NSA says strong crypto to china??
This is a quote from an article by Paul Vallely in The Independent, London, which can be found here: http://nytsyn.com/live/News3/006_010696_101827_2723.html
What one government regards as harmful material is an instrument of freedom and democracy to another. Officials at the US National Security Agency have suggested that Internet encryption technology - a sophisticated method of encoding information - be deliberately exported to Chinese dissidents to help them in their fight against their government - even though its export is otherwise banned under US arms control regulations.
Does anyone know of real documentation of this "suggestion" from the NSA? It quite telling, though no surprise to any of us I'm sure, that they would think that strong crypto should be a tool of freedom in china, but not in this country. Maybe they should get Microsoft to insert subliminal directions for downloading PGP into a future episode of "My Computer Family". :-) --Jeff Jeff Weinstein - Electronic Munitions Specialist Netscape Communication Corporation jsw@netscape.com - http://home.netscape.com/people/jsw/ Any opinions expressed above are mine.
Does anyone know of real documentation of this "suggestion" from the NSA? It quite telling, though no surprise to any of us I'm sure, that they would think that strong crypto should be a tool of freedom in china, but not in this country.
But they do. That's why they don't want it. That too should be obvious. I think though, that this is an example of the two major functional halves of the NSA, with rather opposite goals: COMSEC vs. COMINT. -- sameer Voice: 510-601-9777x3 Community ConneXion FAX: 510-601-9734 The Internet Privacy Provider Dialin: 510-658-6376 http://www.c2.org/ (or login as "guest") sameer@c2.org
What one government regards as harmful material is an instrument of freedom and democracy to another. Officials at the US National Security Agency have suggested that Internet encryption technology - a sophisticated method of encoding information - be deliberately exported to Chinese dissidents to help them in their fight against their government - even though its export is otherwise banned under US arms control regulations.
If this is true, it's great news. It would mean that the NSA is adopting both cypherpunk analysis and tactics. Who would have thought? An NSA remade in Tim May's image.
Does anyone know of real documentation of this "suggestion" from the NSA? It quite telling, though no surprise to any of us I'm sure, that they would think that strong crypto should be a tool of freedom in china, but not in this country.
The NSA is a big organization with a lot of people in it. It could be that the people in charge of thinking about Chineese dissidents are far removed from the people who think about domestic crypto. I'm skeptical about this story, but it would be a sensible policy for us to pursue. But not just with dissidents, and not just in China. We ought to try to create an environment in which people who want to do business need to have access to strong crypto in order to interoperate with the rest of the world. Pump high quality free tools out to the world, and push for solid standards for encrypted communications. And make sure those Chineese and Iraqi dissidents always have a safe way to post anonymously. We're already living in a world in which it's necessary to give people computers if you want them to be competitive economically. Let's try to make giving people computers the functional equivilant of abandoning any hope of making censorship work. I doubt they're interested in doing this, but I don't understand why. It's a sensible policy. Can you imagine what would happen to freedom and privacy around the world if the NSA went cypherpunk? In the space of a month they could eliminate the possibility of totalitarianism world wide.
Alex Strasheim writes:
If this is true, it's great news. It would mean that the NSA is adopting both cypherpunk analysis and tactics. Who would have thought? An NSA remade in Tim May's image.
I suspect that the NSA was thinking in our terms long before many of us were aware of cryptography. I actually think that in many cases, their behavior is perfectly rational. Their goals are merely different. If you are in SIGINT, I believe that the possibility of totally losing a valued intelligence tool must heavily weigh on your mind. Of course, they are hardly monolithic, and different groups at the NSA necessarily have different goals. Once SIGINT becomes much harder regardless of their previous attempts to stop it, I suspect that the NSA will become a friend and not an impediment. By that time, of course, the "we have to protect our people" types will be the only ones producing results and getting funding, and the "we have to gather information" types will have long ceased to produce. Thats probably a decade or more off, though. Perry
Once SIGINT becomes much harder regardless of their previous attempts to stop it, I suspect that the NSA will become a friend and not an impediment. By that time, of course, the "we have to protect our people" types will be the only ones producing results and getting funding, and the "we have to gather information" types will have long ceased to produce. Thats probably a decade or more off, though.
I doubt this will ever happen. If strong cryptography is ever deployed worldwide ubiquitously, which is a big if, passive ether sniffing becomes much harder, but the SIGINT people will likely switch to active attacks. Defense against active attacks is much more difficult than against passive attacks, and requires a host of technologies besides strong crypto (the one we're lacking most, I think, is a good software engineering methodology). I bet the NSA is doing active research on sniffer viruses and other automated tools for large scale active attacks. Wei Dai
Yeah but if NSA went Cypherpunks, what would be the new PC dogma - the current San Fransisco trendlines? If you aren't a Sensitive Guy who'd rather re-read Hillary's speech at the Beijing Women's Conference, than watch the jittering cheerleaders on Monday Night Football - there goes your promotion! Not to shatter your illusions boys, but there's a school of thought back here East of the Rockies that the whole shebang south of Redding should be written off after the next Big One - no taxpayer dollars spent _at all_. Commit American Imperialist Aggression against Mexico - use gunboat diplomacy to make them take California back. Only hold onto a few selected spots as Possessions. I mean, Vandenberg's on a very convenient spot for launching birds to listen in on the Beijing apparatchiks on the cellphone, running their mistresses in and out of the secret entrances of the Forbidden City faster than the JFK-era Secret Service could have kept up with. Visit the hospitality room at the next annual convention of the Old Crows Association, if you want to see proof that the electronic-warfare community, like worker-bee military types in general nowadays, comprises LOTS of folks with a rather Libertarian outlook. Alan Horowitz alanh@infi.net
The original article in the Indpendent contained too many factual inaccuracies to take the NSA statement at face value. Further, some of the details resemble an interchange between Carl Ellison and the OSTP. For the details, check out: http://www.clark.net/pub/cme/html/nist-ske.html Here's the relevant excerpt: Sell to Chinese dissidents In the opening session, Mike Nelson of the OSTP (Office of Science and Technology Policy on the vice president's staff) presented his discussion of the Key Escrow criteria. He was asked who in his right mind would buy a product with a master key escrowed in the U.S., with access by US Law Enforcement. His answer was that a Chinese dissident would be quite happy to have the key escrowed by a US agent, in the US, for US government access -- rather than by a Chinese agent, in China, for Chinese government access. That's a good plan, Mike. That's a huge market. I'm looking forward to seeing the agreement with the People's Republic under which they allow the importation of such products. [end excerpt] My best guess is that we're seeing a distortion of this interchange. If I were a Chinese dissident, I wouldn't want to use GAK, for three reasons: using US-lackey encryption is certainly not going to get you into any _less_ trouble than using independent encryption, if you used GAK you'd be working as a US spy whether you wanted to be or not, and finally, who says the Chinese can't decrypt it, especially with the rapid growth of television. Raph P.S. To those who are suriprised that I'm still here - my flight got delayed, and I'm waiting it out on the Net, in true geek style.
participants (7)
-
Alan Horowitz -
Alex Strasheim -
Jeff Weinstein -
Perry E. Metzger -
Raph Levien -
sameer -
Wei Dai