[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Denning's Crypto Archy [LONG]
The Future of Cryptography
Dorothy E. Denning
Georgetown University
Revised January 6, 1996
[Responses by Duncan Frissell in square brackets]
Although May limply asserts that anarchy does not mean lawlessness and
social disorder, the absence of government would lead to exactly these
states of chaos.
[Tim is rarely given to limp assertions. I haven't seen him spend much time
arguing about the exact social arrangements of a free society following the
crypto revolution. He has merely pointed out the results of the technology.]
I do not want to live in an anarchistic society -- if such could be called a
society at all -- and I doubt many would.
[Whatever happens, there will always be plenty of cults around (perhaps even
one called the Government of the United States of America) to which anyone
will be free to belong and at the altars of which one will be free to
worship. In fact the deregulation of human interaction will make it easier
for more oppressive cults to exist than is possible today as long as they
keep to themselves. There will be no shortage of people willing to tell
their followers what to do. Nothing will stop anyone from joining such a
society.]
A growing number of people are attracted to the market liberalism envisioned
by Jefferson, Hayek, and many others, but not to anarchy. Thus, the crypto
anarchists' claims come close to asserting that the technology will take us
to an outcome that most of us would not choose.
[Still up for negotiation is how liberal a market we will want. The growing
power of markets and (traditional) liberal ideas is the result of the
growing wealth and power of individuals around the world. Crypto anarchists
merely point out that the shape of future market societies is no longer in
the hands of "The Authorities" but is rather in the hands of those trading
on the market; i.e., everyone on Earth."]
This is the claim that I want to address here. I do not accept crypto
anarchy as the inevitable outcome. A new paradigm of cryptography, key
escrow, is emerging and gaining acceptance in industry.
[That is what remains to be seen.]
The drawbacks of cryptography are frequently overlooked as well. The
widespread availability of unbreakable encryption coupled with anonymous
services could lead to a situation where practically all communications are
immune from lawful interception (wiretaps)
[My thoughts are immune from 'lawful interception' as are everyone else's
and yet the world survives. Thought is communication within the brain.
Communication is 'thought' between brains. The world which has survived
private thoughts can survive private communications. The whole concept of
controlling communications is a bit obsolete in any case. In past eras, the
only social threat came from large masses of men (hence the desire to
intercept and control communications) whereas today any individual can do
more damage than a large group in the past.]
and documents from lawful search and seizure, and where all electronic
transactions are beyond the reach of any government regulation or oversight.
The consequences of this to public safety and social and economic stability
could be devastating.
[See the recent joint study by the Cato Institute, the Fraser Institute, and
9 other think tanks world wide showing that there is a strong positive
correlation between nations with free economies and nations with wealth.
There seems little doubt that total economic deregulation is a good thing.
We shall certainly have the chance to test that hypothesis in coming years.
I haven't seen any nation harmed so far by having too free an economy.]
With the government essentially locked out, computers and telecommunications
systems would become safe havens for criminal activity. Even May himself
acknowledges that crypto anarchy provides a means for tax evasion, money
laundering, espionage (with digital dead drops),
[That is, keeping your own money, transferring funds, and research. Sounds
like activities that should not be the concern of others.]
contract killings,
[These may be easier although *government* killings will be harder since
governments may lack the resources to do as much of that sort of thing as
they have done before. (From 1917-1989, Communist governments murdered
someone every 30 seconds -- a total of some 60 million people.) In
addition, those who fear they may be the subject of contract killings can
use pseudonyms, locational ambiguity, and untraceable communications to make
themselves harder to find and thus to kill.]
and implementation of data havens for storing and marketing illegal or
controversial material.
[Last time I looked, controversial material was legal to possess and
transmit. Illegal information will no longer be illegal if its transmission
can't be stopped since utterly unenforceable laws tend to go away (see
Sodomy).]
Encryption also threatens national security by interfering with foreign
intelligence operations. The United States, along with many other countries,
imposes export controls on encryption technology to lessen this threat.
[Of course if the US is weakened by the growth of (really) free markets, its
enemies will be as well so foreign threats will automatically diminish.]
Cryptography poses a threat to organizations and individuals too. With
encryption, an employee of a company can sell proprietary electronic
information to a competitor without the need to photocopy and handle
physical documents.
[This is a threat from digitization, not from encryption.]
The keys that unlock a corporation's files may be lost, corrupted, or held
hostage for ransom, thus rendering valuable information inaccessible.
