Tech Insider					     Technology and Trends


			      USENET Archives

Newsgroups: misc.activism.progressive
Path: sparky!uunet!gumby!wupost!mont!pencil.cs.missouri.edu!rich
From: tc...@netcom.com (Timothy C. May)
Subject: A Trial Balloon to Ban Encryption?
Message-ID: <1992Oct26.204257.24295@mont.cs.missouri.edu>
Followup-To: sci.crypt
Originator: ri...@pencil.cs.missouri.edu
Sender: ne...@mont.cs.missouri.edu
Nntp-Posting-Host: pencil.cs.missouri.edu
Organization: Netcom - Online Communication Services  (408 241-9760 guest) 
Distribution: na
Date: Mon, 26 Oct 1992 20:42:57 GMT
Approved: m...@pencil.cs.missouri.edu
Lines: 84

Is there a trial balloon being floated to effectively ban encryption?

Noted and influential influential crypto advisor Dorothy Denning has
apparently floated the idea of _public key registration_ in a paper or
talk at the 15th Computer Security Conference in Baltimore, held
recently. Discussion of this is in comp.risks ("RISKS"), so far, but
certainly belongs in this group.

I posted a summary of this position to a private mailing list devoted
to crypto issues and got a huge response of concerned folks. I don't
understand why this is not a hot topic on sci.crypt, so I'll post
something right now.

Here's my understanding of her proposal:

* Anyone using public key cryptography would be required to register
the private key with the appropriate authorities, for example, the
Justice Department.

* To head off the obvious concerns about the government routinely
reading e-mail, financial dealings, etc., this registered key would be
stored at an independent agency after first being encrypted with the
_public key_ of Justice. (That is, the independent key storage agency
would have an unusable key, so _they_ couldn't use it themselves.)

* To obtain a usable form of the private key, Justice would have to
get a valid court order, go to the independent storage agency, present
the order, pick up the key, open it with their own _private key_, and
proceed to open mail, read communications, etc.

This is ostensibly the procedure now used for wiretaps.

But the effect on encryption would be chilling:

-would greatly complicate the rapid changing of keys

-would probably be a way to get "unlicensed" crypto programs off the
market (e.g., don't think about using PGP 2.0, as the key registration
authorities would either insist on another algorithm, or would send
the "registration application" to, for example, RSA Data Security for
legal action)

-would undoubtedly require a "fee" (like a driver's license)

-would interfere with the use of digital pseudonyms, anonymous nets (a
la Chaum's "DC Net" proposal, which some of us are exploring now), and
digital money

-would establish the precedent that private communications are not
legal, that copies of all private communications must be placed in
escrow with the government

Registering keys is no different than, for example, requiring a permit
for every public utterance or for registering typewriters, modems,
computers, fax machines, and copiers. Or banning the use of sealed
envelopes for mail. In Phil Zimmerman's great words, it would be like
requiring all mail to be sent on postcards.

My suspicion, which Prof. Denning will presumably comment on if she's
reading this, is that the government folks have come to understand the
profound implications of modern crypto and are looking for approaches
to head off the coming sea changes. Granted, there are serious
national security threats in using modern crypto methods, but there
are in any of the new technologies, such as those listed above.
Besides, does anyone think all keys will be registered? Hiding bits is
a relatively easy thing to do.

This key registration proposal is more odious than the "backdoors in
telecom equipment" proposal discussed here recently.

Can we remain silent as our liberties are taken away?

I think it was John Gilmore who said: "If encryption is outlawed, only
outlaws will have encryption."

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tc...@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^756839 | PGP 2.0 and MailSafe keys by arrangement.

Newsgroups: comp.org.eff.talk
Path: sparky!uunet!ferkel.ucsb.edu!taco!gatech!darwin.sura.net!
spool.mu.edu!decwrl!decwrl!netcomsv!netcom.com!tcmay
From: tc...@netcom.com (Timothy C. May)
Subject: A Trial Balloon to Ban Encryption?
Message-ID: <1992Oct26.193913.12286@netcom.com>
Organization: Netcom - Online Communication Services  (408 241-9760 guest) 
X-Newsreader: Tin 1.1 PL5
Date: Mon, 26 Oct 1992 19:39:13 GMT
Lines: 26

I recently posted a summary to sci.crypt of noted cryptography advisor
Dorothy Denning's proposal to require that public key systems have
their _private_ keys registered with the authorities.

This is a chilling proposal, and may be yet another "trial balloon"
being floated to see the reaction. Such a proposal would establish the
idea that the government must have access to all communications.

Also, such licensing would greatly complicate the use of
encryption--which may be the real idea--by requiring registration
fees, paperwork, and (probably) only "approved" algorithms. There goes
PGP 2.0 and other novel systems!

Rather than repost my article here, I'll just point to sci.crypt for
discussion of this chilling idea.

Cryptically yours,

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tc...@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^756839 | PGP 2.0 and MailSafe keys by arrangement.

Newsgroups: sci.crypt
Path: sparky!uunet!charon.amdahl.com!pacbell.com!sgiblab!spool.mu.edu!
decwrl!decwrl!netcomsv!netcom.com!strnlght
From: strn...@netcom.com (David Sternlight)
Subject: Re: A Trial Balloon to Ban Encryption?
Message-ID: <1992Oct26.203050.14752@netcom.com>
Organization: Netcom - Online Communication Services (408 241-9760 guest)
References: <1992Oct26.180813.7002@netcom.com>
Date: Mon, 26 Oct 1992 20:30:50 GMT
Lines: 45


Timothy C. May posts a concerned message about the proposal that crypto
keys be registered with the government. I share his concerns, but need
to point out a philosophical error that weakens his arguments.

He says "Granted, there are serious national security threats in using
modern crypto methods..." I think this reflects mental co-option by
the ideas of the Feds. Let's recall that fundamentally, there's nothing
wrong with encryption. There's nothing, even, wrong with encryption
in aid of espionage or other criminal activity. It's the espionage
or other criminal activity that's wrong.

The law enforcement and intelligence agencies have gained much
invaluable national security and anti-crime information through
cryptanalysis. But this activity is based on their skill, not on
circumscribing the rights of the rest of us, particularly the right
to feel secure in our persons and property.

One might as well argue that assassination of foreign leaders (after
proper safeguards) should be made legal because "there are serious
national security threats" otherwise. There ARE limits in a civilized,
constitutional society.

Now the intelligence and anti-crime services, like the proverbial
camel with his nose under the tent, want to redefine what they've
accomplished by skill as a "right" of theirs, and obtain legislation
to force others to give it to them in the face of new technology, by
compulsory and ubiquitous wiretap installations (which we are assured
will only be activated with a court order--remind anyone of any other
place and time?) and now we see this proposal for compulsory access to
encrypted traffic (of course only with a court order). Try to "take
back" your key and your previous traffic if a future bureaucracy eases
the protections.  It's happened before, and secretly.

I am as eager as anyone to promote our own counterespionage and to
stop crime. But there are limits in a free society, and this is one of
them.  It's particularly ironic that this threat to our freedoms comes
at a time when the stakes (nuclear annihilation through a U.S./Soviet
exchange) have diminished.

By the way, there's nothing in my correspondence that I fear anyone
else reading; I see this as a very clear issue of our national
principles, and what I was educated to believe are fundamental
American freedoms.

Newsgroups: sci.crypt
Path: sparky!uunet!think.com!ames!decwrl!concert!samba!usenet
From: Alex.St...@bbs.oit.unc.edu (Alex Strasheim)
Subject: Re: A Trial Balloon to Ban Encryption?
Message-ID: <1992Oct26.230748.5506@samba.oit.unc.edu>
Sender: use...@samba.oit.unc.edu
Nntp-Posting-Host: lambada.oit.unc.edu
Organization: Extended Bulletin Board Service
References: <1992Oct26.180813.7002@netcom.com>
Date: Mon, 26 Oct 1992 23:07:48 GMT
Lines: 20


I was, as I'm sure many others were, very concerned by what I read in Mr.
May's article.  But it seems to me that if we are opposed to those types
of restrictions placed on private communications, then we ought to try to
do something about it.

