From: Bill Frantz <frantz@netcom.com>
To: cypherpunks@cyberpass.net
Message Hash: 5d9759887a793feda0642a3cd02a0f896c0c1f05c734ecb09c7008b3794ab33a
Message ID: <v0300781aaffc79480662@[207.94.249.108]>
Reply To: <Chameleon.869671376.amp@ampugh.mcit.com>
UTC Datetime: 1997-07-24 05:30:50 UTC
Raw Date: Thu, 24 Jul 1997 13:30:50 +0800
From: Bill Frantz <frantz@netcom.com>
Date: Thu, 24 Jul 1997 13:30:50 +0800
To: cypherpunks@cyberpass.net
Subject: Re: Fw: Cops, Spies Fail to Slow Crypto Bill
In-Reply-To: <Chameleon.869671376.amp@ampugh.mcit.com>
Message-ID: <v0300781aaffc79480662@[207.94.249.108]>
MIME-Version: 1.0
Content-Type: text/plain
At 10:00 AM -0700 7/23/97, Tim May wrote:
>And when people repeatedly point out that common criminals, terrorists, and
>the like are unlikely in the extreme to escrow their keys with the
>government...the government shills and officials are silent.
I can't resist. "When crypto is outlawed, only outlaws will have crypto."
However, in the case of crypto, essentially all terrorists, child
pornographers, big-time drug dealers, and big-time money launderers will
have and use it.
To try to redeem myself for yielding to temptation let me offer the
following scenario:
It is sometime in the year 2002. The GAK crowd has achieved its wildest
wet dream, and all development of non-GAKed crypto stopped in 1998. All
the standard computer software uses GAKed crypto.
Let us further assume that US Airframes Inc. (USAI) is in heavy competition
with French Wings Inc. to build the next generation of passenger airplanes.
The competition is so heavy that the respective governments are doing all
they can to provide under-the-table help to their national champions. This
certainly includes playing the GAK card and decrypting every communication
they can get their hands on.
Now assume you are the security manager of USAI. Your job is to ensure the
confidentiality of communications between your branch offices and
headquarters in the US. You get (perhaps from someone who enjoys child
pornography) a copy of PGP which was saved on some forgotten CDROM backup
dating from 1997. You share your copy with headquarters and the branch
offices, generate key pairs, and validate their MD5 hashes through some
offline protocol. Now all really sensitive traffic is encrypted with PGP
and then sent through the standard GAK crypto.
Now consider the problem of the French Government. The only way they can
know you are using illegal crypto is to decrypt the GAKed outer layer. If
they arrest you for using illegal crypto, they have blown their covert
monitoring. The US government will make a big international incident about
this misuse of GAK and impose a special tariff on French wine. If the
French keep quiet, you can continue to use PGP.
This is the classic dilemma of covert decryption. Kahn describes is well
in "The Code Breakers". It also applies to the four horsemen. If the
government arrests someone for illegal crypto, the whole organization knows
that part of the operation has attracted government attention, and can
change their communications and/or have those people take a vacation to
cool off.
-------------------------------------------------------------------------
Bill Frantz | The Internet was designed | Periwinkle -- Consulting
(408)356-8506 | to protect the free world | 16345 Englewood Ave.
frantz@netcom.com | from hostile governments. | Los Gatos, CA 95032, USA
Return to July 1997
Return to “Tim May <tcmay@got.net>”