[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Why is cryptoanarchy irreversible?



At 4:43 PM 11/7/1996, Timothy C. May wrote:
>At 2:24 PM -0800 11/7/96, Peter Hendrickson wrote:
>>> If I understand the reasoning, people beleive it is easier to prevent the
>>> release of strong crypto. techiniques than to remove them once they are
>>> released.
>>
>> The reasons underlying this are what I don't completely understand.
>>
>>> Once a terrorist has strong crypto, why should they stop using it if it
>>> becomes illegal?
>>
>> Use of strong crypto would be a tip off that one is a terrorist.
>>
>> If strong cryptography were unpopular and highly illegal, very few
>> people would be using it.  This makes it easy to identify suspects.
>
> * Identification of high-entropy traffic (putatively: encrypted traffic)
> would require extensive surveillance, tapping, and whatnot. The
> infrastructure for this does not exist, and would cost an enormous amount
> to deploy.

This could be financed by taxing routers, computers, modems, leased
lines, and the like.  The fraction of the total cost of communications
equipment would be minimal.

> * (This is why so many of us want a crackdown on crypto delayed for as long
> as possible: every year that passes means more networks, more intranets,
> more channels, more modes, etc. Satellites, fibers, etc.)

But, in the face of near unanimous belief that strong cryptography must
be stopped, this would not matter.  Most of the operators of this
equipment would be eager to help.

> * High-entropy traffic does not mean encryption, either. And encrypted
> traffic can be twiddled to look like lower-entropy traffic (and I don't
> even mean steganography, I mean adjusting message statistics).

I'm not sure I entirely understand this, but I am as skeptical of
this as I am of reasonably high bandwidth stegonography operated
over several years.  I think this is a real hard problem, especially
if 100% accuracy is not required.

> * Once crypto has become widespread, and is built into mailers, browsers,
> etc., there will be many people already using those old mailers and
> browsers. Throwing Mom and Pop in jail because they forgot to turn off the
> PGP mode in Eudora 4.0 or Netscape 5.0 is not going to go over well, even
> in an era of supposed "zero-tolerance." (And California and Arizona just
> voted to effectively decriminalize pot..."medical use of encryption" on the
> 2005 ballot?)

You are proposing a likely scenario: large numbers of people think there's
nothing wrong with a little encryption now and then.  But, that is not
the scenario I am discussing.  I am discussing the Four Horsemen scenario
where terrible things are enabled by the wide deployment of strong
cryptography.

Most of us would accept greater surveillance and some restrictions of
our liberties if we believed that our lives and fortunes were endangered.

In this environment, you might have a three month grace period for
people to change to legitimate tools.  Then the police would probably
practice a certain amount of discretion.  If they catch Mom or Pop
with a pre-ban crypto program, they'll bring them in and give them
a good talking to, and then let them go.

After a year or two you prosecute.  Mom and Pop will get with the program.

Violators will be seen as being quite irresponsible, regardless of age.

> * Steganography. Entire volumes can be written about this. I believe I was
> the first to propose, in a 1988-89 series of articles on sci.crypt, the use
> of LSBs in image and sound files to transmit huge amounts of information,
> with detection very difficult. As I told Kevin Kelley--reported in his
> "Whole Earth Review" article and in his excellent "Out of Control" book--a
> single DAT tape of a musical recording can easily carry 150-200 MB of
> "message" just in the LSBs!

I strongly suspect that there are patterns in how sensors function
and in real tapes.  They may be subtle.  The government need not reveal
any particular knowledge of these patterns.  All they have to do is
set up a series of labs, each of which is expert in one kind of known
pattern.  When studying a suspect's communications - or tape - the
information gets passed through these labs.  If any of the labs flags
the data as suspicious, a search warrant is issued.  The prosecution
is then based on evidence that the search warrant turned up so the
stego need never be introduced into court.

> Unless all tapes are checked at the border--and what are live tapes, with
> lots of noise in the bottom few bits of each word--to be compared against?
> The mind boggles at the task.

There's no reason why we have to allow live tapes to cross borders
without some questioning and explanations.  Iran did this for many
years when they were trying to keep the Ayatollah's speeches out.
It didn't work, of course, but it did not have popular support, either.

> * "Legitimate needs." The whole notion Peter raises of banning cryptography
> is fraught with problems. Are businesses to be told that all communications
> are to be in the clear? Or is Peter's point that some form of GAK will be
> used?

My point is that the government can do whatever it needs to do if there
is strong public support.  If it is too expensive to decrypt even
GAK'ed communications, then it may be made illegal to encrypt anything.

I am inclined to think that even in the Four Horsemen scenario, the
government would prefer GAK'ed communications because it gives them
greater leverage.  People speak more freely when they think not everybody
can hear what they are saying.

Somebody brought up the Catholic church's custom of confessionals
a few weeks ago and suggested that it was a powerful political
tool.  (Sorry I can't remember who said this.)  I am sure this
is the case.  The priests don't even have to break their vows of
secrecy for this to be the case - they simply summarize the results.

Had the early Christian custom of public confessional been followed,
the Church would have had far less political power.  Of course, once
somebody has confessed deep secrets to you for years, they will be
reluctant to push their luck to far when opposing you.

> (If the latter, then of course we are back to an even better form of
> "stego" than stego itself: superencrypt before using GAK. Unless the
> government samples packets randomly and does what they say they will do to
> open a GAKked packet--e.g., get a court order, go to the escrow key
> holders, etc.--then how will they know if a message is superencrypted? And
> what if a GAKked message contains conventional _codes_? Are shorthand codes
> such as business have long used--"The rain in Rome is warm this month"--to
> be illegal?)