Does anyone know if there are any consumer or political groups in
existance who would be interested in this issue?  Has anyone tried to get
in touch with Common Cause, for example?  Or tried to organize a letter
writing campaign?

	Alex Strasheim
	ast...@crcnve.unl.edu


--
   The opinions expressed are not necessarily those of the University of
     North Carolina at Chapel Hill, the Campus Office for Information
        Technology, or the Experimental Bulletin Board Service.
           internet:  bbs.oit.unc.edu or 152.2.22.80

Newsgroups: sci.crypt
Path: sparky!uunet!cis.ohio-state.edu!zaphod.mps.ohio-state.edu!
sol.ctr.columbia.edu!spool.mu.edu!decwrl!decwrl!netcomsv!netcom.com!tcmay
From: tc...@netcom.com (Timothy C. May)
Subject: Re: A Trial Balloon to Ban Encryption?
Message-ID: <1992Oct27.035727.10043@netcom.com>
Organization: Netcom - Online Communication Services  (408 241-9760 guest) 
X-Newsreader: Tin 1.1 PL5
References: <1992Oct26.230748.5506@samba.oit.unc.edu>
Date: Tue, 27 Oct 1992 03:57:27 GMT
Lines: 57

Alex Strasheim (Alex.St...@bbs.oit.unc.edu) wrote:
: 
: I was, as I'm sure many others were, very concerned by what I read in Mr.
: May's article.  But it seems to me that if we are opposed to those types
: of restrictions placed on private communications, then we ought to try to
: do something about it.
: 
: Does anyone know if there are any consumer or political groups in
: existance who would be interested in this issue?  Has anyone tried to get
: in touch with Common Cause, for example?  Or tried to organize a letter
: writing campaign?

The leading advocate of electronic freedom appears to be the
Electronic Frontiers Foundation, or EFF. There are two NetNews groups,
comp.org.eff.news and comp.org.eff.talk, which discuss various issues.
See them for details. BTW, I posted a brief article in
comp.org.eff.talk alerting them to this issue and referring to this
thread in sci.crypt.

The ACLU also has some folks working in this area.

The conference "Computers, Freedom, and Privacy" is devoted to these
issues. Another one is coming up in the San Francisco area in a few
months.

By the way, Prof. Dorothy Denning and many other leading computer
security experts were at the 1st CFP, as well as the second. This
attendance, and even apparent sympathy to electronic freedom, does not
such they won't cook up schemes like the one I cited. Bruce Sterling's
new book, "The Hacker Crackdown," describes Denning and her
interactions with Phiber Optik and other well-known hackers.

Without very clear ideas of how the privacy of communications is a
sacrosanct right, expect to see more well-meaning attempts by folks
like Dorothy Denning to place "reasonable" limits on the privacy we
have.

I suspect a "hard line" group like the National Rifle Association is
needed to stop the "death by a thousand cuts" of well-intentioned gun
control legislation, and I suspect the same is true of crypto tools
and privacy. The only difference is that we are unorganized, have no
clout, and don't have millions of members lobbying for our continued
rights.

Maybe we need bumper stickers: "They'll get my crypto tools when they
pry my cold, dead fingers off my keyboard."

Ultimately, though, the technology will be too hard to control. But
the next 20 years could be dicey.
-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tc...@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^756839 | PGP 2.0 and MailSafe keys by arrangement.

Path: sparky!uunet!charon.amdahl.com!pacbell.com!iggy.GW.Vitalink.COM!
cs.widener.edu!eff!sol.ctr.columbia.edu!zaphod.mps.ohio-state.edu!
malgudi.oar.net!caen!sdd.hp.com!wupost!micro-heart-of-gold.mit.edu!
bu.edu!transfer!ellisun.sw.stratus.com!cme
From: c...@ellisun.sw.stratus.com (Carl Ellison)
Newsgroups: sci.crypt
Subject: the Right of Privacy (was Re: A Trial Balloon to Ban Encryption?)
Message-ID: <7553@transfer.stratus.com>
Date: 27 Oct 92 16:11:13 GMT
References: <1992Oct26.180813.7002@netcom.com>
Sender: use...@transfer.stratus.com
Organization: Stratus Computer, Software Engineering
Lines: 76

In article <1992Oct26....@netcom.com> tc...@netcom.com (Timothy C. May) writes:
>Noted and influential influential crypto advisor Dorothy Denning has
>apparently floated the idea of _public key registration_ in a paper or
>talk at the 15th Computer Security Conference in Baltimore, held
>recently.

I saw that in RISKS and had trouble believing my eyes.


>-would establish the precedent that private communications are not
>legal, that copies of all private communications must be placed in
>escrow with the government

> [like]  banning the use of sealed
>envelopes for mail. In Phil Zimmerman's great words, it would be like
>requiring all mail to be sent on postcards.

Exactly.

During the Bork hearings, people kept asking how he stood on the
constitutional right to privacy.  I kept thinking about abortion and
contraception at the time -- privacy of consenting adults to have protected
sex and privacy of a woman and her doctor do decide what she does with her
own body.

It never occurred to me that plain vanilla privacy (my sealed envelopes to
my buddy in CA) might be threatened -- but it's probably the same thing.

As far as I could tell from the debate, it's *not clear* that there is a
right to privacy in this country.  We know there isn't one in the UK, or so
I'm told, and much of our law was inherited from England.

>My suspicion, which Prof. Denning will presumably comment on if she's
>reading this, is that the government folks have come to understand the
>profound implications of modern crypto and are looking for approaches
>to head off the coming sea changes. Granted, there are serious
>national security threats in using modern crypto methods, but there
>are in any of the new technologies, such as those listed above.
>Besides, does anyone think all keys will be registered? Hiding bits is
>a relatively easy thing to do.

And if you're caught with the machinery for hiding bits, that's evidence
that you're a crook, unless you can prove that you've registered with Big
Brother like a good boy or girl.

During the 1940's and 1950's, if you were caught with a hidden pad of
random numbers, the next step was the electric chair for you, the Communist
Spy.

>I think it was John Gilmore who said: "If encryption is outlawed, only
>outlaws will have encryption."



...but if we were to propose a constitutional amendment to establish the
right to privacy, it wouldn't have a prayer of passing.  Not only would
the anti-abortion lobby be against it, the law-and-order folks would
come down hard on it.

After all -- we're guaranteed the right to free, public speech.  We're
allowed to stand on soap boxes and preach all sorts of nonsense.  We're
allowed to have rallies.  But we're not allowed to gather in secret and
whisper among ourselves.  That's a suspected criminal conspiracy.  Only the
Executive Branch is allowed to do that (maybe Congress also).


What's the next step?

Anyone out there have the political savvy to address this?

:-(
-- 
-- <<Disclaimer: All opinions expressed are my own, of course.>>
-- Carl Ellison						c...@sw.stratus.com
-- Stratus Computer Inc.	M3-2-BKW		TEL: (508)460-2783
-- 55 Fairbanks Boulevard ; Marlborough MA 01752-1298	FAX: (508)624-7488

Path: sparky!uunet!think.com!sdd.hp.com!zaphod.mps.ohio-state.edu!
darwin.sura.net!guvax.acc.georgetown.edu!denning
From: den...@guvax.acc.georgetown.edu
Newsgroups: sci.crypt
Subject: Re: A Trial Balloon on Registered Keys
Message-ID: <1992Oct27.143737.1574@guvax.acc.georgetown.edu>
Date: 27 Oct 92 14:37:37 -0500
Distribution: world
Organization: Georgetown University
Lines: 94

The posting about the proposal I made at the NCSC for key registration
is essentially correct.  Let me add to it the following:

1.  The government is not taking any action to curb crypto and is 
unlikely to take any such action in the near future.  No proposal has
been made and no government agency that I am aware of has plans to
make such a proposal. The closest we've had to a proposal was a "Sense
of Congress" resolution in Senate Bill 266 over a year ago.  This 
would not have mandated anything, but said it was the sense of 
Congress that service providers should provide accesss to the 
plaintext of encrypted communications under a court order.  It got a lot of 
opposition and was withdrawn.  Thus, don't panic folks -- this was just me
making a suggestion.  I didn't realize I had that much clout to cause
such a stir and call to arms!  I expect that the next step will be government 
sponsored discussions about crypto policy, probably sponsored by NIST,
at the recommendation of the Computer System Security Advisory Board
headed by Willis Ware.  That will provide a forum to work through these 
issues.  