[Or the computers can not be backed up, can crash, can be blown up, can be
flooded, can experience disk failures, etc. This is not a problem unique to
encryption. Backups and scattered sites are always necessary. High-speed
networks, secure communications, and encryption make it easier to back up
your systems at different locations all over the world. They help you avoid
data loss, they don't contribute to it. Key splitting and private key
escrow can easily protect keys.]
When considering the threats posed by cryptography, it is important to
recognize that only the use of encryption for confidentiality, including
anonymity, presents a problem.
[Of course confidentiality is the reason codes were invented in the first
place. Additionally, the Supreme court has recognized that anonymity has
First Amendment protection. We have already made the social decision that
anonymity is OK in many circumstances. I'm sure that all of us engage in
many anonymous transactions on a daily basis and yet the world survives.]
Crypto anarchy can be viewed as the proliferation of cryptography that
provides the benefits of confidentiality protection but does nothing about
its harms. It is government-proof encryption which denies access to the
government even under a court order or other legal order.
[In countries that don't regularly practice torture, we have the power to
disobey court orders in any case. Modern technology merely makes it easier
and reduces the likelihood of punishment. Court orders are rare in any
case. Seems like much ado about nothing.]
It has no safeguards to protect users and their organizations from accidents
and abuse.
[This is the job of those who write software, not philosophers.]
The crypto anarchist position is that cyberspace is on a non-stop drift
toward crypto anarchy.
[I usually argue that the spread of markets is driven more by cheap telecoms
and the growth of a very efficient market infrastructure. Cryptography
hasn't had much of an impact yet. I think that even without crypto, markets
will swamp attempts to regulate them and since people can move as well, they
are becoming harder to control even before any crypto revolution.]
In addition to the free encryption programs being distributed on the net,
encryption is becoming a basic service integrated into commercial
applications packages and network products. The IP Security Working Group of
the Internet Engineering Task Force has written a document that calls for
all compliant IPv6 (Internet Protocol, version 6) implementations to
incorporate DES cryptography.
[The net belongs to its customers and as owners they will probably decide to
secure their property. Sounds enormously democratic to me.]
The potential harms of cryptography have already begun to appear. As the
result of interviews I conducted in May, 1995, I found numerous cases where
investigative agencies had encountered encrypted communications and computer
files. These cases involved child pornography,
[Possession of a bunch of zeros and ones.]
customs violations
[free trade]
drugs
[the retail pharmaceutical trade]
espionage
[research]
embezzlement
[finally a crime]
murder
[Another crime. Can you give us the details of a murder investigation
blocked by cryptography? We don't need any names.]
obstruction of justice
[Refusal to make things easy for prosecutors. A *real* crime. This wasn't
Hillary by any chance, was it?]
tax protesters
[You mean tax evaders, don't you? Far as I know, protesting taxes is a
legal activity.]
and terrorism.
[State-sponsored or private?]
At the International Cryptography Institute held in Washington in September,
1995, FBI Director Louis Freeh reported that encryption had been encountered
in a terrorism investigation in the Philippines involving an alleged plot to
assassinate Pope John Paul II and bomb a U.S. airliner [4].
[But the perp was caught anyway. Is this the same Louis Freeh who thinks
that the loss (by him) of a government cellphone is just as bad as the FBI
issuing shoot-to-kill orders against American citizens before even trying to
arrest them (since he punished both with a letter of reprimand)?]
AccessData Corp., a company in Orem, Utah which specializes in providing
software and services to help law enforcement agencies and companies recover
data that has been locked out through encryption, reports receiving about a
dozen and a half calls a day from companies with inaccessible data.
[Sounds like poor system design. I'm not sure that advising others how to
safely store their business records has anything to do with law enforcement,
however.]
The idea is to combine strong encryption with an emergency decryption
capability. This is accomplished by linking encrypted data to a data
recovery key which facilitates decryption. This key need not be (and
typically is not) the one used for normal decryption, but it must provide
access to that key. The data recovery key is held by a trusted fiduciary,
which could conceivably be a governmental agency, court, or trusted and
bonded private organization. A key might be split among several such agencies.
[Why would a government agency or a court be the best entity to provide
business services? If I'm looking for someone to install a LAN in my
office, I don't immediately think to call the Post Office and get them to
bid on the job. Business services like data backup and recovery are much
more likely to be efficiently accomplished by a private contractor.]
Organizations registered with an escrow agent can acquire their own keys for
emergency
decryption. An investigative or intelligence agency seeking access to
communications or stored files makes application through appropriate
procedures (which normally includes getting a court order) and, upon
compliance, is issued the key.
