Why is cryptoanarchy irreversible?

Jim McCoy mccoy at communities.com
Thu Nov 7 17:14:42 PST 1996 

Peter Hendrickson wrote:
>Daniel T. Hagan wrote:
[...]
>>> If strong cryptography were unpopular and highly illegal, very few
>>> people would be using it.  This makes it easy to identify suspects.
>>
>> Or suppose that some one uses strong cryptography and then wraps it in
>> weak cryptography.  The outer shell would seem legal, and the authorities
>> can't go around randomly breaking people's keys (or so one would assume),
>> and even if they did, it wouldn't necessarily be legal as evidence anyway.
>
>In the extreme case, everybody would be sending messages in the clear.
>In the case of mandatory GAK, it would be easy to open a bunch of
>messages and see if what was inside looked like cryptography.  The
>privacy violation could be minimized by requiring a Congressionally
>approved test program to applied without any human reading it.  If
>the test program said it was cryptography, then this could be considered
>just cause for a judge to issue a warrant to the authorities for the
>study of the actual message.

Getting a program to recognize a subliminal message channel is even
harder than teaching a human to do so, check out the book Disappearing
Cryptography or do a web search for "mimic functions" to see how easy it
is to hide messages in text which a program parses as regular English.
The other problem is that more and more of the data being tossed around
the net are images and sound files in which it is incredibly easy to
hide encrypted messages.

>The laws regarding what is considered legal evidence are easily
>changed if there is a need for it.  Probably they don't need to be
>changed all that much.  If you see a lot of PGP messages coming
>from somebody, you get a warrant and search their computer for
>illegal software.  When you find it, you lock them up forever.

And if there was a penalty for using PGP then PGP would hide the fact
that such messages were being sent; that -----BEGIN PGP MESSAGE-----
line in the program output does not need to be there you know... Check
out Stealth PGP for an example.

[...]
>In the absence of strong cryptography, remailers do not offer much
>anonymity.

Except for the fact that US law stops at the US border (modulo kidnapping
Mexican doctors or strongarming the rest of the world to obey US
dictates...)  Information, on the other hand, is very easy to transport
across national boundaries and such transmission is impossible to stop.
With remailers outside the US I can send a message to a free nation and
have it delivered to whomever I want.

jim

More information about the cypherpunks-legacy mailing list