2.  The reason I made the proposal is because I am concerned that we
may be facing a major crisis in law enforcement.  I expect many of
you will say "that's wonderful" but I don't see it that way.  
Electronic surveillance has been an essential tool in preventing 
serious crimes such as terrorist attacks and destabilizing organized crime.
The economic benefits alone are estimated to be in the billions.  This
issue is not about snooping on innocent citizens but about doing what
we can do prevent major crimes that could seriously disrupt other
liberties.  The problem is likely to get even worse if criminals know
they use the telecommunications systems without any chance of getting
caught.

3.  My proposal was to register your private key with a trustee, 
different from the government.  The key would be encrypted under some
other public key so the trustee couldn't decrypt it.  I have suggested
it be the key of the DOJ, but it could be another independent trustee.
I believe this would provide acceptably good protection since someone
would need to get a court order and then the cooperation of 3 agencies
to get at your communications: the telecommunications provider (to get
the bit stream), the first trustee (to get the encrypted key), and
the second to decrypt it.  Experience with the telecom providers has
been that they are very fussy about court orders -- you have to get
the semicolons right!

You can get even more security by using Silvio Micali's "fair 
public-key cryptosystem" approach.  Called "fair" because it is 
designed to strike a balance between the needs of the Government and
those of the citizens.  With his approach, you would break your key
up into 5 parts and give it to different trustees.  All 5 parts
are needed to reassemble it, but it is possible to veryify the parts
individually and as a whole without putting them together -- 
ingenious!  He presented this at CRYPTO '92. 

4.  Someone suggested that law enforcement routinely taps without
court order.  This is an ungrounded claim for which I have never
seen any evidence.  Regardless, their ability to do this is 
disappearing with the new digital based technologies.  They need the
help of the service providers, who in turn ask for court orders.
Court orders are not all that easy to get as law enforcers have to
document why other approaches have failed etc.

5.  Many people have noted that you could not enforce key 
registration.  They may be right, but I am not throwing in the towel
yet.  Let's take phones, which is what law enforcers are most 
interested in.  Products are emerging that you can attach to your
phone and that will do DES encryption.  Criminals and everyone
else are most likely to use commercial products -- easiest to
get and cheapest.  The products could be designed so key registration
would essentially be part of the sales process.

There can be social benefit to government regulation even when 
regulation is not 100% successful.  None of our laws prevent the
acts they outlaw.  But this does not mean we should get rid of
all laws.  

6.  Some people have said we should not give up our privacy to the
government.  But the constitution does not give us absolute privacy.
We are protected from unreasonable searches and seizures, but not
reasonable ones in response to "probable cause" of crime.  In all
areas of our lives, the government can invade our privacy if they
have good reason to believe we are engaged in major criminal activity.
They can break into our homes, our safes, and so on.  Do we really
want a society where electronic communications cannot ever be broken
when there is good reason to believe some major threat against society
is being planned?  

Thank you for your comments and for encouraging those on the other
news groups to move over to sci.crypt.  I'll try to keep up with
this newsgroup and respond to other comments if appropriate, but
I honestly can't track them all.

Dorothy Denning
den...@cs.georgetown.edu (posting from guvax)

Path: sparky!uunet!pipex!unipalm!uknet!doc.ic.ac.uk!aixssc.uk.ibm.com!
yktnews!admin!newsgate.watson.ibm.com!news.ans.net!europa.asd.contel.com!
gatech!purdue!mentor.cc.purdue.edu!noose.ecn.purdue.edu!samsung!
transfer!ellisun.sw.stratus.com!cme
From: c...@ellisun.sw.stratus.com (Carl Ellison)
Newsgroups: sci.crypt
Subject: Re: A Trial Balloon to Ban Encryption?
Message-ID: <7560@transfer.stratus.com>
Date: 27 Oct 92 16:30:36 GMT
References: <1992Oct26.230748.5506@samba.oit.unc.edu> 
<1992Oct27.035727.10043@netcom.com>
Sender: use...@transfer.stratus.com
Organization: Stratus Computer, Software Engineering
Lines: 42

In article <1992Oct27.0...@netcom.com> tc...@netcom.com (Timothy C. May) writes:

>Ultimately, though, the technology will be too hard to control. But
>the next 20 years could be dicey.


I believe that the technology is already too hard to control but that gives
me no comfort.	

We have corporations monitoring keystrokes to measure productivity -- and
getting away with it (BTW, Stratus doesn't engage in such hideous
behavior).  There are security cameras in my company's building.  What's to
stop the spooks from establishing a right to tap into the security cameras
and the keystroke monitors, if any?

We aren't specially blessed here in the USA.  Watergate should have proved
that.  We could easily become a society in which all computation equipment
has to be registered with the FBI -- proved incapable of providing signal
security or equipped with a tapping port.

Don't forget the (ex-?) director of the NSA saying recently that he considers
good encryption to be strictly munitions -- something to be kept out of the
hands of the civilians.

But, you might argue, if the US Govt were to take such a stupid move,
it would cripple computing in this country and put us at a solid disadvantage.
[sound like the export law discussion?]

No, they would reply -- have all the security you like -- just give us the
keys.  We'll promise not to use them.  You can trust us.




The issue is philosophical.  Do we have a right to keep secrets from the
US Government or don't we?

-- 
-- <<Disclaimer: All opinions expressed are my own, of course.>>
-- Carl Ellison						c...@sw.stratus.com
-- Stratus Computer Inc.	M3-2-BKW		TEL: (508)460-2783
-- 55 Fairbanks Boulevard ; Marlborough MA 01752-1298	FAX: (508)624-7488

Newsgroups: sci.crypt
Path: sparky!uunet!tessi!george
From: geo...@tessi.com (George Mitchell)
Subject: Re: A Trial Balloon on Registered Keys
Message-ID: <1992Oct27.214344.25766@tessi.com>
Organization: Test Systems Strategies, Inc., Beaverton, Oregon
References: <1992Oct27.143737.1574@guvax.acc.georgetown.edu>
Date: Tue, 27 Oct 1992 21:43:44 GMT
Lines: 9

den...@guvax.acc.georgetown.edu (Dorothy Denning) writes a spirited
defense of the trial balloon.

I'll leave the response to that well-known radical, Benjamin Franklin:

"Those who give up a little liberty to obtain safety deserve neither
liberty nor safety."

-- George Mitchell (geo...@tessi.com)

Path: sparky!uunet!destroyer!gatech!darwin.sura.net!
guvax.acc.georgetown.edu!denning
From: den...@guvax.acc.georgetown.edu
Newsgroups: sci.crypt
Subject: Re: A Trial Balloon on Registered Keys
Message-ID: <1992Oct27.175848.1578@guvax.acc.georgetown.edu>
Date: 27 Oct 92 17:58:48 -0500
References: <1992Oct27.143737.1574@guvax.acc.georgetown.edu> 
<1992Oct27.214344.25766@tessi.com>
Distribution: world
Organization: Georgetown University
Lines: 16

> I'll leave the response to that well-known radical, Benjamin Franklin:
> 
> "Those who give up a little liberty to obtain safety deserve neither
> liberty nor safety."
> 
> -- George Mitchell (geo...@tessi.com)
This is a wonderful quote, but I don't see liberty and safety as opposites.  
If I can't walk through some park, say, without a reasonable expectation of
safety, I lose some liberty to move about freely.  Maybe women are 
more sensitive to this than men because we are more vulnerable.  As 
another example, if we as a society don't give up the liberty to kill 
whomever we want or take whatever we want, we also relinquish the 
liberty to live without complete fear of being killed or ripped off.
Society is a contract which requires a lot of give and take.

