[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: GAK "service" charges (Re: EC refutes GAK)
At 12:35 AM -0700 10/22/97, Peter Gutmann wrote:
>Adam Back <[email protected]> writes:
>>Peter Gutmann <[email protected]> writes:
>>>[multiple terabyte CDrom based keying material]
>>Reckon they'll twig, and charge you per megabyte to offer you the "service"
>>of allowing them to "recover" your communications in real time.
>
>Yes, but how will they phrase the requirements? A CD is a single key (in
>fact
>1,000 CD's are all part of a single key)... this leads to the same problem I
>heard of here a few years ago w.r.t. outlawing gangs: "It would be impossible
>to word any comprehensive anti-gang legislation in a manner which didn't also
>outlaw the police". The same goes for certain aspects of escrowing, any
>escrow rules which are in any way practical and useable will also be open to
>all sorts of creative interpretation ("You must deposit a copy of your
>encryption key with the government" -> "Here's the key. Where can I park the
>forklift that moves the container of CD's?").
I fully agree with Adam that GAK/GMR will not be free. (This is, in fact,
one of my biggest objections to GAK/GMR, that it interferes with the
transient and frequent generation of keys for varied purposes.) Nothing
involving the government is free. TANSTAAFL--there ain't no such thing as
a free license.
As to "how will they phrase the requirements?," they'll do it as they do it
so many areas. The _form_ of the allowable crypto will be specified...the
GAK/GMR requirement is a lot more than just a nebulous statement that
"real-time access to keys must be possible."
(Else one could say, "Hey, but my keys _are_ available on a real-time
basis...provided you guys know how to dock with the satellite up in orbit
that carries them--yuk yuk yuk.")
Parallels exist in many areas. A tax form must be filled out in certain
ways, a building permit must conform to certain specifications, and various
licenses are in certain required forms.
A fee, probably on the order of $50/year, with the usual subsidies for poor
people, etc., will stop the "flooding attacks" (which Peter's is a variant
of). Limits on the sizes of the keys will fall out of the actual form
GAK/GMR must take.
I expect GAK will require something like a driver's license, a gun license,
or fishing license. A form to be filled out, a fee to be paid, and spot
checks to ensure compliance (as when a Fish and Game boat pulls alongside
to do a random check of one's catch--note that no search warrant is needed,
at least not in the U.S.).
Whether random checks of e-mail will be admissable under the U.S. First
Amendment, and Fourth, is debatable...this will likely be a core part of
the court challenges to GAK/GMR when it is put into law. Whereas there is
at least some slight amount of plausibility to the claim that "driving is a
privilege, not a right," which is the justification for otherwise-intrusive
inspections of automobiles on the roads, there is no such plausible
argument for saying speech is a privilege and not a right. Not so long as
the First Amendment remains in effect. (Notwithstanding various
chippings-away of it.)
The situation in Australia, New Zealand, Europe, Asia, etc. is probably
different.
--Tim May
The Feds have shown their hand: they want a ban on domestic cryptography
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May | Crypto Anarchy: encryption, digital money,
ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets,
Higher Power: 2^2,976,221 | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."