[But what if it turns out that my chosen escrow agent is located outside the
jurisdiction of the court. Surely you don't want to cause any NAFTA or GATT
problems here. The WTO might declare your encryption policy to be an unfair
trade practice.]
Legitimate privacy interests are protected through access procedures,
auditing, and other safeguards.
[But what if some of us want better protection than bureaucratic promises
and procedures. Some people in the past who relied on government promises
and procedures ended up in crowded "shower" rooms trying to extract oxygen
from diesel exhaust.].
In April, 1993, as response to a rising need for and use of encryption
products, the Clinton Administration announced a new initiative to promote
encryption in a way that would not prohibit lawful decryption when
investigative agencies are authorized to intercept communications or search
computer files [6].
[And a rousing success it was.]
The IBAG principles acknowledge the right of businesses and individuals to
protect their information and the right of law-abiding governments to
intercept and lawfully seize information when there is no practical
alternative.
[Is a communist dictatorship a "law abiding government?"]
The principles call for industry to develop open voluntary, consensus,
international standards and for governments, businesses, and individuals to
work together to define the requirements for those standards. The standards
would allow choices about algorithm, mode of operation, key length, and
implementation in hardware or software. Products conforming to the standards
would not be subject to restrictions on import or use and would be generally
exportable.
[Gee, I thought that was what we were doing.]
It is conceivable that domestic and international efforts will be sufficient
to avoid crypto anarchy, particularly with support from the international
business community. However, it is possible that they will not be enough.
Many companies are developing products with strong encryption that do not
accommodate government access, standards groups are adopting non-key escrow
standards, and software encryption packages such as PGP are rapidly
proliferating on the Internet, which is due, in part, to the crypto
anarchists whose goal is to lock out the government. Since key escrow adds
to the development and operation costs of encryption products, the price
advantage of unescrowed encryption products could also be a factor which
might undermine the success of a completely voluntary approach.
[Sounds like the voluntary cooperation of human beings in international
markets is just humming right along isn't it? It seems that a lot of market
participants are "voting with their feet" for strong crypto. The System is
the Solution.]
Under this licensing program, commercial encryption products, including
programs distributed through public network servers, would comply with
government regulations.
[Isn't a "public network server" just a server that is made world readable?
Since there will be (conservatively) 100 million "public network servers"
online in a few years, won't enforcement be a trifle difficult?]
Such an approach would not prevent the use of government-proof encryption
products by criminals and terrorists. They could develop their own or
acquire the products illegally. But an approach of this type would make it
considerably more difficult than it is at present. Had such controls been
adopted several years ago -- before programs such as DES and PGP were posted
on the Internet -- the encryption products on the market today would support
key escrow or some other method for government access.
[As I recall, wasn't public key encryption developed in spite of the fact
that the NSA had in place an unofficial ban on cryptographic research? The
NSA's ban failed. Since you are not proposing outlawing such research, what
makes you think that mere distribution controls will work? ]
It would not be possible to acquire strong, government-proof encryption from
reputable vendors or network file servers. The encryption products available
through underground servers and the black market would most likely not
possess as high a quality as products developed through the legitimate market.
[The Internet itself runs primarily on software developed on the open market
from non-commercial sources without slick packaging. It seems to have met
with some market acceptance in spite of the lack of shrink-wrap packaging.]
Crypto anarchy is an international threat which has been stimulated by
international communications systems including telephones and the Internet.
Addressing this threat requires an international approach that provides for
both secure international communications crossing national boundaries and
electronic surveillance by governments of criminal and terrorist activity
taking place within their jurisdictions.
[It's nice to be noticed. How, exactly, is this voluntary, international,
standards regime going to deal with the desire of different governments to
control different communications. Look at the problems, some governments
want to ban American movies, the Asian Wall Street Journal, books on the
health of former heads of state, public records of sensational murder
trials, phone calls made using callback services, financial wire services,
novels by leftist co-religionists living in England, email containing the
English word for sexual intercourse (if readable by children), directions
on where to obtain an abortion in London, etc. And all these governments
will want to crack private transmissions in order to find those responsible
for these "crimes." This is going to be a hell of a challenge for a
voluntary, international standards regime. I think it is probably beyond
the capabilities of such an institution to mediate among all of these
competing desires to control the communications of others.]
DCF
"BTW if one spellchecks the word unescrowed (as in unescrowed encryption)
one is likely to encounter the suggested replacement "unscrewed" (as in
unscrewed encryption).