From: Greg Broiles <gbroiles@netbox.com>
Date: Mon, 18 Nov 1996 09:55:01 -0800 (PST)
To: cypherpunks@toad.com
Subject: Re: Cypherpunks State of Emergency
Message-ID: <3.0b28.32.19961118095944.007007dc@ricochet.net>
MIME-Version: 1.0
Content-Type: text/plain


At 06:51 PM 11/16/96 -0800, Tim May wrote:

>And sabotaging the GAK scheme in more devious ways remains an option.

I see several "leverage" points here:

The cards can use either a "dongle" model, similar to that used in ordinary
copy protection, which has to date been a big failure - or they can use an
"on-card processor" model, where the card does the actual crypto
processing. This will be tough to break using the traditional cracking
techniques, but will also be expensive.

And card distribution can be either weak or strict; if it's a weak model
(e.g., cards are sold at Fry's or 7-11 :) or are otherwise easy to come by)
it'll be tough to control their distribution and export. It's a little
easier to control the export of chips than to control the export of
software, but neither is easy. And strict distribution will cost an
enormous amount of time and money as some agency or another is deputized or
created to check credentials, keep records, issue keycards, charge fees,
and so forth.

If cards are easy to come by, requiring them won't be much of a deterrent
to the use of strong crypto; the people the government is supposedly trying
to keep from using crypto (terrorists, spies, etc) are already accustomed
to keeping and purchasing things which are forbidden. If cards are
difficult to come by, that's a big hole waiting for someone to fill with
software crypto, or software tricks to get around the hardware requirements. 

One bug/feature I suspect we'll see will be the inclusion of the keycard's
ID in every message that it signs, facilitating detection of unauthorized
use and traffic analysis. Without this, the scheme seems entirely futile.
(Which is not to say that the US Government hasn't done some futile things
:), but ..) Another likely feature is an expiration date, such that the
cards stop working after X months and the owner must go to the Bureau of
Crypto Control and show his/her credentials and exchange the old card for a
new one. Of course, if you've got outstanding warrants or haven't filed
your taxes or are in arrears for child support or are a "foreign person" or
have been saying illegal/controversial things with your crypto card, well,
perhaps you won't feel like going down to the BCC after all. 

So they're going to have to find a way to make the cards easy/cheap enough
to get that many people will adopt them; but they have to be
expensive/difficult enough to get that people won't want to "lose" them,
lest they fall into the hands of the wrong people. And that seems like a
difficult task, especially if opponents of the scheme continue to provide
cheap/free software-only solutions. And, as always, folks not subject to
the US export regulations won't need to fuss with all of this regulatory
bullshit, and can produce strong software-only crypto, or drop-in
replacements for the "policy chips" which are distributed without
government control. 

--
Greg Broiles                | US crypto export control policy in a nutshell:
gbroiles@netbox.com         | 
http://www.io.com/~gbroiles | Export jobs, not crypto.
                            |