Why is cryptoanarchy irreversible?
Peter Hendrickson
ph at netcom.com
Fri Nov 8 09:03:09 PST 1996
At 12:58 AM 11/8/1996, stewarts at ix.netcom.com wrote:
> Strong vs. weak crypto isn't the real issue - for most business use,
> weak crypto is obviously unacceptable, but strong crypto with GAK
> is ok as long as it doesn't interfere with use (and as long as the
> government bureaucrats don't sell too many keys.)
We often say that the government is a security weak point and that
this makes GAK impractical. However, this is not true. If the
holders of the government keys were individually responsible for
their release, they would not be released very often. That is,
in order to use cryptography you must purchase an expensive
encryption license. That pays the salary of a certified "key
escrow agent" who is the only person who can decrypt your messages.
What stops him from revealing your keys to unauthorized parties?
It's his business. If that's not enough, you back it up with
criminal penalties for disclosure. And, hiring this person is
no different from hiring an employee for your company.
There are already similar activities. Lawyers are nominally employees
of the state. Employees of Swiss banks can go to jail for violating
their secrecy laws.
> The government might be able to stop new Netscape versions from
> using strong crypto - threatening to confiscate the company's
> ill-gotten gains from aiding and abetting money launderers might help,
> and threatening to confiscate PCs that use unapproved crypto.
> But it's tough to use a widespread threat like that on popular
> software once it's out there.
I agree, if the software is popular. But, if the fears of the GAKers
and the dreams of certain cypherpunks are real, such software will
not be popular.
Peter Hendrickson
ph at netcom.com
More information about the cypherpunks-legacy
mailing list