[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Public vs. Private Munitions



At 7:24 PM 7/27/96, Erle Greer wrote:

>     Theoretically, the government should only be have the resources to
>control commercially-available, public encryption systems.  Who is to stop

While I'm not exactly sure what you mean by a "commercially-available,
public encryption system," I think your point is incorrect.

(My confusion is that a commercially-available system is not necessarily a
"public" system, if by public one means public domain. If one means
"published specifications," still not the case. Confusing.)

Howver, the government cannot step in and "control" a
commercially-available product, by even the most liberal interpretations of
the commerce clause. "Tim's Pretty Flaky Snakeoil System," for example. I
can announce it, sell it, and the government is powerless to "control" it.
(Even if it were "public.")

If by "public" you mean an NBS or NIST standard, like DES, then I suppose
the government can in some sense "control" it. (Even this is iffy, IMO, as
I know of no rules saying DES implementations must be approved by NIST or
anyone else.)

>anyone from designing their own cryptosystem for personal use?  If the
>government intercepted a transmission from this private cryptosystem, and
>could not decrypt it, would they assume that it must be considered
>munitions?  Similarly, anyone could send uniformly-formatted random garble
>that could also be considered munitions, or at least waste the governments
>processing time.

Most of the cryptosystems are not under the "control" of the government,
even by the standards of your first definition. Period. RSA is not a
government-controlled system, though it is both "commercially-available"
AND "public" (in that the spec and algorithm are clearly published).

And the talk about "personal use" is misleading, IMO. It suggests that
government can and should regulate use for "business purposes" but not
personal uses. I disagree with this distinction.

>     Why are we so worried about government regulation?  Can't we just
>devise our own cryptosystems and just don't sell them or make them publicly
>available?

You mean the way public key systems in general and  RSA in particular were
invented and devised by non-government folks?


--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
[email protected]  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."