[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Why is cryptoanarchy irreversible?Re: Why is cryptoanarchy irreversible?



On Thu, 7 Nov 1996, Daniel T. Hagan wrote:

> On Thu, 7 Nov 1996, Peter Hendrickson wrote:
> 
> > It appears to be widely believed that cryptoanarchy is irreversible.
> > Everybody believes that the race to deploy or forbid strong cryptography
> > will define the outcome for a long time.
> > 
> > I can't think of a reason why this should be so.
> > 
> > If the wide use of strong cryptography results in widely unpopular
> > activities such as sarin attacks and political assassinations, it
> > would not be all that hard to forbid it, even after deployment.
> > 
> > I am curious why many people believe this is not true.
> > 
> > Peter Hendrickson
> > [email protected]

Look around at all the laws in a community that are unenforceable and 
largely ignored by significant sections of the community. Taxes are a 
classic with many people receiving cash and not declaring it..I suppose 
you could say they just opt not to pay taxes while law abiders (to varying 
degrees) opt in to pay tax. 

It is estimated here where all dogs, for example, are required to be 
registered, that only 40 percent are in fact registered (ie pay the dog 
tax). The authorities simply do not, with their current technology, have 
the ability or political will to break down everyone's front door and 
complete house to house dog searches then deal with court cases and bring 
eveidence as to the actual owner of the animal where this is a relevant 
matter to be proved.

Take a look at the nearest road and tell me if the speed limit imposed is 
effective enough to have everyone comply.

Dare I mention drugs, political corrutpion, fraud, or murder.

Once the tools are 'out' individuals decide whether they will use them, 
irrespective of what laws may be made to control or ban useage. Certainly 
those laws will have an impact on individuals decisions as to whether the 
risk of use, after taking into account the penalty, and importantly the 
likelihood of detection, will warrant its use.

Consider the difficulty of actually outlawing say PGP and making it 
stick. To ban its use on a network compliance measures such as routine 
traffic scanning would be implimented. So users may say resort to direct 
modem to modem systems thus forcing authorities to routinely tap 
telephone calls, identify modem calls, and analyse these calls. The 
authorities start to use scarce resources provided by those members of 
the public that choose to pay taxes to them. These taxpayers may start to 
get annoyed that resources are being used to do this when it makes no 
difference to their lives. Even if these measures were successful you 
could print your pgp output out to paper, post it to your friend, and she 
could scan it on her computer and decrypt it. The authorities now have to 
start opening mail and implimenting effective means of identifying the 
poster of all mail in the community to ensure compliance. If you posted a 
disk they would need to consume resources routinely scanning every disk 
for encrypted data..imagine the thousands of jobs that would create..and 
the costs to the poor taxpayer of implimenting such a scheme. The public 
starts to get even more annoyed. In fact some members of the public who 
previously didn't give a damn about the crypto nuts now start to sympathise 
with them.

The authorities have to spend even more resources on publicity and scams 
to align privacy advocates with terrorists. Some privacy advocates may 
even become terrorists who before didn't really care for such tactics.

Assume the snail mail route is effectively sqaushed what then? Well you 
could voice call your friend and read the encyphered text to them over 
the phone and they could then run it through pgp and decrypt it. If the 
authorities effectively made this too costly (in terms of risk etc) then 
you could always just jump on a plane and tell them the message 
personally or send someone else to do that for you.

The costs of compliance increase as the authorities take measures to put 
the genie back in the bottle. Stealth versions of popular programs get 
released, and further technological advances are made so that the problem 
becomes greater with respect to compliance as do the costs to the 
taxpayer of ensuring compliance. Encrypted data that cannot be easily 
distinguished form noise would require routine analysis and attempted 
cracking of every bit of data transmitted..a task that would soon bring 
even the great US economy to its knees assuming the people didn't put a 
stop to the madness before it reached that point.

Just as an aside, I am sure the various spook angencies in the 'free 
world' are well aware of these issues and no doubt other issues I have 
not imagined and such considerations have played a part in so far stalling 
an outright ban on the use of effective encryption programs and devices. 
There are always costs to a government in the reduction in freedoms, and 
the ultimate cost to any particular government is that it may stir the 
beast so much that it awakens and takes away that governments authority 
whether by democratic means or otherwise.

> If I understand the reasoning, people beleive it is easier to prevent the
> release of strong crypto. techiniques than to remove them once they are
> released.  
> 
> Once a terrorist has strong crypto, why should they stop using it if it
> becomes illegal?
> 
> Daniel

Or even ordinary mortals...just a thought for consideration :).