Dorothy Denning

Path: sparky!uunet!charon.amdahl.com!pacbell.com!sgiblab!darwin.sura.net!
jvnc.net!yale.edu!think.com!ames!purdue!mentor.cc.purdue.edu!
noose.ecn.purdue.edu!samsung!transfer!ellisun.sw.stratus.com!cme
From: c...@ellisun.sw.stratus.com (Carl Ellison)
Newsgroups: sci.crypt
Subject: Re: A Trial Balloon on Registered Keys
Message-ID: <7589@transfer.stratus.com>
Date: 27 Oct 92 21:56:16 GMT
References: <1992Oct27.143737.1574@guvax.acc.georgetown.edu>
Sender: use...@transfer.stratus.com
Organization: Stratus Computer, Software Engineering
Lines: 121

In article <1992Oct27....@guvax.acc.georgetown.edu> 
den...@guvax.acc.georgetown.edu writes:
>Electronic surveillance has been an essential tool in preventing 
>serious crimes such as terrorist attacks and destabilizing organized crime.
>The economic benefits alone are estimated to be in the billions.  This
>issue is not about snooping on innocent citizens but about doing what
>we can do prevent major crimes that could seriously disrupt other
>liberties.  The problem is likely to get even worse if criminals know
>they use the telecommunications systems without any chance of getting
>caught.

Let's take this in pieces:

1.	criminals
2.	terrorists
3.	high school kids

1.	Criminals have been using serious cryptography for decades.  Kahn's
"Codebreakers" includes accounts of cryptanalysis of criminals' systems and
hearings in which those results were presented -- from the 1950's.  (I
 believe it was Mrs. Friedman as the cryptanalyst in those cases.)  Are
you trying to tell us that major organized crime figures which were once
doing good enough cryptography that a major cryptanalyst had to be called
in to break their systems wouldn't have kept up with the state of the art?
These folks are going to be naive and just wait for what is readily
available to the general population and cheap besides?

2.	Terrorists buy military equipment -- serious munitions.  Are you
suggesting that these folks are somehow naive about encryption and waiting
for what they can buy at Radio Shack?  Furthermore, they are usually based
outside the USA -- so they can do their crypto shopping in Europe or Asia.
I'm told that Moscow has some good systems for sale, relatively cheap....

3.	High school kids have personal computers and copies of PGP.  These
are the only possible folks against whom a proposal like this could be
aimed.

	I had a high school kid in my home for a while...and for a while,
my phone was tapped (I was told).  The reason: some friend of my daughter's
was suspected of selling drugs at school -- small bags of pot, to be
specific.

	Look at the war against drugs, in the last 12 years:  Noriega got
supported.  Oliver North's people were running drugs to help the Contras.
But -- private citizens who happen to carry large sums of cash get their
cash confiscated -- with no proof of drug connection -- all in the name
of the war against drugs.


I'm sorry, Dorothy, but I don't buy your argument.  The real threats won't
be affected.  The high school kids will.  This is a war by the Executive
branch against common folk -- not against organized crime figures or
terrorists.  Those are just the excuses for the real war.  Of course, I
don't know *why* that real war is being waged.  It might just be voyeurism.
It might be a belief that once you're in law enforcement, there should be
no secrets from you.  That's for others to discover.  To me, it's something
to be fought.



>3.  My proposal was to register your private key with a trustee, 
>different from the government.  The key would be encrypted under some
>other public key so the trustee couldn't decrypt it.  I have suggested
>it be the key of the DOJ, but it could be another independent trustee.

>You can get even more security by using Silvio Micali's "fair 
>public-key cryptosystem" approach.  Called "fair" because it is 
>designed to strike a balance between the needs of the Government and
>those of the citizens.  With his approach, you would break your key
>up into 5 parts and give it to different trustees.  All 5 parts
>are needed to reassemble it, but it is possible to veryify the parts
>individually and as a whole without putting them together -- 
>ingenious!  He presented this at CRYPTO '92. 


These mechanisms sound like good steps actually -- assuming we can't
establish the absolute right to privacy.

However, the independent trustee should be required by law to keep careful
records of key requests and to make those publicly available via the FOIA.
It might make sense to delay release by a month or two -- but certainly not
for years.

In addition, the independent trustee should not give out a private key
under any circumstances.  That would give blanket ability to decrypt future
traffic.  The trustee should decrypt session keys and give those to the FBI
-- with a court order, log entry and FOIA release for each one.



>4.  Someone suggested that law enforcement routinely taps without
>court order.  This is an ungrounded claim for which I have never
>seen any evidence.					    ^^^^^

Never??  Where were you during Watergate?


>We are protected from unreasonable searches and seizures, but not
>reasonable ones in response to "probable cause" of crime.

What constitutes "probable cause"?  If I have sent some encrypted message,
is that probable cause?

>They can break into our homes, our safes, and so on.  Do we really
>want a society where electronic communications cannot ever be broken
>when there is good reason to believe some major threat against society
>is being planned?

Yup.

I'm no fan of major threats against Society.  I am a foe of major threats
against Society.

To me, the Executive branch constitutes a major threat against Society
-- or rather, it can unless it is kept under strict control.  The Nixon
Administration could happen again.

-- 
-- <<Disclaimer: All opinions expressed are my own, of course.>>
-- Carl Ellison						c...@sw.stratus.com
-- Stratus Computer Inc.	M3-2-BKW		TEL: (508)460-2783
-- 55 Fairbanks Boulevard ; Marlborough MA 01752-1298	FAX: (508)624-7488

Newsgroups: sci.crypt
Path: sparky!uunet!tessi!george
From: geo...@tessi.com (George Mitchell)
Subject: Re: A Trial Balloon on Registered Keys
Message-ID: <1992Oct28.004446.2540@tessi.com>
Organization: Test Systems Strategies, Inc., Beaverton, Oregon
References: <1992Oct27.143737.1574@guvax.acc.georgetown.edu> 
<1992Oct27.214344.25766@tessi.com> 
<1992Oct27.175848.1578@guvax.acc.georgetown.edu>
Date: Wed, 28 Oct 1992 00:44:46 GMT
Lines: 24

den...@guvax.acc.georgetown.edu (Dorothy Denning) writes:
>[. . .]
>If I can't walk through some park, say, without a reasonable expectation of
>safety, I lose some liberty to move about freely.  [. . .]
>Society is a contract which requires a lot of give and take.

These are valid concerns.  People have argued about where to draw the
line between your rights and my rights for centuries, and we're not
going to come up with the definitive answer here, either.

The clever thing that happened a little over 200 years ago in Phila-
delphia, however, is that a bunch of people came up with a dramatic
new way of drawing the line between our rights and the government's
right.  Namely, we have the rights.  The government gets only those
rights which we collectively decide to cede to it.

I agree with you that the government has the right, and indeed the
duty, to ensure that both of us, and our children, can safely walk
through the park of our choice.  But that doesn't make me want it to
be any easier for the government to read my private correspondence,
just on the off chance that I might be discussing something the
government doesn't like.

-- George Mitchell (geo...@tessi.com)

Newsgroups: sci.crypt
Path: sparky!uunet!think.com!ames!decwrl!csus.edu!netcom.com!tcmay
From: tc...@netcom.com (Timothy C. May)
Subject: A New Private Communication stem
Message-ID: <1992Oct28.014947.16736@netcom.com>
Organization: Netcom - Online Communication Services  (408 241-9760 guest) 
X-Newsreader: Tin 1.1 PL5
Date: Wed, 28 Oct 1992 01:49:47 GMT
Lines: 51


Franklin Corp. is pleased to offer a new privacy-enhancing
communication system based on the "W.A.S.T.E." technology of Yoyodyne
Enterprises. This system features:

* Anonymous sending of messages.

* The ability to send extortion threats, bomb threats, and poison pen
messages with nearly no chance of detection.

* A way to send cash to politicians in exchange for their support.

* A means of transporting drugs, contraband, pornographic materials,
and other banned materials. 

We at Franklin Corp. call this secure system  "The U.S. Mail."

....

Seriously, would a system like the current postal delivery system ever
be allowed to start up in today's security state climate? A system
that demonstrably "allows" blackmail (note the term!), bribery of
officials, poison pen anonymous letters, and the aforementioned
shipment of contraband? A system that allows anyone to seal an
envelope and drop it off in the corner mailbox? (Sure, we all grew up
with tales of how Hoover's F.B.I. was able to trace messages to
specific typewriters, to track origins of letters, etc., but mostly
this was hype...the mail delivery system is essentially anonymous
for the sender.)

