crypto backdoors = terrorisms free reign

Jim McCoy mccoy at io.com
Fri Sep 14 23:34:09 EDT 2001


nathan at fains.com at nathan at fains.com wrote:
[...]
> If you weaken technology for secure communication and transmission in any
> manner you must realize that at the same time you will...

After seeing several people preach to the choir here (while at the same time
trying to wash their hands of any culpability for their own small role in
enabling terrorists) it strikes me that most here just have not come to
terms with the fact that the rules have changed.  It does not help that
everyone is bringing out the weak arguments

> 1) Weaken the ability of the free world to combat things such as terrorism due
> to the miss-assumption that criminals and terrorists will actually obey the
> law thereby causing lack of preparedness.  You only restrict the rights of the
> law-abiding citizen, not the lawless.

Incorrect.  You will weaken the absolute security of many, but the few who
choose to use strong (non-GAK) crypto will be easily distinguished from
those who comply with the rules.  Being able to do this sort of first-pass
discrimination and then link up relationships between those who are using
strong crypto (you called them and they called someone else, follow the
links) is a key task in SIGINT.

> 2) Weaken the safety of dissidents and human rights organizations that exists
> in hostile countries.  Reason being that any backdoor can be found by anyone
> with the resources.  Many hostile countries have or could buy such resources.

Posssibly, but U.S. legislators don't really care (nor should they) about
the safety of dissidents and NGOs that are breaking the laws in other
countries (if those countries also restrict crypto.)  Your premise that any
backdoor can be found is rather weak as well.  In most cases the "backdoor"
is not hidden; its existence is well known and its main advantage to law
enforcement is that it cuts down the size of the keyspace to be searched.

> 3) Create another tool for Terrorism against our financial (and other types
> of) institutions that rely on secure communications.  Again, this is possible
> because any backdoor can be found by anyone with the resources.  Radicals and
> hostile countries have such resources.

Incorrect.  While it is possible that such a backdoor can be found it is by
no means as simple as you imply, particularly for non-state entities.  While
such secrets can eventually leak out this task is not easy for even trained
professionals, to claim that it is going to be a simple task for radicals
and hostile countries is not consistent with the facts.  While some secrets
are hard to protect (especially over time) it is possible to build a system
for key scrow that makes abuse difficult, albeit not impossible, and still
provides the law enforcement assistance that the public may demand.

> And lastly, and perhaps this is just a personal statement...
> 4) You turn law abiding citizens that realize the above facts into lawless
> one's as they say:
> I will protect myself, my company, my organization and will use encryption
> tools and methods, which I feel, are COMPLETELY.

Not sure what you were trying to say here, but the rest of the country is
currently of the mind that if you want to do so and go to jail, so be it.
Don't expect people to shed too many tears for "pushing" you into breaking
the law.

While your arguments have passion, they lack the logical consistency that
you seem to want to claim.  Sorry.

jim




---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com




More information about the cryptography mailing list