dbts: Lions and TEMPESTs and Black Helicopters (Oh, My!)

[Robert Hettinga <rah@shipwright.com>]

-----BEGIN PGP SIGNED MESSAGE-----

At 1:24 PM -0500 on 11/2/98, Mr. Motyka vamps on Mr. May in cypherpunks:

> > VERY FEW PEOPLE CARE ABOUT SECURITY.
> >
> Since they don't have anything to hide, why should they worry? Argh.
> ergo - if they're hiding something they are guilty of something. Bust
> the doors down boys.

Naaawww.... It's not so bad as all that...

Remember, fairly soon now, if not already, we'll be storing *lots* of
encrypted data on our disks, not only in the form of encrypted,
controlled-play software, or proprietary company information, or infotainment
(however long *that* lasts), but also in the form of encrypted passwords,
private keys, and, of course, digital bearer certificates ;-).

In addition, every time you do a book-entry transaction, you're perforce
(heh...) using an encrypted link with at least SSL, and, at some point, people
will demand much cheaper and faster internet-level encryption ala IPSEC to
move their money (and their other bits worth money) around. Or they'll be
required to by their employers in various VPN/WAN systems. Or, frankly,
they'll just do it without knowing it anyway, because their TCP/IP apps will
be IPV6 (or something) compliant.

Everyone here who does this stuff for a living knows that the amount of
horsepower necessary to decrypt all those different kinds of encrypted stuff,
even the weak stuff, is going to be positively prohibitive (instead of
permitted? ;-)), since it all has different keys, lots of which are long gone.
IPSEC keys, for instance, are positively disposable, and, if it's done right
- -- which it will be, because nobody wants to lose *money*, after all --
the encrypted packets will originate at the client, and not the router, so all
that "private doorbell" stuff is just a smokescreen for what is going to be
superencrypted data anyway.

And, of course, we all know now that KRAP / ne� Key Escrow / ne� GAK / ne� Key
Recovery / ne� Clipper is logically, much less physically, impossible. Don't
ask me, ask the likes of Diffie, and Rivest, and Schneier, et alia. All the
"legislation" in the world ain't gonna change that, right?


Digital Commerce is Financial Cryptography, folks.

F=MA. It ain't just for physicists anymore...


The black helicopters aren't flying over the hill any time soon, boys and
girls. Why? Because, if they tried, soon enough, they couldn't afford the gas
for a return visit. Their erstwhile tax revenue, like most money, being
fungible and all, is, or soon will be, quite easy enough to bug out into the
cyphersphere with. After all, who's to tell one encrypted blop of bits from
another?

"Awwwww, C'Monnnn. Niiiice taxpayer. Staaaaay. *Don't* go anywhere.
Pleeeeease?"


A cowardly lion indeed.


Cheers,
Bob Hettinga

-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.5.5

iQEVAwUBNj4wNcUCGwxmWcHhAQEsewf9GbZ2OxeczWZzeNAuBwBm+PlWvZAdOmml
UYmik/U4s41x310HtXdPg2ixnUJ/i67rWXYGHeGeAZrbn0IYH69dM7l0qSROSHnM
dDMLA18nZjIy1XKzcG0yrRfsbLKtfFpe3Y4SN8dHoTRKzzfoskhmQJWu9/2twVKi
Y3gFgd5Qawu4a23jmMOGRJ1pLUpo9jjTu2qs8uA0Q42aeWcm4Zm1QhaK9/9FV9Sm
FkbHTgzK6RwaLiKySkqf22KNsy6WLa9ypVLK03tMrJNgILqY2S3xxoM/2EOhf+FF
5yt16/bABw3YvS8WWp2PkmHMn1rxXgBy1iodioFI79Cf35Yu36/O4Q==
=GPbv
-----END PGP SIGNATURE-----
-----------------
Robert A. Hettinga <mailto: rah@philodox.com>
Philodox Financial Technology Evangelism <http://www.philodox.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'