We should keep this in mind when considering the "reasonable"
suggestions of policy-makers to mandate registration of encryption
keys. Because _some_ people commit crimes using the mail system, would
we support a plan to require escrow depositing of all mail, all
letters, and perhaps even "sealing" of envelopes after inspection of
the contents? Not hardly. Some prices are too high to pay.

I have respect for Dorothy Denning, as I hope my initial posting
conveyed, but not for this particular idea. In any case, it's
important that we in this community thoroughly debate and critique
this idea, lest it suddenly appear in Congress as "S.666" or somesuch.

--Tim
-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tc...@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^756839 | PGP 2.0 and MailSafe keys by arrangement.

Newsgroups: sci.crypt
Path: sparky!uunet!pmafire!news.dell.com!natinst.com!cs.utexas.edu!
zaphod.mps.ohio-state.edu!magnus.acs.ohio-state.edu!usenet.ins.cwru.edu!
agate!ames!decwrl!csus.edu!netcom.com!nagle
From: na...@netcom.com (John Nagle)
Subject: Re: A Trial Balloon on Registered Keys
Message-ID: <1992Oct28.045116.28814@netcom.com>
Organization: Netcom - Online Communication Services  (408 241-9760 guest) 
References: <1992Oct27.143737.1574@guvax.acc.georgetown.edu>
Date: Wed, 28 Oct 1992 04:51:16 GMT
Lines: 36

den...@guvax.acc.georgetown.edu writes:
>The posting about the proposal I made at the NCSC for key registration
>is essentially correct.  Let me add to it the following:
>1.  The government is not taking any action to curb crypto and is 
>unlikely to take any such action in the near future.  

>4.  Someone suggested that law enforcement routinely taps without
>court order.  This is an ungrounded claim for which I have never
>seen any evidence. 
      There is evidence.  See the 1976 congressional hearings on 
wiretapping and electronic surveillance (available in the Government
documents collection of depository libraries).  They identified 
a large number of specific instances where evidence of unauthorized
wiretapping by law enforcement had surfaced, usually as a result of
some scandal.  This is the classic basic source on the subject.
Other sources include various books by ex-FBI agents, including
"Will", by Gordon Liddy, and "Hoover's FBI" (author?).  FBI
practice in that area has been well-documented.

>6.  Some people have said we should not give up our privacy to the
>government.  But the constitution does not give us absolute privacy.
>We are protected from unreasonable searches and seizures, but not
>reasonable ones in response to "probable cause" of crime.  
       The constitutional basis for wiretapping has always been shakey.
Again, I refer to the 1976 congressional hearings for an overview of this
subject.  At least one state (Alabama?) doesn't allow it by state law
enforcement, or so claims a recent issue of FBI Law Enforcement Bulletin.
There's a fundamental distinction between openly searching under a court order
and observing in secret.  The latter is fundamentally at odds with the
notion of a government under law.  It's tolerated by Congress,
as the legislative history of wiretap law makes clear, but Congress
has never really been happy with wiretaps, and has made approval
for legal wiretaps hard to get.

					John Nagle

Newsgroups: sci.crypt
Path: sparky!uunet!zaphod.mps.ohio-state.edu!darwin.sura.net!ra!atkinson
From: atki...@itd.nrl.navy.mil (Randall Atkinson)
Subject: Re: privacy
Message-ID: <BwtzxE.71B@ra.nrl.navy.mil>
Sender: use...@ra.nrl.navy.mil
Organization: Naval Research Laboratory, DC
Distribution: na
Date: Wed, 28 Oct 1992 12:27:13 GMT
Lines: 5

This series of postings belongs in comp.org.eff.talk or maybe
comp.society.privacy or some other place.

sci.crypt is only appropriate for technical discussions, not
discussions of political philosophy...

Newsgroups: sci.crypt
Path: sparky!uunet!shearson.com!snark!pmetzger
From: pmet...@snark.shearson.com (Perry E. Metzger)
Subject: Re: privacy
Message-ID: <1992Oct28.170338.421@shearson.com>
Sender: ne...@shearson.com (News)
Organization: Lehman Brothers
References: <BwtzxE.71B@ra.nrl.navy.mil>
Distribution: na
Date: Wed, 28 Oct 1992 17:03:38 GMT
Lines: 20

atki...@itd.nrl.navy.mil (Randall Atkinson) writes:
>This series of postings belongs in comp.org.eff.talk or maybe
>comp.society.privacy or some other place.
>
>sci.crypt is only appropriate for technical discussions, not
>discussions of political philosophy...

I would normally agree with you, Mr. Atkinson, but this is an
exceptional case. This is not a philosophical issue -- the issue
involved is very much one of life and death, and the people who are
most concerned are precisely those people who are on sci.crypt. I
realize this discussion violates the group charter, but it is of such
intense concern to the cryptography community that this is likely the
most appropriate place for the discussion to occur.

--
Perry Metzger		pmet...@shearson.com
--
"They can have my RSA key when they pry it from my cold dead fingers."
Libertarian Party info: Phone 1-800-682-1776, E-Mail 345-...@mcimail.com

Path: sparky!uunet!destroyer!gatech!darwin.sura.net!
guvax.acc.georgetown.edu!denning
From: den...@guvax.acc.georgetown.edu
Newsgroups: sci.crypt
Subject: Re: A Trial Balloon on Registered Keys
Message-ID: <1992Oct28.152443.1589@guvax.acc.georgetown.edu>
Date: 28 Oct 92 15:24:42 -0500
Distribution: world
Organization: Georgetown University
Lines: 34

Well, if I ever wondered what it would be like to express an unpopular
view, I sure know now!

I can't possible respond to everything, but did want to mention that 
the dialog is good.

I stand corrected on "unauthorized taps."  At the time I wrote it, I
was thinking more of the current situation than the past.  Practices
in the FBI and other law enforcement agencies have changed 
considerably since the days of COINTELPRO and Watergate, but they
seldom get any credit for their reforms or any of the things they
do well.  

Someone mentioned that the government is exempt from the proposed Digital
Telephony legislation.  The reason is that law enforcement already
has access to the premises, so doing a tap is no problem.

Two examples of cases where tapping saved lives:  In one case, the FBI
prevented a terrorist group from shooting down a commercial airliner
with a stolen military weapons system.  In another, they prevented
a porno-ring from kidnaping a 12-year old.  The ring planned to murder
him while making (and then selling) a film about it.  In that case, they 
intercepted voice, fax, and conversations over a BBS.  

Someone said we aren't obliged to make law enforcement easier. 
Our obligation is to follow the laws, however, whatever they are.  If
we don't, we risk the consequences.  Obligation is not a moral
issue, but a legal one, at least as far as penalties go. 

I don't think anyone is even contemplating saving all communications.
The volume would be horrendous.  The Digital Telephony legislation,
as well as existing law, only calls for real-time access.

Dorothy Denning

Path: sparky!uunet!sun-barr!cs.utexas.edu!zaphod.mps.ohio-state.edu!
pacific.mps.ohio-state.edu!linac!att!bu.edu!transfer!ellisun.sw.stratus.com!
cme
From: c...@ellisun.sw.stratus.com (Carl Ellison)
Newsgroups: sci.crypt
Subject: Re: A Trial Balloon on Registered Keys
Message-ID: <7624@transfer.stratus.com>
Date: 28 Oct 92 15:56:34 GMT
References: <1992Oct27.143737.1574@guvax.acc.georgetown.edu> 
<1992Oct28.045116.28814@netcom.com>
Sender: use...@transfer.stratus.com
Organization: Stratus Computer, Software Engineering
Lines: 44

In article <1992Oct28.0...@netcom.com> na...@netcom.com (John Nagle) writes:
>There's a fundamental distinction between openly searching under a court order
>and observing in secret.


Yes!  When a person's property is being searched, the police must present
the search warrant *to that person*, up front.  Black Bag jobs are strictly
illegal.

