home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: sci.crypt
- Path: sparky!uunet!walter!hum.bellcore.com!nrh
- From: nrh@hum.bellcore.com (Nat Howard)
- Subject: Re: Registered Keys - why the need?
- Message-ID: <1992Nov9.182323.11871@walter.bellcore.com>
- Sender: news@walter.bellcore.com
- Nntp-Posting-Host: hum.bellcore.com
- Reply-To: nrh@bellcore.com (Nat Howard)
- Organization: Bellcore, Morristown NJ
- References: <715.517.uupcb@grapevine.lrk.ar.us> <1992Nov01.233637.138278@watson.ibm.com> <1992Nov3.090942.1626@guvax.acc.georgetown.edu> <7851@transfer.stratus.com>
- Date: Mon, 9 Nov 92 18:23:23 GMT
- Lines: 60
-
- In article <7851@transfer.stratus.com> cme@ellisun.sw.stratus.com (Carl Ellison) writes:
- >My question remains: how will key registration preserve the ability to
- >wiretap? If the damage done by wiretaps has been so extensive, unless the
- >OC and drug traffic figures are incredibly stupid, they will have acquired
- >or will be about to acquire off-the-shelf phone scramblers and message
- >encryption devices. Granted, there may be some who are of the old school
- >-- refuse to learn about PCs and e-mail -- but that gang will die off
- >(partly by wiretapping, it seems).
-
- Let me amplify this point. If some scheme is used whereby
- our keys are registered, then (presumably) only honest folk will register
- their keys: A law that simply says that it's illegal to use cryptography
- in a certain way will not deter people already committing more deadly
- crimes from using good cryptography.
-
- In other words, when someone proposes a law to limit the use of cryptography,
- the large effects would be on innocent folks: the bad guys will ignore them.
- (That's part of *why* they are "bad guys").
-
- An example: I was once in a discussion about the exportation of DES -- the
- argument against: "Do you want Saddam to be able to use DES?"
-
- But Saddam *can* use DES: as soon as public versions of DES were available
- outside the US, the argument against US exportation lost almost all of its
- point. The remaining law inconveniences only those who choose to obey
- the law. It doesn't actually keep Saddam from getting anything.
-
- Thus the law could be called "The Inconvenience Innocent People Act". Its
- net effect, it seems to me, is to weaken US competitiveness.
-
- Similarly, the right thing to ask is if proposed laws regulating crypto
- are likely to have an important deterrent impact on a person already
- outside the law.
-
- If so, the merits may at least be considered, but *IF NOT* then surely
- there's no point in such a law: it can only inconvenience the
- innocent.
-
- My arguments stated here apply, of course, only to something already
- available outside the US (such as DES) or available to criminals (such
- as IBM PC's). These particular arguments wouldn't apply to something that
- only the US could create (secure NSA crypto boxes?).
-
- So, in sum, my argument is this: a law that would prevent only law-abiding
- citizens from using crypto is really about inconveniencing (and depriving
- of privacy) those same innocents. Its effect on bad guys *cannot* be
- considered a merit, because those benefits do not exist, or are so minor
- as to be not worth considering.
-
- Thus quotes about how much wiretapping saved the US are only
- tangentially relevant. The bad guys will use secure communications
- *regardless* of crypto laws. Thus laws against cryptography will *not*
- save the US much money (there will presumably be some marginal cases) and
- will have the private communications of innocent people in the hands of the
- government the minute there's a "menace to national security".
-
- Since the US was technically in a state of Emergency from around WWII to
- (as I recall) the Ford administration, this hopeful notion that the
- courts are the only ones who will grant access to the keys may, I think,
- be discounted.
-
