1995-08-23 - CypherRant: Reasons why private cryptography should not be regulated.

Header Data

From: paul.elliott@hrnowl.lonestar.org (Paul Elliott)
To: N/A
Message Hash: e5f2613644246d9745cc3f9ac4a3edbc82d7796ecaf0b730b964fa4bee52bd36
Message ID: <303ac1bd.flight@flight.hrnowl.lonestar.org>
Reply To: N/A
UTC Datetime: 1995-08-23 07:22:05 UTC
Raw Date: Wed, 23 Aug 95 00:22:05 PDT

Raw message

From: paul.elliott@hrnowl.lonestar.org (Paul Elliott)
Date: Wed, 23 Aug 95 00:22:05 PDT
Subject: CypherRant: Reasons why private cryptography should not be regulated.
Message-ID: <303ac1bd.flight@flight.hrnowl.lonestar.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

CypherRant: Reasons why private cryptography should not be regulated.

Paul Elliott is solely responsible for this document.
Please distribute widely.


FBI director Freeh has been going around pushing his stupid plans
for cryptography regulation. Usually, these plans take the form of
some kind of mandatory key escrow. Mandatory key escrow schemes
are requirements that encryption keys be given to government agencies
with the promise that the keys will not be used without a warrant.

Now let me give some reasons why Freeh's requests should be ignored.

1) It is unconstitutional!
	a) First amendment. Electronic communications are a form
                of speech and the cryptography regulations try to regulate
                this speech to a form the government understands.
                Congress shall make  NO LAW ....or abridging the
		freedom of speech or of the press; ... 
		They really meant it!
	b) Second amendment. Cryptography is arms. Even U.S.
                government ITAR regulations admit this. Therefore
                cryptography is protected by Second amendment.
	c) Ninth & tenth amendments. Article I section 8 does not
                give congress the power to tell us what computer
                software we can run on our computers. Therefore
                that power remains with us, and we should be able
                to run whatever cryptography software we want the 
                displeasure of congress not withstanding.

	d) The power to search, if a warrant exists, which is mentioned by
		the fourth amendment, does not grant the government the 
		right to succeed in finding what the it is looking for. 
		In other words the power to search, is not a power to 
		guarantee a successful search. It is not a power to 
		require citizens to run their lives in such a manner 
		that any government search will be successful. For 
		more information on this, see the following World Wide 
		Web url: http://www.clark.net/pub/cme/html/avss.html

Since all Senators and Congressmen take an oath to preserve and defend
the constitution of the U.S., this should be the end of the argument.
However, watching some of the stupid laws that have come out of congress
in past years, tells me I should supplement the above with additional
argument.

I am not a lawyer and I am not trying to be one. I have no opinion as to
whether private cryptography regulations will be found unconstitutional.
There are a number of cases where out courts have made decisions which
do great violence to the plain meaning of the text of our constitution.
Knowing what the courts will actually do is the business of lawyers.
Understanding the constitution so that one may know what the courts 
should do should be the business of every citizen.

2) The excellent NRA argument "when guns are outlawed only outlaws
will have guns" applies with equal force to cryptography! Professional
criminals will circumvent with ease any government regulations on
cryptography. Billions of bytes travel the internet yearly. The techniques
of steganography make it absolutely trivial for any motivated person to 
conceal any encrypted messages. The Big Brother cryptography regulations
will affect only ordinary citizens.

3) Cryptography is already in use by legitimate business. Any government
regulation of cryptography will probably cost huge amounts of money for
software and hardware costs for existing systems to be changed to a form
that the government approves. The existing ITAR regulations probably
cost the U.S. economy large amounts of money because U.S. companies can
not market cryptography software internationally. By discouraging
private cryptography, the ITAR regulations probably enables a large
amount of computer crime since it makes it difficult for people to
protect themselves. The ITAR regulations have not and can not prevented
strong cryptography from making it outside  the U.S. How many tons of
cocaine illegally enter the U.S. every year? Yet the government ITAR
regulations propose to regulate the export of software that can fit in a
shirt pocket, or travel by wire concealed with  billions of bytes of
data that leave the U.S. every year. It is time for the U.S. government
to start living in the real world!

According to an article in the August 17, 1995 Wall Street Journal, ITAR
regulations have required Netscape to use inferior encryption methods in
the international version of its World Wide WeB browser software. This
inferior encryption method has actually been broken by a French Hacker!
Because of its computational intensity, this weakness in the encryption
method does not represent an immediate danger. However as more powerful
computers continue to develop, this and similar vulnerabilities will
present a danger for those who wish to use the internet for commerce.

4) These regulations make it impossible for an individual to have
greater privacy than the U.S. government. The Adlrich Ames case makes it
clear that the U.S. is incompetent to keep a secret. 

5) The proposed regulations require the American people trust the
government, but on the contrary, the government should be required to
trust the American people. Recent news stories (Waco ect.) make  it
clear that it is common for government agents to lie to get a search 
warrants. Government should be viewed as George Washington did as  "a
fearful servant and a dangerous master".

A recent poll conducted by the Americans Talk Issue Foundation said 76%
of the people questioned responded that they rarely or never trust
"government to do what is right". This mistrust is well founded.  At the
same time as administration sources were saying that key escrow schemes
would remain voluntary, FBI, NSA, and DOJ experts were saying that the
schemes must be made mandatory if they were to be at all effective. If
the government is willing to lie to establish a key escrow key system,
what makes us believe that the government will not lie when applying for
warrants to use that system?


6) It is too humiliating to require a free people to participate in the
establishment of their own surveillance prisons. This is  what key
escrow requires. Consider the words of our revolutionary heritage:

	Those who would sacrifice essential freedoms for temporary safety
	deserve neither. Benjamin Franklin

	If ye love wealth greater than liberty, the tranquility of servitude
	greater than the animating contest for freedom, go home from us in
	peace.  We seek not your counsel, nor your arms.  Crouch down and 
	lick the hand that feeds you; and may posterity forget that ye 
	were our countrymen. Samuel Adams
 
Do you think that these men would approve the government's key escrow
requests?

This information can also be found at the following url:
http://www.efh.org/pgp/rant.html
- --
Paul Elliott                                  Telephone: 1-713-781-4543
Paul.Elliott@hrnowl.lonestar.org              Address:   3987 South Gessner #224
                                              Houston Texas 77063

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAgUBMDpEYfBUQYbUhJh5AQHMtgP9HbCfKge22z/4jFi2MKLXqWkYB4vkIFsJ
43J7zdoDIRbfOeoMBNCFOGeIHGQ5TGL1+VFVhRMrzTZEPs/dciqc81O0YlnhiiIR
L7Lz06Jlzg2xLtaeaTQjrGewKTT9LeWXpqFSWtpe0xxAqaZ/11ompTAHm0A6NxhU
r4QXaBaEzfg=
=Axac
-----END PGP SIGNATURE-----







Thread