Let's modify the Denning proposal to have each key be held as a shared
secret (Adi Shamir's 1979 algorithm), with the ACLU and Common Cause in the
list of organizations who have to agree to use the key -- and a computer
system which decrypts session keys from the shared secret inputs, never
releasing the private key -- and immediate notification of the key owner
every time this occurs.


Have the key release threshold require 100% agreement among:

	1.	senate majority leader
	2.	senate minority leader
	3.	house majority leader
	4.	house minority leader
	5.	US Supreme Court
	6.	Department of Justice
	7.	ACLU
	8.	Common Cause
	9.	The Washington Post
	10.	The New York Times

in response to a court order.  Require a court order as usual to capture
the encrypted traffic and let the current machinery operate as it is but if
the traffic is discovered to be encrypted, notify the key owner first and
get all 10 parties to agree that the court order is valid.

Maybe then we have a system which protects our rights.

Of course, the real answer is to outlaw wiretapping.

-- 
-- <<Disclaimer: All opinions expressed are my own, of course.>>
-- Carl Ellison						c...@sw.stratus.com
-- Stratus Computer Inc.	M3-2-BKW		TEL: (508)460-2783
-- 55 Fairbanks Boulevard ; Marlborough MA 01752-1298	FAX: (508)624-7488

Path: sparky!uunet!haven.umd.edu!darwin.sura.net!zaphod.mps.ohio-state.edu!
cs.utexas.edu!sun-barr!rutgers!igor.rutgers.edu!zodiac.rutgers.edu!leichter
From: leic...@zodiac.rutgers.edu
Newsgroups: sci.crypt
Subject: Re: the Right of Privacy (was Re: A Trial Balloon to Ban Encryption?)
Message-ID: <1992Oct28.111437.1@zodiac.rutgers.edu>
Date: 28 Oct 92 16:14:37 GMT
References: <1992Oct26.180813.7002@netcom.com> <7553@transfer.stratus.com>
Sender: ne...@igor.rutgers.edu
Organization: Rutgers University Department of Computer Science
Lines: 84
Nntp-Posting-Host: cancer.rutgers.edu

In article <75...@transfer.stratus.com>, c...@ellisun.sw.stratus.com
(Carl Ellison) writes:
| ... During the Bork hearings, people kept asking how he stood on the
| constitutional right to privacy.  I kept thinking about abortion and
| contraception at the time -- privacy of consenting adults to have protected
| sex and privacy of a woman and her doctor do decide what she does with her
| own body.
| 
| It never occurred to me that plain vanilla privacy (my sealed envelopes to
| my buddy in CA) might be threatened -- but it's probably the same thing.
| 
| As far as I could tell from the debate, it's *not clear* that there is a
| right to privacy in this country.  We know there isn't one in the UK, or so
| I'm told, and much of our law was inherited from England....

Sigh.  It would really help if people had some understanding of law and
history before pontificating about them.  I chose Mr. Ellison's message to
reply to because it's right at hand, but he's hardly alone.

Here's the exact text of the Fourth Amendment:

	The right of the people to be secure in their persons, houses,
	papers, and effects, against unreasonable searches and seizures,
	shall not be violated, and no Warrants shall issue, but upon
	probable cause, supported by Oath or affirmation, and
	particularly describing the place to be searched, and the
	persons or things to be seized.

Note that the word "privacy" does not occur in this Amendment.  In fact, I
don't believe it occurs anywhere in the Constitution or in any Amendment.
(Anyone have the text of the Constitution on line?  It would be really handy
for such discussions.)  A "right to privacy" has been inferred by some judges
from the general philosophy of the Constitution, and from the Ninth and Tenth
Amendments, which reserve unspecified, unmentioned rights and powers to the
people and the states.  The exact extent of such a "right to privacy" has
never been clarified, but it is clearly seen as growing out of the same
philosophy as the rest of the Constitution.

So, what is the Constitutional philosophy on the right to keep our "persons,
houses, papers, and effects" secure?  Read the words.  This is not, and has
never been, an absolute right.  It's a right subject to violation upon
"probable cause", appropriately supported.  NOTHING here supports a right to
communicate messages or store data in a way that cannot be reached by the
government, given an appropriate warrant.  There is NO precedent for such a
right.  The closest you can come are some very specific protections, such as
the protection against self incrimination (a protection adopted, by the way,
not out of any concern for privacy but to help prevent the use of torture or
other means of pressuring confessions - for which it was eventually seen to
be insufficient, leading to the exclusionary rule), the rules of spousal
immunity (to protect "the sanctity of the family", a person cannot be
compelled to testify against his or her spouse; in some cases, cannot even
do so voluntarily.  These rules are under attack today and are on their way
out as holdovers from a bygone era, intended to protect women by keeping them
away from the harsh world of the courts - and really protecting men by ruling
out their wive's testimony against them.), and protection of discussions with
one's lawyer or the clergy.  Note that your "private conversation" with a
friend is anything but:  A court can compel your friend to reveal it.  Even
your consultations with your doctor are generally not immune from a warrant.

Most of the arguments against any government role in cryptography are based
on the principle that Constitutional protections are not enough; messages
should be protected no matter what the government does.  This is totally
outside the Western legal tradition, or any other legal tradition I'm aware
of.  I think you'd have to search long and hard for a judge who would rule
that you had a right to keep information secret even against a properly
executed warrant.  In fact, the courts tend to safeguard their right to compel
testimony aggressively, as they view it as fundamental to their ability to
conduct trials.  Those "sealed envelopes to your buddy in CA" can be opened
under court order, or your buddy can be given the choice of telling what was
in them or sitting in jail.  You never had some of the "rights" you seem to
think you had.

| And if you're caught with the machinery for hiding bits, that's evidence
| that you're a crook, unless you can prove that you've registered with Big
| Brother like a good boy or girl....

Try getting caught with duplicate sets of books some time.  You WILL reveal
your income to the government so that it can adequately determine the taxes
you owe.  You WILL provide enough information about your sources of income
to satisfy the government.  Don't like it?  Afraid that revealing this much
would give away criminal behavior on your part?  Or because you just think
that it's your private business?  Well, that's really too bad for you.

							-- Jerry

Newsgroups: sci.crypt
Path: sparky!uunet!charon.amdahl.com!pacbell.com!sgiblab!
zaphod.mps.ohio-state.edu!saimiri.primate.wisc.edu!ames!decwrl!
decwrl!netcomsv!netcom.com!strnlght
From: strn...@netcom.com (David Sternlight)
Subject: Re: the Right of Privacy (was Re: A Trial Balloon to Ban Encryption?)
Message-ID: <1992Oct28.183929.8933@netcom.com>
Organization: Netcom - Online Communication Services (408 241-9760 guest)
References: <1992Oct26.180813.7002@netcom.com> 
<7553@transfer.stratus.com> <1992Oct28.111437.1@zodiac.rutgers.edu>
Date: Wed, 28 Oct 1992 18:39:29 GMT
Lines: 28


I think Jerry Leichter misses the point when he argues that there's
no inherent right to privacy in the context of this discussion of
cryptography, in the Fourth Amendment.

That amendment gives an absolute right to security in one's "papers"
unless a duly executed warrant based on probable cause is executed.
It does not say one has to be insecure in case a warrant is presented.
Thus one is entitled to absolute communications security, and if
a warrant is presented, one is (legally) compelled to furnish the
plaintext.

What law enforcement agencies are arguing is that a criminal won't
oblige, so they have to have the power to obtain all plaintext
so that when there's a warrant they can obtain the stuff they want.
That is the distortion of the Amendment.

Let's take the situation at the time of drafting the amendment,
when cryptosystems weren't as ubiquitous as now. The amendment
means one had the right to lock up one's papers, and if the
government presented a warrant, had to give them up. IT DID NOT
MEAN EVERYBODY HAD TO DEPOSIT A COPY OF THE KEY TO ONE'S SAFE WITH
THE GOVERNMENT IN CASE A WARRANT WAS ISSUED. Such an interpretation
would have been ludicrous, as is the interpretation today that
one can't use secure cryptography to protect one's papers, or that
one had to give a key to the government in advance of a warrant
issuing.

