[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NRC Cryptography Report:

To: [email protected]
Subject: Re: NRC Cryptography Report:
From: [email protected] (Bill Frantz)
Date: Thu, 30 May 1996 23:22:21 -0700
Sender: [email protected]

Some dumb questions from a citizen.

Note: Recommendation summaries are from "Fight-Censorship Dispatch #11:
Landmark Crypto Study Released", posted by Declan McCullagh
<[email protected]>.  Thanks Declan.

>Recommendation 4:  Export controls on cryptography should be
>progressively relaxed but not eliminated.
>
>        4.1 -- Products providing confidentiality at a level that
>        meets most general commercial requirements should be easily
>        exportable.  Today, products with encryption capabilities that
>        incorporate 56-bit DES provide this level of confidentiality
>        and should be easily exportable.

How do you reconcile this recommendation with the recommendation of the
Cryptography experts group that data which needs to be kept secret for 20
years should be protected by at least 90 bit keys?

The current export restrictions inhibit using strong crypto domestically. 
How do this recomendation free domestic crypto for commercial development? 
Another way of asking is, how can strong crypto be distributed in the US so
as to preclude prosecution for exporting it?  How do future export controls
affect software posted to FTP/web sites?

>
>        5.3 -- To better understand how escrowed encryption might
>        operate, the U.S. government should explore escrowed
>        encryption for its own uses.  To address the critical
>        international dimensions of escrowed communications, the U.S.
>        government should work with other nations on this topic.

How do government experiments with key recovery systems help us learn about
their vulnerablities to human level attacks, e.g. bribery?  How much
negotiable value will these government systems carry?

How will GAKed systems protect US business from spying by foreign
governments?  France is rumored to be particularly active in commercial
spying, and will want access to all keys used in France.


------------------------------------------------------------------------
Bill Frantz       | The CDA means  | Periwinkle  --  Computer Consulting
(408)356-8506     | lost jobs and  | 16345 Englewood Ave.
[email protected] | dead teenagers | Los Gatos, CA 95032, USA

Prev by Date: Re: Possible out-of-US remailer sites, 2nd edition
Next by Date: (Fwd) Re: [crypto] crypto-protocols for trading card games
Prev by thread: Re: Possible out-of-US remailer sites, 2nd edition
Next by thread: (Fwd) Re: [crypto] crypto-protocols for trading card games
Index(es):
- Date
- Thread