[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CWD: "Jacking in from the "One that Got Away" Port



(By Brock Meeks / [email protected] / Archived at http://www.cyberwerks.com/)


 CyberWire Dispatch // Copyright (c) 1996 //

 Jacking in from the "One that Got Away" Port:

 Washington, DC -- President Clinton call your spooks, get FBI Director
 Louis Freeh on the phone.   Tell them to order in pizza.  Bill, it's
 going to be a long night.   All your plans to hold the U.S. crypto
 market hostage have just been fucked... and you didn't even get kissed.

 A virtual tactical nuke was hurled into the arcane subculture of
 encryption technology Monday when RSA President Jim Bizdos revealed
 that his company's Japanese subsidiary had developed a monster chipset
 capable of scrambling voice and data real time with a so-called "key
 length" of up to 1024 bits.

 That key length stuff is just so much gibberish to those playing
 without a scorecard, so let me drill down on it for you.  Basically,
 the longer the key length, the harder it is for a message to be broken
 by "brute force" automated attacks.  Current U.S. laws prohibit the
 export of any encryption device with a key length longer than 40-bits,
 or roughly the equivalent of  Captain Crunch decoder ring. For hardcore
 math types, I'm told that a 1024-bit key length is 10 to the 296th
 power more difficult to break than 40 bits.

 Bizdos, speaking during lunchtime at the Electronic Privacy Information
 Center (EPIC) 6th Cryptography and Privacy conference, told how his
 Japanese based company, Nihon-RSA, developed a set of two chips capable
 of scrambling messages at a level that will make the spooks in the
 Puzzle Palace (the National Security Administration) cough up hair
 balls that would make the First Cat Socks envious.

 Bizdos seems to have found crypto's magic bullet;  a legit way to
 essentially give the finger to U.S. export laws for crypto product. For
 years now the White House has been locked into a kind of crypto war.
 The Administration insists that strong encryption products must not be
 exported for fear that "terrorists, child pornographers and drug
 barons" and a rabble of assorted "bad guys" would snag the technology
 and proceed to plot the destruction of the "World As We Know It"... or
 at least Western Democracy, if the inbred Iranians got in line first.

 The White House crypto-fascist team, led by the NSA, FBI and assorted
 military hawks, have offered braindead compromise plans, including
 three versions of the "Clipper Chip."  This is a plan whereby you can
 buy strong locks for your data with the simple caveat that when you buy
 and use the products, you have to put the decoding key "in escrow."
 This way if a law enforcement agency ever has the need to unscramble
 any of your messages -- without you knowing it -- they can simply ask
 for these escrowed keys and have them handed over.  Yes, even your
 local sheriff's department can ask for the keys.

 Now, the government promises it will use this power only for good and
 never for evil.  Honest, that's what they say.  Of course, the Justice
 Department, in writing the rules for getting the keys, totally absolves
 any law enforcement agency of all harm if this power is abused in any
 way. Oh.. and if that power is abused, the sheriff or the FBI or
 fucking Park Police for that matter,  can still use any "evidence" they
 gin up on you.  Honest, I'm not making any of this stuff up.

 So the battle has raged.   The industry has been loathe to develop such
 products only for the American market because the cost of producing
 essentially duplicate products for domestic and foreign markets just
 wouldn't be cost effective.

 So, you and I are stuck having to use some pretty tedious encryption
 technologies, such as PGP (Pretty Good Privacy), which is great, but
 tough to use.  Or we can use the Captain Crunch Decoder ring
 equivalents available off the shelf. In the meantime, other countries
 are happily making and distributing robust encryption technologies, at
 a possible loss of up to $60 billion for U.S. companies.

 In fact, it's a crime even to put a program like PGP on your laptop and
 go overseas.   The State Department calls that "exporting."  The
 government recently dropped a case against Phil Zimmermann, the
 inventor of PGP, after putting him through several hellish years in
 which they threatened to toss his ass in jail.  There Phil would  no
 longer be a threat to society at-large, but instead become a
 "girlfriend" for a 265 pound felon named Spike.   Phil's "crime"??
 That somehow his PGP app had been uploaded on to the Internet and
 whisked around the world.  Phil didn't do it, but the U.S. government
 cried "export violation," anyway, eventually telling him, "Oh, never
 mind."

 So Bizdos, tired of fighting the wars here, enlisted the help of the
 Japanese.   After setting up his Japanese unit, he hired a crack team
 of Japanese crypto experts who essentially "reverse engineered" the
 company's own U.S. crypto product, according to Kurt Stammberger, RSA
 director of technology marketing.  It was a brilliant move.   Bizdos
 can't be slammed by the State Department for violating crypto export
 laws because, well, he didn't export a damn thing, except some U.S.
 greenbacks, which of course, could have gone to U.S. cryptographers,
 but let's not quibble about jobs.

 Anyone want to kick around the subject of global competitiveness?

 What's happened here is the Japanese have now trumped the entire world
 on the crypto market.   What's more, Clinton's brain-dead allegiance to
 the FBI, et al., has now allowed the Japanese government, which still
 owns a large share of NTT, which owns a minority share of RSA's
 Japanese subsidiary, to have a lock on the world's strongest encryption
 technology.   Can you say "Remember the VCR"  or "Remember the
 Semiconductor" or how about "Thanks, Bill.  We're fucked."

 The boys in the Pentagon made a stink a few years ago when a Japanese
 company made a play for Fairchild, a top defense contractor.  It was
 feared that the Japanese, by swallowing up the U.S. company, would also
 gain access to technologies vital to the U.S. military.   The deal was
 squashed.  Natch... now it looks like the G.I.'s with the stars on
 their shoulders have just put their spit-shined combat boots up their
 own ass by supporting Clinton and his continued ban on crypto exports.

 "We truly have ceded this market Japanese companies," Bizdos said.
 "It's almost too late to turn it around."  Some 15 COUNTRIES have
 already placed orders for these chips, Bizdos said, adding that the
 Japanese will not build the chips with a key escrow function.

 EPIC Director Marc Rotenberg said he was told by a Japanese
 representative that the country's constitution wouldn't allow key
 escrow because it doesn't allow wire-tapping.  Umm... maybe the
 Japanese just don't have *really* bad guys like the FBI assumes we have
 here.

 What's more, Bizdos says the deal with NTT is "no coup."  He says the
 Germans and French "aren't far behind" in developing similar
 technologies.   The RSA bombshell "fuels the argument that this stuff
 can't be contained in our own borders," said PGP's Zimmermann.

 Just how the relationship between NTT and RSA works out isn't set,
 Bizdos acknowledged.  "They'll pay us a royalty for the chips they
 sell," he said. "We're working it all out."

 Meanwhile, from my office window here in DC I've already counted 17
 Domino's Pizza delivery bikes go screaming by on their way to the White
 House.  Through my telescope I can see the White House balcony;  it
 looks like Bill is sick, like he's just heard some "really bad news."
 And behind him, just inside the double-doors, on a persian rug placed
 there by Warren G. Harding, I think Socks the Cat has just coughed up a
 hairball... or maybe it was Louis Freeh.  From this angle, I just can't
 be sure.

 Meeks out...

 ------------

 Additional reporting by Declan McCullagh ([email protected])