From: Robert Hettinga <rah@shipwright.com>
To: cypherpunks <cypherpunks@cyberpass.net>
Message Hash: d303db165394dea94499a50aaf9b958796df3adf46073fef523c2928ea2a4433
Message ID: <v03110715b042cf58c0a2@[139.167.130.248]>
Reply To: <01INNGT441W0AKTJ63@DGN0IG.mcimail.com>
UTC Datetime: 1997-09-15 13:19:05 UTC
Raw Date: Mon, 15 Sep 1997 21:19:05 +0800
From: Robert Hettinga <rah@shipwright.com>
Date: Mon, 15 Sep 1997 21:19:05 +0800
To: cypherpunks <cypherpunks@cyberpass.net>
Subject: GAK will probably be economically impossible
In-Reply-To: <01INNGT441W0AKTJ63@DGN0IG.mcimail.com>
Message-ID: <v03110715b042cf58c0a2@[139.167.130.248]>
MIME-Version: 1.0
Content-Type: text/plain
At 2:53 am -0400 on 9/15/97, Bill Stewart wrote:
> Building an infrastructure for a system
> that has keys generated by users, by the millions, is much harder than
> building one for a small centralized system.
Which is why I now believe that GAK, of any form, is doomed. It's
economically impossible.
For instance, it will be much cheaper to double encrypt to a corporate key
ala PGP than to escrow, and so the government may require access to those
keys instead. However, even then the cost of key management -- especially
for communications -- will choke any attempt to manage duplicate-encryption
keys as well. Probably for all but a few kinds of files, like those kept by
the people at the tops large hierarchical organizations. The government,
say? :-).
Those few files the government will be able to decrypt will provide a basis
for claims of their plan's efficacy, of course, just like noise-level
"examples" of welfare helping someone as "proof" of economic efficacy for
the welfare state allowed its perpetuation for so many years. But you
cannot ignore reality forever, as Britain discovered with welfare almost 15
years ago, and we're only now figuring out for ourselves in the US. Even
totalitarianism cannot ignore economic reality, as Russia and China have
shown us.
Not that capitalism equals freedom, of course, but there can be a sizeable
correlation, particularly when your average business is a small one. :-).
However, I think that in the case of GAK, this act of totalitarianism is
economically impossible. If GAK's implemented, people may get hurt before
it finally goes away, but it eventually won't be useful for much from a
national security prospective, and its maintenance costs will eventually
choke it.
Actually, it's probably not possible to make even the prototypes physically
practicable, much less economically so, even if Washington does pass a law
mandating their existence. It would be like passing the 1963 law which
formed Comsat, in, say, 1933. Particularly if the use of strong
cryptography continues it's exponential increase.
That's because the primary economic benefit for deploying the strongest
possible cryptography still remains. You can't do business over the
internet without it.
(It has been this central fact which keeps me interested in cryptography
and the cypherpunks list in particular, and my conversion over time to a
cryptoanarchic world-view has been based on this fact. Oddly enough, I find
most of the philosophic and political arguments on cypherpunks to have a
largely economic component to them at root, which makes sense, because
market reality is just as tangible as physics. Physical reality dictates
politics and philosophy, and not the other way around.)
Anyway, you can, however, do business over the net without GAK, and since,
I claim, the eventual lowest-cost transaction on the internet will be some
form of anonymous digital bearer certificate, it will never be the case
that GAK is economically necessary, even under the ruse of enforcing
non-repudiation.
In fact, even if all transactions remain book-entry ones, the exploding
total transaction volume and competition to make those transactions
efficient will make GAK economically impossible, because it provides no
tangible benefit to those who use cryptography for business. There's no
economic return on the additional cost.
The cost of anything is the foregone alternative, and the cost of GAK
causes you to forego a lot of money and potential revenue and doesn't buy
you anything in return.
Cheers,
Bob Hettinga
-----------------
Robert Hettinga (rah@shipwright.com), Philodox
e$, 44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
The e$ Home Page: http://www.shipwright.com/
Return to September 1997
Return to “Tim May <tcmay@got.net>”