1995-12-06 - Re: Solution for US/Foreign Software?

Header Data

From: tcmay@got.net (Timothy C. May)
To: jimbell@pacifier.com (jim bell)
Message Hash: a7194d96e4f1c813d73fd1a4e0b412d288ce307a37dc00c20ffb0c293e81b91a
Message ID: <aceb2a8d1b021004e6f8@[205.199.118.202]>
Reply To: N/A
UTC Datetime: 1995-12-06 19:08:46 UTC
Raw Date: Wed, 6 Dec 95 11:08:46 PST

Raw message

From: tcmay@got.net (Timothy C. May)
Date: Wed, 6 Dec 95 11:08:46 PST
To: jimbell@pacifier.com (jim bell)
Subject: Re: Solution for US/Foreign Software?
Message-ID: <aceb2a8d1b021004e6f8@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 6:21 PM 12/6/95, jim bell wrote:

>NO!  You didn't read my commentary carefully enough.   These "hooks" (your
>words) will, in effect, already be connected to encryption software weak
>enough to make NSA happy.  You know, 40 bit keys or something like that.
>But instead of being in one large file, embedded into a program, it'll be
>TWO files.  Simple programming change.  Everything that
>implements/defines/limits the encryption to 40 bits will be in the smaller
>file.
>This really isn't a "hook," it's an internal connection between two
>portions of the same program. (actually, it wouldn't need to be in two
>separate files; a file which implements a patch for the first file would
>work great.)
>
>It'll be exportable, because its key size is "acceptable."  At the time
>the export license is requested, the replacement module to increase key
>size probably won't even  exist, in order to avoid giving the USG an
>excuse to deny the export license.   After the license is obtained, the
>replacement module is written and shipped to domestic users.
>
>I fully realize the USG won't "like" this kind of thing.  But if they are
>trying to take the position that certain kinds of encryption software CAN
>be exported, and some can't, they're going to have to approve SOME
>programs for export, using criteria which at least pretend to be
>objective.

Yes, I read your proposal. The "hooks" term is not my coinage, but refers
to this general idea. I urge you to read what others, including companies,
have had to say on this matter. Much of the debate on "interoperability"
revolves around details of entry points to crypto modules and such hooks.

No point in arguing with Jim on this anymore, so I won't.

Good luck, Jim, in introducing such a product.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







Thread