[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Why is cryptoanarchy irreversible?



At 7:20 PM -0800 11/7/96, Peter Hendrickson wrote:
...
>I cannot speak for the GAK advocates.  However, you could establish a
>system where messages between two countries are encoded with keys
>which are made available to only the two countries in question.
>
>A really simple scheme to do this would be for each country to publish
>a public key.  You would be required to encrypt the key to the message
>with the national public key.  That scheme would be fast to deploy.

Well, this is not what the proposals for GAK involve. If it were _only_ a
matter of each country requiring GAK for communicatons entering its
country, then this would be as you describe (not that many of us would
approve of it).

What complicates matters is that the U.S. proposes that _it_ keep
records/escrows of communications with, say, recipients in Libya. Or
Russia, or Burma, or Tazbekinoya. This means automatically that simplistic
models ("encrypt to the public key of Tazbekinoya" will not be sufficient).

>In a more complicated and secure scheme, you would be given a public key
>from each country that was unique for your communications at the same
>time you were granted your international communications license.  The
>unique public key would be managed by a small group of people.  This
>means that if it was ever compromised, most message traffic would be
>secure and those who were responsible would be easy to find.
>
>The only way you are at the mercy of the Libyans is if you do business
>in Libya.

No, I think you are missing the point. The issue about Libya is that the
GAK system must make decisions about when and under what conditions it
accedes to government wishes--for governments we may be hostile toward.

Or governments may be hostile toward us.

As I said in another message, I don't think there can be a unified GAK
policy. I believe the U.S. Administration hopes to browbeat enough nations
into compliance such that it--the U.S. government--controls which keys are
released and which are not. My point about "rogue" governments is that the
problems of Burma, Libya, etc. will not vanish. Clearly the U.S. government
will not settle for waiting for Libya or Burma to co-release keys....

And nothing in GAK says one gets to communicate with Libyan parties by
encrypting with the public key of Libya, thus bypassing the U.S. decryption
capabilities!

--Tim May


"The government announcement is disastrous," said Jim Bidzos,.."We warned IBM
that the National Security Agency would try to twist their technology."
[NYT, 1996-10-02]
We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
[email protected]  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^1,257,787-1 | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."