From: “Bert-Jaap Koops” <E.J.Koops@kub.nl>
To: cypherpunks@toad.com
Message Hash: d31d115f40f5bbc30b48500afc4a3e839da18f236cddf3cb2f714cee57857d9c
Message ID: <7E159360C2E@frw3.kub.nl>
Reply To: N/A
UTC Datetime: 1996-10-16 15:28:10 UTC
Raw Date: Wed, 16 Oct 1996 08:28:10 -0700 (PDT)
From: "Bert-Jaap Koops" <E.J.Koops@kub.nl>
Date: Wed, 16 Oct 1996 08:28:10 -0700 (PDT)
To: cypherpunks@toad.com
Subject: Comments on binding cryptography (1)
Message-ID: <7E159360C2E@frw3.kub.nl>
MIME-Version: 1.0
Content-Type: text/plain
Apologies for not reacting earlier; I have been away for six days.
I found many reactions to the posting on binding cryptograhpy
in my mail box, which I have read with interest.
Here are my comments, excuse me if they are lengthy.
First and foremost, I want to stress that the proposal primarily
addresses the issue of providing information security. It does not
want to solve the problem of criminals using encryption.
I hope the following analogy may clear this (but please don't stretch
the analogy too far).
The government wants to offer citizens good transport, so they make
public roads. Because some citizens endanger others through drunk
driving, the government makes the rule that if you want to drive a
car, you must be sober. If you want to drive on the public road, fine, don't
drink. If you want to drink, fine, take a bike or cab or use public
transport.
Now, the binding cryptography proposal wants to provide law-abiding
citizens with good crypto. (I'm currently not using any, because I
don't have an easy to use and reliable system.) A government may
establish an infrastructure for good crypto (like the public roads),
with the requirement that you keep to the "binding" rule (like "don't
drive drunk"). If you don't want to use the binding cryptography,
fine, use another system (take a bike or cab). The system will not
prevent criminals from using cryptography - it isn't meant to.
Yes, criminals can use superencryption or other (mutually agreed upon)
ways to use the system and yet be out of law-enforcement's reach,
but they might as well use PGP in the first place. I do not want to see PGP
outlawed, and I do not want to have PGP use be regarded as
suspicious (just as I don't think it is suspicious if you take a cab
late at night). Setting up a good information security structure can
very well be compatible with having other means of information
security.
You ask why should the government offer good crypto, when it's
already available? I think that cypherpunks are not average - they
know about crypto and they can use it. The majority of the citizens,
however, do not use crypto, because they don't understand it and
because there's no easy-to-use and reliable standard. If the
government were to offer this, it would make a difference to many
people.
Then, you say, it affects my privacy. As far as I see it, it does
not. The binding cryptography system allows regular monitoring for
compliance (like road police checking whether people are sober). It
does not involve reading of messages. The only time messages are read
is when law-enforcement agencies (LEAs) have a warrant and ask a TRP
to hand over a session key. This is not fundamentally different from the
present situation, where LEAs can wiretap with a warrant. Privacy
will be protected more or less to the same extent as presently.
If you don't agree with governments having the possibility of
intercepting communications anyway, OK, that's your opinion. I have
another opinion, and we needn't discuss further - this is not the
issue.
Then, if you say you don't trust your government, OK, I can see a
point. Generally, I notice a difference between US and Europe in our
views on the role of governments. That is legitimate, and something
for each to discuss domestically.
(Yes, Alex, IRT-gate is a good point, but at least it has led to a critical
investigation by parliament and a more critical attitude with our
judges in judging investigation methods.)
(And Allen, if binding cryptography helps totalitarian governments in
arbitrarily monitoring all communications, I oppose this. China uses
video cameras in Lhasa to monitor potential demonstrations of Tibetans.
I oppose this, and I blame the Chinese government for it, not the
inventor of video cameras.)
I feel at least that allowing TRPs to decrypt single communications
if the LEA has a court warrant is better protection than escrowing my
private key with the government. Also, choosing your own TRP allows
you better protection than having to use a government-chosen one. On
the other hand, I think there should be some regulation on TRPs, if
only to address liability issues. I think a government certification
of TRPs would not be a bad thing, if this is done in an open,
flexible and preferably independent way - for instance a
semi-govenmental "TRP approving authority" (the same way we have data
protection authorities who monitor compliance with data protection
legislation). Again, we may have different opinions on this given the
difference between US and Europe.
Someone pointed out that a TRP could be corrupted and collaborate
with the law-enforcement agencies. Then, all sessions would be read
by the LEA. Indeed, this is a threat to be taken into account. At
least the binding alternative is better protection against
collaborating TRPs than key-escrow, as at least it leaves
communications from before the corruption unharmed. Moreover, the
system allow easy change of TRP, so the moment you notice something
weird about this TRP, you choose another one. It's really a matter of
trust.
Finally, I get the impression that some cypherpunks feel the
law-enforcement problem to be a problem of "them" as opposed to us. I
- and this is my personal opinion - feel it is "my" problem as well.
I live in a society with which I am generally satisfied, not the
least because we have a rule of law. Tracing criminals is my concern
as well. I am not happy that, in some ways, I have to give up some
freedom, but I think it is worth while. I would not mind using a
government-offered crypto system that uses binding cryptography. All
I want is that it is a good system and I want to be sure I trust my TRP.
I would prefer it if no such system were needed, but if it helps in
protecting me from criminals, I can live with it.
Bert-Jaap
---------------------------------------------------------------------
Bert-Jaap Koops tel +31 13 466 8101
Center for Law, Administration and facs +31 13 466 8149
Informatization, Tilburg University e-mail E.J.Koops@kub.nl
--------------------------------------------------
Postbus 90153 | This world's just mad enough to have been made |
5000 LE Tilburg | by the Being his beings into being prayed. |
The Netherlands | (Howard Nemerov) |
---------------------------------------------------------------------
http://cwis.kub.nl/~frw/people/koops/bertjaap.htm
---------------------------------------------------------------------
Return to October 1996
Return to “Dale Thorn <dthorn@gte.net>”