[Cryptography] Gilmore response to NSA mathematician's "make rules for NSA" appeal

james hughes hughejp at mac.com
Fri Sep 27 00:30:07 EDT 2013


On Sep 25, 2013, at 3:14 PM, John Kelsey <crypto.jmk at gmail.com> wrote:

> Right now, there is a lot of interest in finding ways to avoid NSA surveillance.  In particular, Germans and Brazilians and Koreans would presumably rather not have their data made freely available to the US government under what appear to be no restrictions at all.  If US companies would like to keep the business of Germans and Brazilians and Koreans, they probably need to work out a way to convincingly show that they will safeguard that data even from the US government. 

I think we are in agreement, but I am focused on what this list -can- do and -can-not- do.

All the large banks have huge systems and processes that protect the privacy of their customers. It works most of the time, but no large bank can say they will never have an employee go bad. 

My point is that this thread was moving towards the statement that citizens of country X should use service providers that "eliminate the need for trust". Because of subpoenas and collaboration this statement is true in whatever the country the service provider is in and who the 3rd parties are. In essence, this is a tautology that has nothing to do with Cryptography. Even if a service provider could "convince you that they _can't_ betray you", it would either be naiveté or simply be marketing. 

The only real way to "eliminate the need for trust" from any service provider of any kind, or any country (your's or some other country), is to not use them. 

The one problem that this list (cryptography at metzdowd.com) -can- focus on is that the bar has been set too low for the governments to be able to break a few keys and gain access to a lot of information. This is the violation of trust in the internet that, in part, has been enabled by weak cryptographic standards (short keys, non-ephemeral keys, subverted algorithms, etc.). I am not certain that Google could have done anything differently. Stated differently, Google (and all the world's internet service providers) are collateral damage.

The thing that this list can effect is the creation of standards with a valuable respect for Moore's law and increases of mathematical understanding. Stated differently, "just enough security" is the problem. This past attitude did not respect the very probably future that became a reality. 

Are we going to continue this behavior? IMHO, based on what I have been seeing on the TLS list, probably. 


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20130926/38d46dc3/attachment.html>

More information about the cryptography mailing list