There is no reason at all to assume that the government will get warrants.
For instance, maybe a warrant only applies to people and not to machines.
So, the court could decide - if it were so inclined - that it was not
a violation of the Bill of Rights to automatically scan messages for
suspicious looking material so long as the material itself was not
revealed without a warrant.  Then the results obtained could be used
to justify a warrant, reading of the material by human agents, and
the further issue of more warrants.  To make this convenient they could
even keep a judge in the basement.

> * The point being that "rogue crypto" (terrorists, crypto anarchists,
> freedom fighters) gets lost on the blizzard of other uses. And shutting
> down all crypto means shutting down business use of crypto to protect
> secrets, and probably means an end to digital commerce.

No, GAK does not mean an end to digital commerce or an end to secure
business communications.  It just means that you have to register
with the government for a cryptography license which gives you a
unique public key to use to encrypt your keys for the government's
use.  If the license costs $1000 for ten years that should cover
the costs.  Companies which are terribly worried about compromise
of the government secret key could purchase many of them frequently
to reduce the damage.

(Earlier I said something about GAK harming Net commerce.  It does,
but not irreparably.  It delays its onset and increases its cost.)

> (This is another reason we want to delay action on crypto for as long as
> possible: make encrypted communications so widespread in commerce that to
> pull the plug would mean a financial calamity.)

GAK does not require anybody to pull the plug.  It could be implemented
as an add-on to PGP with extraordinary ease.  PGP (Tim knows this, this
is for others) currently encrypts the session key with the recipients
public key.  You would just have to extend this to also encrypt the
session key with the government key, maybe one you purchase for your
own communications.

> * Intent. It's hard to imagine someone being imprisoned for using
> cryptography, except perhaps in wartime conditions. I may be wrong. Also,
> there are deep Constitutional issues we haven't been much discussing.

If the Four Horsemen scenario were correct, then it is easy to envision
strong public support for the crime of practicing unlicensed cryptography.
If I believed that I might get shot if we didn't have such restrictions,
I would be might inclined to support such laws myself.

The Constitution can be amended, and Judges tend to be compliant when
there is a national consensus and when they want to make very sure that
nobody is using Assassination Politics to put them in the crosshairs.

> * Offshore sites. Even if U.S. citizen-units are proscribed from using
> crypto--a hard thing to do--many crypto-anarchic markets will flourish
> overseas. (If communication with offshore persons or sites is allowed, all
> sorts of things can be done. If such communication is banned, this means a
> profound change in the American system.) [I have not fleshed out the
> arguments here, adequately, so don't focus on this point to rebut the rest
> of my arguments, please.]

Yes, I agree with this.  In many other countries they are going to be
simply too disorganized to outlaw strong crypto.  If the Four Horsemen
scenario is correct, these societies will dissolve into Hell.  Sad,
for them!  The USG may see this as positive in terms of its hegemonic
desires.

But, this does affect the American situation.  Strong border controls
would have to be in place to hamper efforts to bring troublesome
technologies here and to prevent the importation of assassins.

> In another post, Peter posits a condition where people are appalled at the
> implications of crypto and there is no popular support for it. But is he
> implyiung that neighbors will burst into the homes of others to ferret out
> crypto. I doubt this vigilantism will ever happen.

I also doubt that it will happen because it will turn out that
cryptoanarchy is basically a positive development.  Even in the Four
Horsemen scenario, I think it unlikely that vigilantism will be
necessary.  Neighbors will simply inform on their "nerdy" neighbors
and collect that $50,000 reward and feel they did good by doing it.
Search warrants will take care of the rest.

However, I could imagine vigilantism developing if unlicensed cryptography
became sufficiently unpopular.  Certain crimes are seen as so offensive
that many people would be delighted to take the law into their own hands.

There was a border incident during the Second World War between Switzerland
and Germany.  Switzerland ("The Little Porcupine", as the Germans would
have it) was attempting to stay out of the war.  Refugees from Germany
were returned if they were found.  This resulted in some ugly handoff
scenes at the border.  In one of them, an SS man (I believe) who was taking
custody of a family had the poor taste to throw a baby on the ground
as hard as he could.  The Swiss border guard expressed his disapproval
of the man's poor manners by shooting him dead on the spot.

This caused a major diplomatic crisis for Switzerland.

It is interesting to speculate on whether the Swiss border guard did
the right thing, but few people will fail to have a strong visceral
reaction in his favor.  People just don't like seeing children come
to harm.

If unlicensed cryptography were seen as an equivalently heinous crime, you
might well see vigilantism come into the picture.

> (My gun example is apropos. I believe we are fast approaching a point where
> most people want guns outlawed. But it won't happen, as there are not
> enough cops and military people willing to raid private homes in
> contravention of the Bill of Rights and at personal risk to
> themselves....and so it won't happen.

I should point out that when I say "strong public support" I mean something
on the scale of how people feel about murder, not 51% of the voters.
The same thing is true of guns.  Sure, a majority of the people might
vote for gun control, but the gunnies feel so strongly about it and
are so stubborn and so well organized that it isn't really worth the
trouble.

> Once crypto is deeply intertwined into the fabric of life and commerce,
> it'll be too late to pull the plug.

I think this is true, but only because it will be clear that the benefits
of GAK (if there are any) would clearly not be worth the effort.

Peter Hendrickson
[email protected]