<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Fri, Feb 19, 2016 at 12:33 PM, Jerry Leichter <span dir="ltr"><<a href="mailto:leichter@lrw.com" target="_blank">leichter@lrw.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">Already withdrawn - <a href="http://arstechnica.com/tech-policy/2016/02/senate-intel-chief-backs-off-on-bill-criminalizing-refusal-to-aid-decryption/" rel="noreferrer" target="_blank">http://arstechnica.com/tech-policy/2016/02/senate-intel-chief-backs-off-on-bill-criminalizing-refusal-to-aid-decryption/</a><br>
<br>
Of course, this is one minor skirmish - the battle is far from over</blockquote><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">....<span class=""><font color="#888888"><br>
</font></span><div class=""><div class="h5"><br>
> On Feb 19, 2016, at 12:13 PM, Ron Garret <<a href="mailto:ron@flownet.com">ron@flownet.com</a>> wrote:<br>
><br>
><br>
> <a href="http://arstechnica.com/tech-policy/2016/02/senator-drafting-bill-to-criminalize-apples-refusal-to-aid-decryption/" rel="noreferrer" target="_blank">http://arstechnica.com/tech-policy/2016/02/senator-drafting-bill-to-criminalize-apples-refusal-to-aid-decryption/</a><br>
><br>
></div><div class="h5"><br></div></div></blockquote><div><br></div><div>The only part of this that is crypto is key management. There no decryption</div><div>tool just an order to compel the development of a tool.<br><br>For the moderator to not shut this down....</div><div>How to put a encryption and decryption hat on this discussion.<br><br>The order does compel a company to do something they do not want to do and are</div><div>perceived to be uniquely able to provide. That takes us to door #2 and</div><div>open the tech behind it.<br><br>Now if this was a court order compelling one or more company with vast</div><div>computing resources to attack an encrypted data set.<br><br>To my knowledge no government has more computing power than</div><div>Google+Facebook+Apple+Microsoft to attack a block of data that </div><div>none of the parties generated?</div><div><br>Assuming the list of available data encryption methods enumerated</div><div>by NIST as standard encryptions how long can each endure the efforts</div><div>of such computing resources if so ordered.<br><br>Lets kick it up a notch. What if a court ordered MS to push a service</div><div>into all Windows 10 machines to be part of a distributed computing decryption </div><div>resource? Ordered to do so because they could given their unique position.</div><div><br>Now how long would the same list of standard algorithms fair when such a trick</div><div>was inserted into the package list and run on the MS install base. Machine count....<br>At one point it was to about 16.3 installs of Windows 10 a second worldwide.<br>That identifies a solid number for the rate to install a hack. As for machine totals<br>In Oct 2015 "Microsoft's Terry Myerson, executive vice president of the Windows and </div><div>Devices group, announced that Windows 10 has already been installed on more </div><div>than 110 million devices devices since its launch on July 29. The company's ultimate</div><div>goal is to get Windows 10 running on 1 billion devices with two to three years, a </div><div>number it hopes to hit as partners like HP, Lenovo and Asus bring their own devices to market."<br><br>So if a court can compel a company to build and do something that they are uniquely</div><div>able to do ... what is next. <br><br>For this list there is a technical question... if so ordered what algorithms</div><div>and key lengths might be secure when a billion machines are after it</div><div>in all their available idle time? <br><br>So not the political topic but a technical next move question.</div><div><br></div></div><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr"> T o m M i t c h e l l</div></div>
</div></div>