[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Comments Requested for preso outline



-----BEGIN PGP SIGNED MESSAGE-----

Fellow c*punks,

I plan on creating several informational sessions on net legal issues 
here at Miami University.  Use of E-mail has risen considerably in just 
the last year.  Most users of this e-mail have no idea how the words 
move from their screen to the screen of the addressee, much less 
government attempts to regulate cryptography.  I want to create an 
overview of no more than an hour (hopefully shorter) that will cover 
many of the important issues involved.  The meetings will be followed by 
PGP distribution and key generation on Mac and MS-DOS platforms.

The following outline is "version 0.1" of what I would like to explain.  
Unfortunately, I believe the outline needs to be considerably edited.  
The main problems are 1) Keeping interest, and 2) Making concepts of 
cryptography understandable for people who are not mathematicians or 
programmers.

I would appreciate any input, criticisms, suggestions any of you have.  
Mainly, I'm looking for ideas about the best way to teach a basic, 
conceptual understanding of public key cryptography and digital 
signatures.

I don't expect every person who shows up to start encrypting their 
communications.  What I aim to do is increase awareness, mainly about 
the activities of their government, and to distribute PGP.  These will 
be people interested in the future of the net as end users, not as code-
writers or hackers.  I want to educate them about the policies, being 
formed now, that will affect the net for decades.


- -john.


- --------------------------------cut here-------------------------------

1) Basic overview of the net.
	o There is, currently, no "Internet Inc."
	o The Internet started as a cold war problem: How do you 	
		communicate after a nuclear attack?
		Electronic Mail:  How do the words go from your screen to
		your friend's screen?
	o broken up into ASCII packets and sent towards the destination
		this ASCII could be intercepted and read by numerous
people 
		along the way
   Why should you be worried about your privacy?
	o low cost of information archiving
	o low cost of key-word scanners
	o ease of implementation, at least along backbones (in our area, 
		OARnet)
	o the backbones are often funded, or operated by government 
		agencies
	o you use envelopes in reality, why not in Cyberspace?

2) How do you keep communications private?: Overview of encryption
	o encryption is hiding data in plain site
	o plaintext -> key -> ciphertext relationship
	o symmetric ciphers
		> requires a secure channel for key transmission
		> limited to governments, corporations
		> ex: DES, used by banks for wire transactions
	o public key ciphers
		> does not require a secure channel for key transmission
		> relationship of public/private keys
		> overview of a transmission
		> conceptual description of Alice and Bob communicating 
			(diagrams)
	o signing methods
		> what is a digital signature?
		> what can they be used for?
		> verifying the integrity of a message
	o What makes an algorithm secure?
		> peer-reviewed, public algorithm
		> security in vast key-space, not in secret algorithm
	o Software you can use
		> PGP
		> demonstrate key generation, data encoding/decoding
		> various other schemes, probably Curve Encrypt (IDEA)

3) Legal Issues
	o government regulation
		> What is the NSA?
		> Export Laws
		> Clipper/Skipjack
	o What is Clipper?
	> government designed hardware encryption for voice and data
	> secret algorithm
	> government backdoor
		> created to allow tapping of communications by drug 	
			dealers, terrorists, etc.
	o what does it mean for you?
	o why won't it work?
	> smart criminals won't use it
	> government checks on key use probably inadequate
	o what can you do?
	> distribution of letter to the president, congress, 	
		representatives
	> encourage algorithm distribution
	> EFF info

4) Software distribution, Key generation
	o Mac and MS-DOS PGP
	o Curve Encrypt


-----BEGIN PGP SIGNATURE-----
Version: 2.3

iQBVAgUBLU2L+hD3efpluabZAQHzEwH8DPrdnDfG2zVXAD/MV+21+m6iinT7DN1+
PshKBLAE/UfZCjlplGgZGaHBY+8O9gQ/XsCUp5HDJRLKSxzVvCGKEg==
=53C1
-----END PGP SIGNATURE-----