From: Decius <decius@montag33.residence.gatech.edu>
To: cypherpunks@toad.com
Message Hash: f5caf14e918bae1408a86b1dab775e049b322c2b1053bce364988682f7c62b4b
Message ID: <199602060254.VAA26091@montag33.residence.gatech.edu>
Reply To: N/A
UTC Datetime: 1996-02-06 22:06:36 UTC
Raw Date: Wed, 7 Feb 1996 06:06:36 +0800
From: Decius <decius@montag33.residence.gatech.edu>
Date: Wed, 7 Feb 1996 06:06:36 +0800
To: cypherpunks@toad.com
Subject: Why am I wrong?
Message-ID: <199602060254.VAA26091@montag33.residence.gatech.edu>
MIME-Version: 1.0
Content-Type: text
I am posting this pondering to cypherpunks in hopes that it will be refuted.
Although these ideas are obviously in opposition to those held by
Denning and the law enforcement community, they are also in opposition to
those held by the Cypherpunks. This idea is bothering me because I cannot
refute it, although it goes in opposition to many people whom I respect
greatly. Please tell me why I am wrong about this. (Sorry for the US-centric
perspective, but I think the arguments here apply regardless of what your
system of government may be.)
Crypto-Absolutism
decius@ninja.techwood.org
One of the largest problems in the debate over public access to
cryptography is the fact that both sides of the issue hold absolute beliefs.
They are unwilling to compromise, and often seem unwilling
to decide on a solution which is anything but a total win for their side.
Many of those who are opposed to cryptography have proposed
what they claim is a compromise, when in reality these suggestions often
change the issues instead of addressing them. However, in all conflicts
there is a middle ground. The answer to the whole crypto debate may be
in finding it. Nothing ever works in absolutes.
On one side of the debate we find the law enforcement community.
This group is totally opposed to the concept of public access to
cryptography. Although they claim this to be false, the reality is that
these people think its ok for anyone to keep a secret, as long as no one
is keeping secrets from them. This belief is founded upon the principle
that the law is absolute. They believe that the law is always right and
always good. As Jim Kallstrom, assistant FBI director, put it, "unless
you're a criminal, you have nothing to fear from the government."
However, history has proven this philosophy to be totally flawed, time
after time after time. The law is often very wrong, and even our lofty
constitutional values do not prevent bad laws. When the law is wrong, the
law's enforcer is the criminal. That is the definition of natural law,
the philosophy upon which our system of government is based. People MUST
have the right to dissent. People must have the right to oppose bad
laws, and in many cases people must have the capability to violate bad
laws with impunity. It is necessary for the survival and health of our
society. If people's right to dissent is taken away and bad laws are
passed, we move immediately into war. Peace is the definition of a
healthy society. Furthermore, it cannot be assumed that if people can
commit crimes with impunity that they will. If murder became
legal, I do not think you would see much of an increase in the murder
rate. As Socrates would say, if people know the what is good and what
is bad, they will always choose the good, because the good is what is
most desirable. That is why law enforcement is very restricted in
the Constitution. The "compromise" the law enforcement community has
suggested, key-escrow, is not a compromise at all, because it makes it
impossible for people to keep secrets from the government. It removes
the people's right to dissent, presumably the very right cryptography
allows us to protect. The law enforcement community is wrong.
On the other hand, we have the crypto-anarchists. They believe
that the existence of anonymous transactions will naturally lend itself
to a situation where everyone is anonymous, no transaction can be
tracked, no communications can be monitored, and basically, no
government can possibly control the transactions and interactions of its
citizens. They support the broad use of military grade cryptography and
anominity. Let no message be crackable or traceable. This, also, is an
absolute belief and it is also flawed. We have governments for a
reason, we came together and founded societies for protection, and if
we tore apart our current social structure and created an anarchy,
people would immediately form small societies for their own fiscal
protection. Creating an anarchy is a massive step backward in social
development, not a step forward. Furthermore, PEOPLE WANT TO BE
ACCOUNTABLE FOR THEIR ACTIONS. No totally anonymous society will
ever exist in the real world. In fact, many BBSs have tossed out
anominity, although it works quite well in some communities. The
right to anominity is very important. As I said before, it is
important to allow people to express their ideas without fear of
persecution for their beliefs. However, people want to be accountable
for many of the things they do. People want recognition, and you cannot
receive recognition for the actions of your anonymous identity. If
people really wanted to be totally anonymous all the time, we would all
be running around the shopping mall with ski masks and fistfuls of small
unmarked bills. Not only is the idea of crypto-anarchy wrong, but it
provides those who oppose cryptography an easy concept to attack. As
Denning said, "Although May limply asserts that anarchy does not mean
lawlessness and social disorder, the absence of government would lead to
exactly these states of chaos. I do not want to live in an anarchistic
society -- if such could be called a society at all -- and I doubt many
would." The crypto-anarchists are also wrong.
So who is right?? The concept I propose here is bound to be
controversial, but I propose it because it must be considered. Lotus is
right. Currently the internet is ripe for abuse by totalitarian
governments everywhere. How wonderful the net must be to an insane
dictator. One carefully placed packet sniffer and he can automatically
monitor the conversations of thousands of people, censoring posts he
doesn't like, and identifying email addresses of thought criminals.
Although PGP, ssh, and similar tools provide a solution for some,
traffic analysis makes those who speak privately stand out like a sore
thumb that needs further investigation. Eric Huges said at Summercon that
if cryptography is going to work, it needs to be just like Dolby noise
reduction. Its there, its always on, people don't need to know what it
does, but it makes things better. (No one stands out like a sore thumb.)
Although doing this with military grade encryption would be the
cryto-anarchist's dream, what if we did it with partially escrowed keys?
The system would have to be designed such that the non-escrowed part
could be increased with advances in technology. However, a system like
this would stop the wide spread mass monitoring described above.
Furthermore, it would allow the government to tap a conversation if it
was willing to put forth the resources (which will add some visibility
to an illegal tap). The system would also require one additional
aspect. It must be impossible to automatically identify messages that
have partially escrowed keys and messages that are not escrowed.
Thus, the right of dissent is preserved. Although most software would
only support escrowed keys.
Through such a system the net will become a great deal more
secure from tapping and monitoring. Tapping is possible with a lot of
work, however it is not assured. Government remains the arm of
society, yet it can be subverted and destroyed if necessary. Such a
system brings us to the central question here. Does the government have
the right to tap conversations, or do the people have a right to keep
secrets from the government? I think the answer is both. In the end,
it's very difficult to actually hurt someone with an email message. But,
nothing ever works in absolutes.
--
*/^\* Tom Cross AKA Decius 615 AKA The White Ninja */^\*
Decius@montag33.residence.gatech.edu
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2
mQCNAzA6oXIAAAEEAJ6ZWl7AwF9rDZhREQ2b9aPxJKL7dxQNx6QQ0pB5o9olvNtG
tIjA47KxWmZAx47m2JEWRgAIaiDHx00dEza5GX4FuFHL7wSXW7qOtqj7CmVLEg4e
0F/Mx0z7Q/aNsn34JrZUWbMLKkAOOB9sJARRynPRVNokAS30ampImlrLbQDFAAUT
tCZEZWNpdXMgNmk1IDxkZWNpdXNAbmluamEudGVjaHdvb2Qub3JnPg==
=0qgN
-----END PGP PUBLIC KEY BLOCK-----
Return to February 1996
Return to “Decius <decius@montag33.residence.gatech.edu>”
1996-02-06 (Wed, 7 Feb 1996 06:06:36 +0800) - Why am I wrong? - Decius <decius@montag33.residence.gatech.edu>