crypto backdoors = terrorisms free reign

[Caspar Bowden]

> [mailto:owner-cryptography at wasabisystems.com] On Behalf Of Jim McCoy
...
> nathan at fains.com at nathan at fains.com wrote:
...
> > 1) Weaken the ability of the free world to combat things such as 
> > terrorism due to the miss-assumption that criminals and terrorists 
> > will actually obey the law thereby causing lack of 
> preparedness.  You 
> > only restrict the rights of the law-abiding citizen, not 
> the lawless.
> 
> Incorrect.  You will weaken the absolute security of many, 
> but the few who choose to use strong (non-GAK) crypto will be 
> easily distinguished from those who comply with the rules.  

I've wondered about this in case of key escrow.

Isn't the only way of telling whether a blob of data is double-encrypted
(once with unauthorised/undeclared key, once with escrowed key), to open
up the blob with the escrowed key and have a look ? 

Of course the contents could be stegoed, but that appears not to matter
to govts. (in the memorable words of a British official "only criminals
will use stego" - as if that was a refutation.)

So presumably (unless the escrow was a sham) there would have to be some
kind of random-sampling at rate p, so that after N times, probability of
getting caught (1-p)^N would be adjusted to act as sufficient deterrent.

Is anyone aware of any paper written on operational/policy side of this
- I guess it's the sort of thing people wouldn't have been worrying
about for several years.

--
Caspar Bowden                           www.fipr.org
Director, Foundation for Information Policy Research
Tel: +44(0)20 7354 2333 





---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com