From: Information Security <guy@panix.com>
Date: Thu, 15 Oct 1998 00:38:28 +0800
To: cypherpunks@cyberpass.net
Subject: Re: Aaron Debunks Crypto Myths
Message-ID: <199810141614.MAA00413@panix7.panix.com>
MIME-Version: 1.0
Content-Type: text/plain



   >   From: John Young <jya@pipeline.com>
   >
   >   Crypto emissary David Aaron gave a speech today in
   >   Germany boosting US encryption policy for privacy and
   >   commerce. Says it's an insult to claim US intelligence 
   >   agencies want backdoor access and other untrue myths:
   >
   >      http://jya.com/aaron101398.htm

A prime example of DoubleThink, since Key Recovery == backdoor access.

#   http://jya.com/aaron101398.htm
#
#   Clearly, a balance must be struck between the needs of businesses and
#   consumers and the protection of society as a whole. What is the
#   answer? We believe the answer lies in cryptographic systems that
#   provide trustworthy security services along with lawful access. By
#   lawful access, I refer to a range of technologies designed to permit
#   the plain text recovery of encrypted data and communications under a
                   ^^^^^^^^
#   court order or other lawful means that safeguards civil liberties.

In other words, they believe in cryptographic systems with backdoor access.

The NSA testified to Congress concerning lawful access:

: The Puzzle Palace 
:     Inside the National Security Agency,
:     America's most secret intelligence organization
: Author James Bamford, 1983 revision, ISBN 0-14-00.6748-5
:
: P381-382: NSA Director General Allen testified to Congress that there is no
: statute that prevents the NSA from interception of domestic communications.
: Asked whether he was concerned about the legality of expanding greatly its
: targeting of American citizens, the NSA replied: "Legality? That particular
: aspect didn't enter into the discussions."

The government's idea of "lawful access" is "anywhere, anytime".


#   http://jya.com/aaron101398.htm
#
#   We are not wedded to any single technology approach. Key management
#   infrastructures, key recovery and other recoverable products that
#   provide lawful access are some of the ways to achieve a reasonable
#   balance. We believe that seeking industry-led, market-based solutions
#   is the best approach to helping law enforcement.

Oh dey do do dey?

: From owner-firewalls-outgoing@GreatCircle.COM Wed May 14 18:54:15 1997
: Received: from osiris (osiris.nso.org [207.30.58.40]) by ra.nso.org
:           (post.office MTA v1.9.3 ID# 0-13592) with SMTP id AAA322
:           for <firewalls@GreatCircle.COM>; Wed, 14 May 1997 12:56:13 -0400
: Date: Wed, 14 May 1997 12:58:46 -0400
: To: firewalls@GreatCircle.COM
: From: research@isr.net (Research Unit I)
: Subject: Re: Encryption Outside US
:     
: I was part of that OECD Expert Group, and believe I may shine at least
: some light on what exactly was said and happened at the meetings.
:
: The main conflict during all sessions was the demand of the US to be
: able to decrypt anything, anywhere at any time versus the European
: focus: we want to have the choice - with an open end - to maintain
: own surveillance.  The US demand would have caused an immediate
: ability to tap into what the European intelligence community believes to
: be its sole and exclusive territory. In fact the Europeans were not at all
: pleased with the US view points of controlling ALL crypto. Germany and
: France vigorously refused to work with the US on this issue.
:
: ... the Australian and UK views that felt some obligation
: from the 1947 UKUSA treaty (dealing with interchange of intelligence). 
:
: Bertil Fortrie
: Internet Security Review


The US Government insists on the capability

   "to decrypt anything, anywhere at any time"

he said.

Gosh, that doesn't sound like they believe "market-based solutions"
are the best approach, does it?

*   http://epic.org/crypto/ban/fbi_dox/impact_text.gif
* 
*   SECRET FBI report
*
*                   NEED FOR A NATIONAL POLICY
* 
*   A national policy embodied in legislation is needed which insures
*   that cryptography use in the United States should be forced to be
*   crackable by law enforcement, so such communications can be monitored
*   with real-time decryption. 
* 
*   All cryptography that cannot meet this standard should be prohibited.

No it don't, do it?


: *   "Above the Law"
: *   ISBN 0-684-80699-1, 1996
: *   by David Burnham
: *
: *   The suspicion that the government might one day try to outlaw any
: *   encryption device which did not provide easy government access was
: *   reinforced by comments made by FBI Director Freeh at a 1994 Washington
: *   conference on cryptography. "The objective for us is to get those
: *   conversations...wherever they are, whatever they are", he said in
: *   response to a question.
: *
: *   Freeh indicated that if five years from now the FBI had solved the
: *   access problem but was only hearing encrypted messages, further
: *   legislation might be required.

Anywhere, anytime.
---guy

   "Easy access".