[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Suggestion for "the serious encryption customers" to end ITARbattle



At 3:37 PM -0800 12/4/96, Ernest Hua wrote:
>I think we can all agree that the level of confidence in software-only
>approaches to security is clearly lower than combination software plus
>hardware approaches.
>
>It is clear that what is available over the Internet is software.  (It
>is much harder to distribute "hardware" as you can only really
>distribute design information.  The closest analogy could be a FPGA
>program, a Verilog description or some other ASIC net list.)

But of course this is a distinction without a difference, at least for all
but 0.00073% of Internet users. That is, downloading a Verilog or whatever
description would be no more "verifiable to the user" than a software-only
program. In fact, the hardware description _is_ just another program!


>How about the following as an approach to resolving the dispute over
>encryption exports:
>
>1.  Allow arbitrary exports of software-only encryption.

The government will of course not be fooled by this. Whether one accepts my
point that hardware = software (effectively), the government has heretofore
seen software as an important issue.

In fact, I will take issue with my distinguished colleague (are you
satisfied, Logos?) Ernest Hua's point that only hardware provides real
security. To whit, for several years we on the Cypherpunks list have
advocated this strategy:

-- standardized hardware, such as PCs and Soundlaster cards

-- community-checkable software, such as PGP

This combination is preferable to "black boxes" which the average user
cannot verify (not that the average user can verify, say, PGP, but digital
signatures means the average user can more effectively "trust" the
consensus of those who _have_ looked at, say, PGP 2.6ui, and have vouched
for it.

(This debate came up several times when people proposed specialized
hardware, which would be a) hard to verify, b) hard to distribute widely,
and c) something very few people would casually try. Regardless of our
arguments--though perhaps confirming them--there have been no commonly used
hardware widgets or cards used by any significant number of us.)

>2.  Take John Deutch at his word:
>
>    Deutch has claimed that "serious users of cryptography" would not
>    trust software downloaded over the Internet.  We clearly do not
>    agree with him on this aspect, but if he truly believes it (and is
>    not just making PR spin statements for the NSA), then he must
>    believe that allowing software exports will not significantly
>    increase the user base (and therefore, harm CIA's or NSA's
>    intelligence capabilities), but it will shut up the software
>    companies' complaints.

I don't think he believes this. Think: FUD. There is no evidence that
properly authenticated PGP is "weak." And if it were, John Deutch would be
a fool to cast doubt on it. I think they're terrified as hell about
software-only approaches running on widely-available hardware and would
like nothing more than to see hardware-only approaches mandated (as this
would provide slightly more control over exports and distibution). Not that
this'll happen, of course.

--Tim May

Just say "No" to "Big Brother Inside"
We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
[email protected]  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^1398269     | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."