-----BEGIN PGP SIGNED MESSAGE----- CypherRant V2: Reasons why private cryptography should not be regulated. Paul Elliott is solely responsible for this document. Please distribute widely. FBI director Freeh has been going around pushing his stupid plans for cryptography regulation. Usually, these plans take the form of some kind of mandatory key escrow. Mandatory key escrow schemes are requirements that encryption keys be given to government agencies with the promise that the keys will not be used without a warrant. Now let me give some reasons why Freeh's requests should be ignored. 1) It is unconstitutional! a) First amendment. Electronic communications are a form of speech and the cryptography regulations try to regulate this speech to a form the government understands. Congress shall make NO LAW ....or abridging the freedom of speech or of the press; ... They really meant it! b) Second amendment. Cryptography is arms. Even U.S. government ITAR regulations admit this. Therefore cryptography is protected by Second amendment. c) Ninth & tenth amendments. Article I section 8 does not give congress the power to tell us what computer software we can run on our computers. Therefore that power remains with us, and we should be able to run whatever cryptography software we want the displeasure of congress not withstanding. d) The power to search, if a warrant exists, which is mentioned by the fourth amendment, does not grant the government the right to succeed in finding what the it is looking for. In other words the power to search, is not a power to guarantee a successful search. It is not a power to require citizens to run their lives in such a manner that any government search will be successful. For more information on this, see the following World Wide Web url: http://www.clark.net/pub/cme/html/avss.html Since all Senators and Congressmen take an oath to preserve and defend the constitution of the U.S., this should be the end of the argument. However, watching some of the stupid laws that have come out of congress in past years, tells me I should supplement the above with additional argument. I am not a lawyer and I am not trying to be one. I have no opinion as to whether private cryptography regulations will be found unconstitutional. There are a number of cases where out courts have made decisions which do great violence to the plain meaning of the text of our constitution. Knowing what the courts will actually do is the business of lawyers. Understanding the constitution so that one may know what the courts should do should be the business of every citizen. 2) The excellent NRA argument "when guns are outlawed only outlaws will have guns" applies with equal force to cryptography! Professional criminals will circumvent with ease any government regulations on cryptography. Billions of bytes travel the internet yearly. The techniques of steganography make it absolutely trivial for any motivated person to conceal any encrypted messages. The Big Brother cryptography regulations will affect only ordinary citizens. 3) Cryptography is already in use by legitimate business. Any government regulation of cryptography will probably cost huge amounts of money for software and hardware costs for existing systems to be changed to a form that the government approves. The existing ITAR regulations probably cost the U.S. economy large amounts of money because U.S. companies can not market cryptography software internationally. For information, see: http://www.eff.org/pub/Crypto/ITAR_export/tis_walker_export_101293_hr.testim... By discouraging private cryptography, the ITAR regulations probably enables a large amount of computer crime since it makes it difficult for people to protect themselves. The ITAR regulations have not and can not prevented strong cryptography from making it outside the U.S. How many tons of cocaine illegally enter the U.S. every year? Yet the government ITAR regulations propose to regulate the export of software that can fit in a shirt pocket, or travel by wire concealed with billions of bytes of data that leave the U.S. every year. It is time for the U.S. government to start living in the real world! According to an article in the August 17, 1995 Wall Street Journal, ITAR regulations have required Netscape to use inferior encryption methods in the international version of its World Wide WeB browser software. This inferior encryption method has actually been broken by a French Hacker! Because of its computational intensity, this weakness in the encryption method does not represent an immediate danger. However as more powerful computers continue to develop, this and similar vulnerabilities will present a danger for those who wish to use the internet for commerce. For more information, see: http://pauillac.inria.fr/~doligez/ssl/ 4) These regulations make it impossible for an individual to have greater privacy than the U.S. government. The Adlrich Ames case makes it clear that the U.S. is incompetent to keep a secret. 5) The proposed regulations require the American people trust the government, but on the contrary, the government should be required to trust the American people. Recent news stories (Waco ect.) make it clear that it is common for government agents to lie to get a search warrants. Government should be viewed as George Washington did as "a fearful servant and a dangerous master". A recent poll conducted by the Americans Talk Issue Foundation said 76% of the people questioned responded that they rarely or never trust "government to do what is right". This mistrust is well founded. At the same time as administration sources were saying that key escrow schemes would remain voluntary, FBI, NSA, and DOJ experts were saying that the schemes must be made mandatory if they were to be at all effective. If the government is willing to lie to establish a key escrow key system, what makes us believe that the government will not lie when applying for warrants to use that system? For more information on this, see: http://www.efh.org/pgp/fbilie.html If any key escrow system is adopted, the secret FISA court will undoubtedly be given the power to issue warrants for decryption keys. The FISA court has granted over 7,500 wiretap requests in complete secrecy with only one refusal. The secrecy of this court creates a great opportunity for abuse. If the court is lied to, the lie is not exposed, because the people with an interest in exposing the lie do not know the lie exists. If the court grants legally unwarranted warrants, there is no one to appeal or to try to stop the practice, because no one knows about the problem. For information, see: http://MediaFilter.org/MFF/CAQ/caq53.court.html 6) It is too humiliating to require a free people to participate in the establishment of their own surveillance prisons. This is what key escrow requires. Consider the words of our revolutionary heritage: Those who would sacrifice essential freedoms for temporary safety deserve neither. Benjamin Franklin If ye love wealth greater than liberty, the tranquility of servitude greater than the animating contest for freedom, go home from us in peace. We seek not your counsel, nor your arms. Crouch down and lick the hand that feeds you; and may posterity forget that ye were our countrymen. Samuel Adams Do you think that these men would approve the government's key escrow requests? This information can also be found at the following url: http://www.efh.org/pgp/rant.html - -- Paul Elliott Telephone: 1-713-781-4543 Paul.Elliott@hrnowl.lonestar.org Address: 3987 South Gessner #224 Houston Texas 77063 -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBMFA5K/BUQYbUhJh5AQGOjAP+OyDEtAJGL32S8IK+HGAfaOTkpCI18SCL QvSTaknPd5J2m+yzamGD88Z2YJKwW1M+2GgqGqsclCpI+KCvSp2Z9h1KXWT6ANGR MXTuK3fjVmlvp5lqZAwHb133qL97e60MIq+5lK26FPaGzBCr7ckPMF0cvM+mm4dW dyc1uuXaZg0= =bVzd -----END PGP SIGNATURE-----