1997-07-27 - Re: Government Access to Safes

Header Data

From: Bill Stewart <stewarts@ix.netcom.com>
To: Martin Minow <minow@apple.com>
Message Hash: 1aed6fd48f15b94d3251a50b804b7625e2f3c3bbf5dab98e488bdba54d7a4d9a
Message ID: <3.0.2.32.19970726175212.03063ec0@popd.ix.netcom.com>
Reply To: <v03010d04affec4688a73@[17.202.40.158]>
UTC Datetime: 1997-07-27 02:09:00 UTC
Raw Date: Sun, 27 Jul 1997 10:09:00 +0800

Raw message

From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 27 Jul 1997 10:09:00 +0800
To: Martin Minow <minow@apple.com>
Subject: Re: Government Access to Safes
In-Reply-To: <v03010d04affec4688a73@[17.202.40.158]>
Message-ID: <3.0.2.32.19970726175212.03063ec0@popd.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



At 02:05 PM 7/25/97 -0700, Martin Minow wrote:
>This safe uses a keypad lock (rather than a mechanical combination 
>or physical key).
>Is this more secure than a regular safe lock? Does the government
>have an access key that would premit a law enforcement officer
>(with appropriate authority) to open any such lock? Should I
>be required to deposit the secret key to my safe with a
>government-mandated "escrow" agent?

Most safes belong to businesses that are required to
produce business records in response to warrants or maybe subpoenas;
the government doesn't need to crack the safe when it can
order the business owner to comply.  Of course, this informs the
business owner that the safe was opened, and the government
is trying to get Key Access in ways that don't inform the target.
This is an artifact of wiretapping history, and radically at
variance with the Fourth Amendment.  It would be much easier,
from a Constitutional perspective, for Congress to pass a law
that requires you to decrypt messages in response to a court order 
(or to turn over your keys, though that's not "narrowly tailored"),
though it makes the Fifth Amendment issues much plainer,
and doesn't make the Secret Police sufficiently happy.

Also, safes are seldom strong enough to resist cracking even if they have to
(e.g. the target is dead or can't be found or skipped the country),
while anybody can get totally uncrackable crypto systems.
Government-rated combination locks, used on safes and strongrooms
designed to store TOP SECRET information in non-battlefield environments,
are generally rated for about two hours of drilling by a
competent locksmith, and my experience is that the ratings 
realistically reflect the actual difficulty of cracking the lock;
I haven't tested cutting through the safe itself, but I think
they were rated for something like six hours.
The purpose of the safe is to deter crackers long enough for
other security methods such as alarms and guards to detect
and stop the attempted breakin, as well as to deter insiders.
Safes designed for SECRET and TOP SECRET use also have weight
requirements, so that crackers can't just carry them away
and crack them at leisure.  Battlefield environments probably 
use more guards rather than stronger safes or fancier alarms.

Banks may use vaults that are tougher than that;
the classic bank burglary novel/movie involves defeating the
alarm system and working around the guards to either
dynamite the lock or break through the back wall over the weekend
(taking advantage of the time lock that prevents the
bank employees from getting in until Monday and noticing the hit.)




#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com
# You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp
#   (If this is a mailing list or news, please Cc: me on replies.  Thanks.)






Thread