1994-07-22 - Re: “Key Escrow” — the very idea

Header Data

From: solman@MIT.EDU
To: Mike_Spreitzer.PARC@xerox.com
Message Hash: 761f2866ef07c6a9ab99a18c68bc3870a44422619adfada41de2b945372f169e
Message ID: <9407220236.AA13439@ua.MIT.EDU>
Reply To: <94Jul21.164935pdt.14430(3)@alpha.xerox.com>
UTC Datetime: 1994-07-22 02:37:26 UTC
Raw Date: Thu, 21 Jul 94 19:37:26 PDT

Raw message

From: solman@MIT.EDU
Date: Thu, 21 Jul 94 19:37:26 PDT
To: Mike_Spreitzer.PARC@xerox.com
Subject: Re: "Key Escrow" --- the very idea
In-Reply-To: <94Jul21.164935pdt.14430(3)@alpha.xerox.com>
Message-ID: <9407220236.AA13439@ua.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


> (1) I'm not an anarchist.  Does that make me out of place here?  I'm
> willing to live with some amount of government, as long as us owners
> stand a chance of controlling or overthrowing it.  My biggest problem
> with Capstone is that it changes the balance of power too much.

Simple solution for people like you: Secret split your key into eight pieces,
such that six or seven are required to reconstruct it. Create a mechanism
whereby people can anonymously distribute their keys. Have the govenment
escrow keep just the names of the people with the other pieces. Periodically
require everybody to prove that they still have the same piece by sending
hashes. When the government wants your key it presents a warrant to the people
holding your pieces.

But I find this sort of system to be silly. its only purpose is to eavesdrop
in on my conversations. Why would I want somebody doing that? I like my
privacy so I'd rather not participate.

> (2) I think crimes can be committed in cyberspace.  Substantially, if not
> entirely, in cyberspace.  Maybe not so many now.  But I think it's
> intellectually dishonest of us who understand the growing importance of
> cyberspace to claim there won't be any social contracts there that could be
> violated.  I accept the terms of the 4th ammendment: search and siezure
> allowed when due process followed.  "Key escrow" is an attempt to implement
> the cyberspatial analog of search.

This is total bullshit. In the physical world, the ideal set up would
clearly be one in which each individual negotiated with each other
individual what the contract between them would be. "I don't want to
die and you don't want to die, so lets both agree not to kill each other
and put some money towards a system of police that guarantees this.
I want property rights so I can enjoy the fruits of my labor..."

This scenario is, of course, absurd. It takes time to negotiate things like
this. Negotiations also require the possibility of no agreement, allowing
the parties to re-examine the strength of their respective positions before
going back to the table. The cost of conducting these negotiations in the
physical world is enourmous.

The cost of conducting these negotiations in the real world is negligible.
People who like their freedom can negotiate on their own. The stupid and
the insecure can purchase agents from other people that do the same thing.
LAWS CAN EASILY BE MADE OPTIONAL IN CYBERSPACE WHILE STILL MAINTAINING
THEIR EFFECTIVENESS. Enforcement of a law is a natural part of the agreement
to participate in it. There is absolutely no reason why one set of laws with
one set of enforcers needs to be adopted simply because the transactional
cost is negligible and the results of non-agreement can be determined
nearly instantaneously. I will be introducing the paleolithic analog of
an information society in the next few weeks. You had better believe that
by the time the information superhighway takes off, complex systems that
enforce complex rules will be available to those who want them.

> (3) The Feds must know they can't prevent modestly well funded, educated, and
> motivated folks from using unbreakable cryptography amongst themselves.  The
> argument for doing key escrow anyway is that by installing a breakable
> infrastructure, they'll make enough investigations cheaper and more effective
> to be worth it.  Note that's a comparison of their money and success rate
> against our privacy; no wonder they got it so wrong.

It absurd to think that the Feds can control anything in cyberspace without
some sort of physical world police state. Its just not feasible, entropy
is dominant.

JWS





Thread