[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Australia next to ban PGP
> From: [email protected] (Ross Anderson)
> Subject: Australia next to ban PGP
> Date: 1 Aug 1995 17:53:50 GMT
> Organization: U of Cambridge Computer Lab, UK
> Lines: 57
> Message-ID: <[email protected]>
> NNTP-Posting-Host: nene.cl.cam.ac.uk
> Xref: ping.be alt.security.pgp:9699 sci.crypt:4852
> Australia's proposed crypto policy:
> (1) Banks will get key escrow
> (2) Other Australian residents will be forced to use weak crypto
> Source: talk by Steve Orlowski, Assistant Director, Australian attorney
> general's department, given at the Cryptography Policy and Algorithms
> Conference, Queensland University of Technology, last month.
> p 34: `the needs of the majority of users of the infrastructure for
> privacy and smaller financial transactions can be met by lower
> level encryption which could withstand a normal but not
> sophisticated attack against it. Law enforcement agencies could
> develop the capability to mount such sophisticated attacks.
> Criminals who purchased the higher level encryption products
> would immediately attract attention to themselves.'
> He mentioned that his department considered itself a suitable repository
> for the government central decrypting unit, which would decrypt traffic
> for local police forces. He also wants to escrowed keys for banks and
> other organisations allowed to use strong crypto.
> Centralising the wiretap capability with the AG is represented as a useful
> safeguard against abuse of power by local police forces. It would be
> presented as a `data recovery' facility in order to reassure the voters.
> Centralisation will enable the AG to acquire the capability to use ``more
> sophisticated techniques in circumstances where the key cannot, for
> whatever reason, be recovered from escrow''.
> So the technical parameters would appear to be: 40 bit keys for the
> masses, 56-bit escrowed keys for the banks, and a Wiener machine sitting
> in Orlowski's office. Belt, braces and string.
> Curiously enough, he quotes a `Review of long Term Cost Effectiveness
> of Telecommunications Interception' as saying that ``Encryption by
> targets of their communications (both voice and data) is not considered
> as a problem for TI at present in Australia'' and goes on to say that
> ``there has been comparatively little market for voice encryption
> products, although they have been readily available''.
> He even produces some good arguments for the EFF, such as that much of
> the intelligence comes from the call log data and from calls to third
> parties such as airlines and hotels which are not encrypted.
> He also says that the OECD countries will hold a meeting on National
> Cryptography Policies later this year. While at the conference, I found
> out that a classified meeting took place this March in Germany between
> the signals intelligence agencies of the developed countries, plus
> Australia and South Africa, at which the assembled spooks agreed to
> press their governments to bring in escrow and/or weak crypto.
> Australia seems rather eager to lick Uncle Sam's boots on this issue.
> I wonder what the payoff was?
Thank you VERY much! You'll be getting a Handsome Simulfax Copy of your
OWN words in the mail soon (and My Reply).
<[email protected]> PGP Print: 0529 C9AF 613E 9E49 378E 54CD E232 DF96
Thank you for question, exit left to Funway.