[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: "Drift net fishing," GAK, FBI, and NSA
At 10:07 AM 10/6/96 -0800, Timothy C. May wrote:
>Some convincing evidence was presented
>that the moving force behind GAK is *not* the NSA, but is rather the *FBI*.
>Specifically, even 40-bit keys are probably too long for massive "drift net
>fishing," in that the cost per break is probably still too high. The cost
>for a "focussed attack" (I can't think of a fishing parallel...maybe "spear
>fishing"?)
How about "DuPont-lure fishing"?
is of course low. The speaker at SAFE pointed out that the FBI
>is pushing for the 40-bit keys (and now is accepting the 56-bit keys?)
>because for focussed attacks, e.g., on the communications of a person under
>observation, they can call on other agencies to break the ciphers for them
>(even if they don't yet have their own such machines).
>
>In a nutshell, almost any level of encryption above, say, 30something bits,
>is too much when millions of messages per day are to be "drift-netted" is
>too much. (The exact number that is "too much" depends on a lot of factors,
>including the cost of the cipher-breaking machines, the number of messages
>to be read per day, etc. This number will change with time.)
You should also factor in the government's ability to store what they can't
immediately decrypt, which drastically changes the playing field with
regard to encryption. It was at least five years ago when I first read
about a system to record data on so-called "digital paper," which was
actually a plastic with a photo-writable layer similar to write-once CD's.
It could be formed in any configuration, but perhaps one of the more
intriguing (due to the large writable area) is on large reels similar to
1/2" magtape. As I recall, they claimed that such a reel could hold 1
terabyte of data.
Sure, such a capacity is small compared with the total Internet traffic, but
I assume that most traffic could be excluded from recording if its source
was known, etc. They'd exclude anything from "probably-okay" web pages, they'd
trim space-hogging graphics, etc. "Just the facts, ma'am." Call the
whole thing "retroactive-selective-drift-net-fishing," if you will.
Once this data is stored away the government would determine (perhaps years
after the fact?) which data they want to decrypt, possibly based on crimes
committed long after the data was recorded. This information might reveal
contacts, etc. Obviously they have no prayer of doing real-time analysis.
Even so, it makes it far more practical to do the equivalent of drift-net
fishing if they can exclude 99.9999%+ of the traffic from their decryption
attempts. 56-bit encryption doesn't look so ominous to them in this case.
Jim Bell
[email protected]