Law Review Articles
Carl Ellison
cme at ellisun.sw.stratus.com
Tue Sep 7 08:06:39 PDT 1993
I have two pet issues:
1. Who Owns Cryptography?
David Kahn's "The Codebreakers" shows that strong cryptography (as
strong as that used by the military of the time) has almost always
been invented by and used by private individuals, throughout
history.
The US Gov't (especially the NSA) has been trying to give the
impression that it owns cryptography.
The case needs to be made that cryptography inventions occur
spontaneously in the minds of individuals and that cryptography is
used to guard privacy (of both files and conversations) in a way
the government:
a. could not control if it tried, short of "1984" style room
bugging, informants, ...
b. should not control because of the 4000 year history of
private ownership of cryptography.
2. Export Laws for Cryptography --
There are three classes of cryptography, logically:
i. Munitions
ii. Commercial
iii. Public Domain
Munitions cryptography would include systems using government
classified algorithms or incorporated in physical hardware which
has been hardened for battlefield use.
Commercial would include systems which are proprietary to some
company and sold by that company.
Public domain would include systems which have been fully published
(DES, RSA, DH, IDEA, <many older systems>, ...), have been
implemented from those publications and which are effectively
already in the hands of any interested high school kid. These are
often available on public BBSs, worldwide. (PGP, for example)
It makes sense to control munitions via ITAR and commercial systems
via the commerce department, while leaving public domain systems
uncontrolled c/o freedom of speech.
What can be done to make these points?
If these are not law review issues, what can I do as a private citizen
to put these forth?
- Carl
More information about the cypherpunks-legacy
mailing list