 19 Sep 1997, Bill Stewart wrote:
Also, "Later" might mean "Clinton's out of office, and some of the Republicans have gotten in the habit of pretending they like privacy as long as Clinton opposes it, even though it's traditionally been the Republicans' job to rip off our privacy."
I don't think it makes a difference who is in office. The TLAs seem incredibly adept at converting/subverting politicians who initially support crypto. They must have known about this ability (and by ability I don't mean some kind of mind-control machine, but simple persuasiveness) for a long time, but seem to have started excercising it on a large scale only recently. The pro-crypto lobby is pathetic by comparison. Has it converted any anti-crypto politician to our side? This is why I think a crypto ban is inevitable. We simply don't have the resources to defend against this type of attack directly. A delay is possible, but not one long enough to make the ban impossible. As for the residual effects of the ban after it is lifted, I think you are overestimating them. All (escrowed) crypto built during the ban should be designed with the lift in mind. When the ban is lifted, everyone will be able to upgrade simultaneously by simply plugging in non-escrowed crypto and protocol modules. This can even be done without user-intervention, similar to auto-upgrade of virus scanning modules. Compatibility betwen escrowed and non-escrowed crypto can be kept during the upgrade period with appropriate negotiation protocols. The residual social effects of the ban is harder to estimate. It's possible that it will be minimal, for example if digital bearer instruments are so much more efficient than account based ones that people will use them despite escrow requirements, then these can be quickly converted to use non-escrowed crypto after the ban is lifted. But in any case, I don't see how a short delay will make any difference.
At 10:45 PM -0700 9/18/97, Wei Dai wrote:
3. A ban will eventually be lifted, because of the impracticality of GAK, abuses, wide-spread security problems caused by added complexity or hackers stealing the master keys, ineffectiveness, sympathetic courts etc. The sooner it comes into effect, the sooner it goes away.
You mean like the way the ban on drugs was impractical and could be skirted in various ways, forcing the ban on drugs to "go away"? --Tim May The Feds have shown their hand: they want a ban on domestic cryptography ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
At 11:22 AM -0700 9/19/97, Wei Dai wrote:
On Fri, 19 Sep 1997, Tim May wrote:
You mean like the way the ban on drugs was impractical and could be skirted in various ways, forcing the ban on drugs to "go away"?
The ban on alcohol went away, why not the ban on drugs? It won't even require a constitutional amendment. Are you being sarcastic or agreeing with me?
In any case, the analogy between crypto and drugs is interesting. Perhaps after the ban many people will obtain their crypto and crypto-related services from organized crime.
I'm challenging your point that the difficulty of enforcement, corruption, whatever, will be a reason crypto bans will be rescinded. As to the difference between Prohibition and War on (Some) Drugs, there are some differences. With the ban on alcohol, this went against many centuries (or millenia) of cultural norms about wine, beer, and so on. And the majority of Americans were consumers. In particular, older, politically more influential persons. By contrast, drug use has typically been confined to the lower classes or the rebellious young. Not a lot of pols are dope smokers, though there are certainly some. Where crypto fits is not immediately clear, but certainly most Americans are not regular users, and will not be visiting "crypto speakeasies" to partake of forbidden code. Also, 50 years passed between the failed experiment of Prohibition and the still-going-strong-after-25-years War on (Some) Drugs. There is little movement toward repealing the WOD. Further, many of the special interest groups--pharmaceutical makers, growers, distributors, crime syndicates, the CIA--are apparently quite happy with the status quo, for obvious reasons. In short, I think it far likelier that a crypto ban will more closely resemble the War on Drugs than it will the relatively short-lived Prohibition. (I'm off to Stanford now, so will be out of touch for a few days.) --Tim May The Feds have shown their hand: they want a ban on domestic cryptography ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
On Fri, 19 Sep 1997, Tim May wrote:
You mean like the way the ban on drugs was impractical and could be skirted in various ways, forcing the ban on drugs to "go away"?
The ban on alcohol went away, why not the ban on drugs? It won't even require a constitutional amendment. Are you being sarcastic or agreeing with me? In any case, the analogy between crypto and drugs is interesting. Perhaps after the ban many people will obtain their crypto and crypto-related services from organized crime.
participants (4)
-
Bill Stewart -
stonedog@ns1.net-gate.com -
Tim May -
Wei Dai