Newsgroups: sci.crypt
Path: sparky!uunet!tessi!george
From: geo...@tessi.com (George Mitchell)
Subject: Re: A Trial Balloon on Registered Keys
Message-ID: <1992Oct28.214920.15601@tessi.com>
Organization: Test Systems Strategies, Inc., Beaverton, Oregon
References: <1992Oct28.152443.1589@guvax.acc.georgetown.edu>
Date: Wed, 28 Oct 1992 21:49:20 GMT
Lines: 35

den...@guvax.acc.georgetown.edu writes:
>I can't possible respond to everything, but did want to mention that 
>the dialog is good.

It sure is!  Glad we agree on the benefits of the First Amendment,
at least.

>I stand corrected on "unauthorized taps."  At the time I wrote it, I
>was thinking more of the current situation than the past.  Practices
>in the FBI and other law enforcement agencies have changed 
>considerably since the days of COINTELPRO and Watergate, but they
>seldom get any credit for their reforms or any of the things they
>do well.  

I'm pleased to hear this, but if things went wrong once, they're
sure to go wrong again sometime.

>Two examples of cases where tapping saved lives:
>[two heart-wrenching anecdotes omitted]

There's no question that every single right enumerated in the
Constitution occasionally leads to situations just as odious as the
ones you describe.  How about the principle that the burden of proof
is on the Government in criminal cases?  How many murderers have gone
free because of this?  Are you willing to give up on that principle,
just to make sure we punish all the murderers?

Now it's my turn to go out on a limb.  I believe that all the parti-
cipants in this discussion would agree that: When the Government
can show, through legitimately obtained evidence, that a particular
encrypted communication relates to a crime, then they can, after
the fact, subpoena the plaintext of that communication.  What
most of us object to is having to yield the keys before the fact.

-- George Mitchell (geo...@tessi.com)

Path: sparky!uunet!charon.amdahl.com!pacbell.com!ames!purdue!
mentor.cc.purdue.edu!noose.ecn.purdue.edu!samsung!transfer!
ellisun.sw.stratus.com!cme
From: c...@ellisun.sw.stratus.com (Carl Ellison)
Newsgroups: sci.crypt
Subject: Back to crypto (registered keys)
Message-ID: <7648@transfer.stratus.com>
Date: 28 Oct 92 22:36:14 GMT
Sender: use...@transfer.stratus.com
Organization: Stratus Computer, Software Engineering
Lines: 47


Politics aside for a second, there's an interesting crypto problem here.

Let's say, for the sake of argument, that we wanted to let all the phone
companies sell encrypting modems and voice scramblers using triple DES
for the stream encryption (with 3 keys) and RSA for key exchange.

(I'm not promising to send only plaintext to these encrypting modems,
but many people would.)

The purpose is to help thwart industrial espionage and hacker entry.

-------

Now, how do we provide for today's level of wiretapping and still protect
the rights of the individual?

We should be able to design a protocol/system such that:

1.	a digitally signed court order to do a specific wiretap must be
	presented to unbribable/uncrackable machinery in order to recover
	one session key.

2.	digitally signed court orders have expiration dates -- and short
	lives.

3.	an audit of all taps performed is sent immediately to the US major
	news services, encrypted under a key which will become available
	to them after some decent delay (2 days?) and the availability
	of which can not be prevented.

This prevents both un-ordered wiretaps and wiretaps performed because
some judge is in the pocket of the Executive Branch (thanks to news
audit of all taps performed -- of the fact of the tap and the target and
originator, not of the content of the tapped conversation or of the
session key).

#3 is an interesting cryptographic problem.  #1 isn't too bad either.
#2 is straight-forward.



-- 
-- <<Disclaimer: All opinions expressed are my own, of course.>>
-- Carl Ellison						c...@sw.stratus.com
-- Stratus Computer Inc.	M3-2-BKW		TEL: (508)460-2783
-- 55 Fairbanks Boulevard ; Marlborough MA 01752-1298	FAX: (508)624-7488

Xref: sparky sci.crypt:4055 comp.org.eff.talk:
6591 alt.privacy:1962 talk.politics.guns:23087
Newsgroups: sci.crypt,comp.org.eff.talk,alt.privacy,talk.politics.guns
Path: sparky!uunet!ukma!wupost!decwrl!decwrl!netcomsv!netcom.com!tcmay
From: tc...@netcom.com (Timothy C. May)
Subject: Registering "Assault Keys"
Message-ID: <1992Oct28.235027.28039@netcom.com>
Organization: Netcom - Online Communication Services  (408 241-9760 guest) 
X-Newsreader: Tin 1.1 PL5
Date: Wed, 28 Oct 1992 23:50:27 GMT
Lines: 102


Registering "Assault Keys" -- How the Proposal to Register Encryption
Keys Has Ominous Parallels to Gun Control


The recent proposal that encryption keys be registered with the
government has some natural and terrifying implications. (For those to
whom this proposal is new, strange, or disturbing, please see the
debate raging mainly in the newsgroup "sci.crypt".)

Once the principle is established that private communications,
letters, faxes, modem transmissions, etc. must be in a form
readable--under court order, as Dorothy Denning's proposal goes--by
the government, and that "public key encryption" keys must be
registered with the authorities, then we can expect the following:

* _Classes_ of encryption keys, with some especially strong (in a
cryptograhic sense) keys being declared "assault keys," just as
certain classes of semiautomatic rifles have been branded "assault
weapons" and subjected to media villification and even confiscation by
the authorities. In analogy with firearms, there may be "Class 1"
dealers in "dangerous" keys.

* There may even be _bans_ on the registration (and hence use) of
certain classes of algorithms and key lengths. For example,
"civilians" may be allowed to use DES, but not RSA. Or the key length
may be restricted in various ways.

* Strict controls over the types of algorithms allowed. After all,
what use will a key be if the government can't run the algorithm?
This, by the way, will be another way to control the spread of
encryption technology: if only licensed, inspected, and approved
algorithms are acceptable to the key registration authorities,
innovation and experimentation will suffer. This may make RSA Data
Security, Inc., very happy, as it may get the "franchise," while users
of bootleg/contraband/experimental algorithms like PGP 2.0 ("Pretty
Good Privacy") face severe sanctions.

* Spot checks will have to be done to ensure compliance. This may be
done in various ways, such as by randomly checking bitstreams and
demanding the sender open the message. (Note: Many have posted that
this would not be possible. Untrue. The Rehnquist Supreme Court ruled
a couple of years ago that the police could enter a bus and ask the
passengers to "voluntarily" accept a search of their baggage. Failure
to volunteer, so reasoned the court, constituted probable cause for a
search! "Catch-22" meets "1984.")

* The penalties for noncompliance, or for hiding encrypted messages
inside other messages, will likely be severe, else widespread civil
disobedience and claims of "ignorance" will result. (Personally, I
_expect_ widespread noncompliance. Many people will even flaunt their
noncompliance, encrypting truly innocuous messages that few courts,
they will hope, will convict them for. Here in California, the
noncompliance rate for registration of those evil "assault weapons" is
estimated to be as high as 80%.)

(My best guess is that the "RICO" (Racketeer-Influenced and Corrupt
Organizations Act) and civil forfeiture approaches will be used to
simply seize the equipment of anyonone caught sending messages without
the suitable seals of approval. Such seizures, used with suspected gun
sellers, suspected X-rated video sellers, suspected drug dealers. and
so on, have had a profoundly chilling effect.)

* A registration system, even if well-intentioned and secured against
casual government snooping (and some of the multi-party escrow systems
may help do this), will still _greatly complicate_ the use of encryption
and will forestall certain very exciting applications of cryptology.
Many of the new proposals, for things like anonymous credentials to
protect privacy, for digital cash, and for cryptographic voting
systems, essentially require the _dynamic_ generation of keys! That
is, keys are generated frequently as part of the protocols...there is
not single static "public key" that one generates once and then takes
down to the crypto equivalent of the DMV for registration.

* As with guns, true criminals will of course ignore these laws.
Computer networks are already being used for messages that evade
wiretaps (as one example, a Mafia guy in New Jersey, on the run, used a
well-known computer service to communicate untraceably with his wife),
that are used for laundering information and money, and so on. Taking
encryption away from citizens will do nothing.


