[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

"Nightmare on Crypto Street--the Return of Sun Devil"




As I said in my "Nightmare on Crypto Street" piece, it seems that Peter
counters every one of our counterarguments with some variant of "won't
matter--they'll have a dozen agents and 20 MIT graduates looking for
evidence." Or, "won't matter, the Bill of Rights will be suspended for the
duration of the Emergency." Well, it's hard to argue with such points.

On a few plausibility points, or on technical points (as with the meaning
of "noise," for example), there's still a basis for a debate.

At 9:02 AM -0800 11/8/96, Peter Hendrickson wrote:

>Where will you keep your secret key?  Remember, when they go through your
>house they bring 20 young graduates from MIT who are just dying to show
>how clever they are and save the world at the same time.

Unlikely they'll be able to find or marshall 20 MIT grads. Didn't happen
when they raided Steve Jackson Games as part of Operation Sun Devil and
hauled away all of his equipment. It probably _did_ happen with the raid on
the Unabomber's cabin, except probably the numbers of MIT grads were fewer
and their specialties were in other areas.

Where do you keep your secret key? On your disk. However, one's PGP
_passphrase_ is what is really important (though both are important).
Without the passphrase, the secret key is worthless. Now of course some
people write down their passphrases on Post-It notes, etc., and certainly
keystroke capture programs may be running (inadvertently, deliberately, or
even via previous blackbag job plants, as many of us have noted over the
years). However, a properly memorized passphrase, of sufficient length and
entropy to make exhaustive search impractical, and proper "crypto hygiene"
will go a long way toward making such raids ineffective.

And there are several reports of such raids turning up PGP-encrypted files
which the cops and investigators have been unable to crack. PRZ speaks of
being asked to help, and some others here on this list have mentioned
similar situations. The Church of Scientology has been seeking "PGP
experts" to help them read some files they believe may help them get
someone punished. Basically, without the passphrase, not much can be done.

(I expect the "crypto hygiene" issue to get better, not worse. It is likely
that "crypto dongles" and PDAs will soon drop in price enough such that one
can store one's private key on a dongle, smartcard, or PDA and enter the
passphrase with a keypad built in...this dramatically cuts the risk that a
keystroke capture program is being run, or that a TEMPEST van is trying to
capture the keystrokes (LCD and low-power CMOS circuitry don't generate a
helluva lot of Van Eck radiation :-} .)

And there are the familiar low-tech versions of protecting some keying
material, such as "rat lines" into neighboring apartments. A few years ago
we talked about how hacker-friendly buildings could easily be wired up with
fibers and LANs such that files and key material were scattered in multiple
sites, with various "dead man switches" to shut off access should a raid
occur. Search warrants would of course be problematic (and the Bill of
Rights frowns on blanket searches for, say, 40 apartments on the suspicion
that a needed file may be on the hard disk of a machine in one of the 40
apartments).

Finally, on this point, "perfect forward secrecy" is possible with several
crypto protocols (notably, Diffie-Hellman). There is no stored keying
material left behind. Adapting this approach for other uses is likely to be
more popular in the future. (I certainly agree that text versions of "How
to Make Sarin" are always going to be incriminating in a legal case, but
crypto is not the main issue.)

>> This is the essence of steganography and the nature of signal and noise are
>> fundemental principles of information theory.
>
>The concept of noise is not all that well defined, however.  There is no
>way to look at a signal and say "this is all noise."  Sometimes physical
>theories may lead you to believe that it is all noise.  That is fine
>for many applications, but when becomes less convinced of things if
>the consequences are severe.

Actually, you've got it turned around. What is really hard to do, and what
is needed by a prosecutor seeking to prove a case, is to prove "this is
*not* noise."

As we've talked about for several years, storing and sending lots of noise
is a Good Thing. "Yes, FBI Agent Mulder, that is a noise packet I sent."

The claim that people will be thrown in prison for storing
apparently-random noise on their disks, or even sending it in their
writings, is ludicrous. Not so long as the Bill of Rights stands. Given the
"Nightmare on Crypto Street" scenario of mass pogroms and suspension of the
Constitution, maybe not. But I find this scenario implausible and not
really worth worrying about overmuch.

--Tim May


"The government announcement is disastrous," said Jim Bidzos,.."We warned IBM
that the National Security Agency would try to twist their technology."
[NYT, 1996-10-02]
We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
[email protected]  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^1,257,787-1 | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."