[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Registering Keys with Big Brother



Arise, cypherpunks, evil plans are brewing in the bowels of the Beast!

I just read a summary of influential crypto guru Dorothy Denning's
talk at the recent 15th National Computer Security Conference (held in
Baltimore, don't you know, so con-vee-nient to Fort Meade). See the
recent RISKS articles in comp.risks (esp. 13.86). 

Since RISKS is copyrighted, and we wouldn't to do anything to make the
lawscums unhappy, I'll summarize:

* Denning proposes that anyone using public key encryption over public
networks be required to register their private keys with, for example,
the Justice Department.
* To avoid the risks of someone else getting the key, she suggests the
private keys could be encrypted with the _public key_ of Justice, and
then held by an independent agency. (Ostensibly, the encryption and
registration could be done by the user himself, though some means of
verifying compliance would have to be devised.)
* To make use of the private key (for example, to read e-mail
encrypted with the key), the government would have to get a court
order, present it to the independent agency, take the key back to
Justice, decrypt it with the private key of Justice, and then proceed
with their surveillance and whatnot.

This is ostensibly like the procedure for wiretapping.

However, it would screw up the use of encryption in many ways.
Registering a key would precluded frequent key changes, would probably
cost some fee (on the order of $50, like a driver's license, I'd
guess), and would of course greatly complicate the use of digital
pseudonyms and all the other neat stuff we've talked about (but which
caution tells me not to discuss here on an open and unsecured
list...you can check my .sig to see where I stand, of course).

My hunch is that Denning and the other "quaint" (cf. Sterling's "The
Hacker Crackdown" for a description of how the crypto bigwigs interact
with hackers at CFP and elsewhere) cryptheads have alerted the
government to the _real_ threat of cryto tools. Position papers are
being released as trial balloons, to prepare the way for a "Crypto
Crackdown."

I hope I'm wrong. We need more information. Let's talk to someone who
went to this conference and get the Proceedings as quickly as
possible.

Cryptically Yours,

--Tim

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
[email protected]       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^756839 | PGP 2.0 and MailSafe keys by arrangement.