I urge readers to get involved in this debate.


"If encryption is outlawed, only outlaws--and the NSA--will have encryption."








-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tc...@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^756839 | PGP 2.0 and MailSafe keys by arrangement.

Xref: sparky sci.crypt:4070 comp.org.eff.talk:6594 alt.conspiracy:11676
Newsgroups: sci.crypt,comp.org.eff.talk,alt.conspiracy
Path: sparky!uunet!charon.amdahl.com!pacbell.com!network.ucsd.edu!
swrinde!elroy.jpl.nasa.gov!ames!decwrl!decwrl!netcomsv!netcom.com!tcmay
From: tc...@netcom.com (Timothy C. May)
Subject: Re: A Trial Balloon on Registered Keys
Message-ID: <1992Oct29.022842.8177@netcom.com>
Organization: Netcom - Online Communication Services  (408 241-9760 guest) 
X-Newsreader: Tin 1.1 PL5
References: <1992Oct28.214920.15601@tessi.com>
Date: Thu, 29 Oct 1992 02:28:42 GMT
Lines: 86

Some comments about the National Security Agency (NSA) and why it
wants to restrict wide use of encryption.

George Mitchell (geo...@tessi.com) wrote:

: Now it's my turn to go out on a limb.  I believe that all the parti-
: cipants in this discussion would agree that: When the Government
: can show, through legitimately obtained evidence, that a particular
: encrypted communication relates to a crime, then they can, after
: the fact, subpoena the plaintext of that communication.  What
: most of us object to is having to yield the keys before the fact.

Agreed. The current procedure for subpoenaing documents works fairly
well.

But Prof. Denning's comments clearly indicate the concern is with
catching terrorists, kidnappers, subversives, and other such types _in
the planning stage_. That is, wiretapping and surveillance.

And I'll got out on a limb, too. My suspicion, and that of many
others, is that the case of the FBI catching terrorists before the act
in the U.S. (and there's a well-known case of a Japanese Red Army
terrorist caught in the Midwest several years ago) reveals the sources
the FBI uses. The NSA is the likely source. Only the NSA listening in
on millions of telephone conversations (not banned by any law...the
laws you hear about on wiretapping and surveillance mostly deal with
the FBI, law enforcement, and, supposedly, the CIA. The NSA is almost
completely exempt from such laws.).

If you haven't yet read James Bamford's "The Puzzle Palace," run out
and get a copy and read it. You'll see why former DIRNSA General Odom
called Bamford "an unindicted felon." (Why in the eyes of the National
Security Establishment, that is.)

SIGINT OPERATION MINARET, begun in 1969 when Nixon declared the "War
on Drugs," brought the NSA together with the FBI, CIA, BNDD (Bureau of
Narcotics and Dangerous Drugs, precursor to DEA) to launch a series of
new surveillance programs. In May 1970 the NSA extended routine
surveillance to _pay phones_ in suspect areas (sound familiar, with
the Digital Telephony Bill?). The release of the Pentagon Papers in
1971 revealed the extent of FBI and NSA elsur (electronic
surveillance) on U.S. citizens.

OPERATION SHAMROCK goes back even further. Beginning in 1945, the FBI
and NSA (its precursors, actually, such as Army Signal Corps, etc.)
cooperated to monitor dissidents, radicals, authors, etc. It was not
until October 1973 that about-to-be-fired Attorney General Elliot
Richardson (now fighting for INSLAW in a very similar case, which
Prof. Denning ought to read about) ordered the FBI and the CIA's
"Security Service" (aptly named SS) to stop requesting NSA
surveillance material. In 1977 the Justice Department recommended
against prosecution of the FBI and NSA employees engaged in Shamrock
and Minaret.

Few Americans understand how pervasive is the NSA's listening system.
COINTELPRO, Huston Plan, RCA Global (provided copied of all telegrams
for 40 years!), FINCEN, and so many other keywords! Huge antennas in
West Virginia, in Idaho, and elsewhere (mostly located near major
satellite downlinks). Read Bamford's book. Then be afraid....be _very_
afraid.

Understand that there are virtually no laws governing the NSA's
surveillance of fax machines, modems, the Internet (including all of
these postings, obviously), voice phones, telex and TWX, and on and
on. Because of the "national security" role, wide lattitude is given. 

No doubt some criminal plans are uncovered. The NSA detected, it has
been admitted, the planned bombing of the Berlin discotheque that led to
the '86 raid on Libya. (However, the bombing still occurred...draw your
own conclusions.) But is it worth the price?

Now there is talk of using the NSA's formidable listening abilities
for economic espionage against our economic opponents! 

Is it any wonder the NSA is scared sh..less over the spread of secure
and untappable communications systems?

Be afraid, be _very_ afraid.
-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tc...@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^756839 | PGP 2.0 and MailSafe keys by arrangement.

Newsgroups: sci.crypt
Path: sparky!uunet!shearson.com!snark!pmetzger
From: pmet...@snark.shearson.com (Perry E. Metzger)
Subject: Re: A Trial Balloon on Registered Keys
Message-ID: <1992Oct29.024630.5630@shearson.com>
Sender: ne...@shearson.com (News)
Organization: Lehman Brothers
References: <1992Oct28.152443.1589@guvax.acc.georgetown.edu>
Date: Thu, 29 Oct 1992 02:46:30 GMT
Lines: 170

den...@guvax.acc.georgetown.edu writes:
>Well, if I ever wondered what it would be like to express an unpopular
>view, I sure know now!
>
>I can't possible respond to everything, but did want to mention that 
>the dialog is good.
>
>I stand corrected on "unauthorized taps."  At the time I wrote it, I
>was thinking more of the current situation than the past.  Practices
>in the FBI and other law enforcement agencies have changed 
>considerably since the days of COINTELPRO and Watergate, but they
>seldom get any credit for their reforms or any of the things they
>do well.  

We have no reason to fear them when they are honest, Ms. Denning. It
is when they are dishonest that we need fear them. It is true that
many "reforms" have been made. For example, the NSA now goes to a
secret tribunal before tapping your calls instead of just violating
the law -- of course, the tribunal doesn't ever fail to grant
permission.

I have no doubt in my mind that abuses continue to this day. I have an
aquaintance involved in protesting the building of a home port for
nuclear weaponed ships in Staten Island, New York. The gentleman in
question appears to have had his phone systematically tapped by Naval
Intelligence. This occured a mere few years ago.

>Two examples of cases where tapping saved lives: 

I'm sure there are hundreds of cases where it has saved lives, Ms.
Denning. This is not the point.

You cannot just look at one side of the equation. Banning automobiles
would save 50,000 lives a year in auto accidents. Would you ban them?
No, because there is another side of the equation that you are
missing, which is the cost.

Our system of government has a trial system based on the premise that
we insist on the proof of guilt beyond a reasonable doubt. As a
result, many guilty people go free. Would you change this so that a
few more of the guilty would be put away? No, because there is another
side of the equation, the cost of this action.

Yes, a few criminals will not be caught and a few lives will be lost
because the FBI can't tap every phone at all times. On the other hand,
consider the many tens of millions of people who have died in police
states during this century alone. The risk that our government's power
will go unchecked in a society where all communications can be tapped
at all times is only one possible problem with the society that trades
freedom for safety -- consider also that in the absense of checks
against government power the government can BECOME a police state.

It has been said (I am told by John Gilmore) that it is imperitive in
our technological age that we consider what infrastructural tools
would be needed for an effective police state and assure that the
government never has access to such tools lest a police state arrive.
High on the wish list of all police states is the capacity to tap all
communications. (I would note that a disarmed citizenry is also high
on the priority list for a police state and that the first nation to
ever implement gun control was Nazi Germany for precisely this reason,
but we are debating cryptography, not gun control).

>Someone said we aren't obliged to make law enforcement easier. 
>Our obligation is to follow the laws, however, whatever they are.

What if the law oblidges us to deliver Jews to the hands of
concentration camp operators? What if the law oblidges us to turn our
friends and loved ones into the police for thoughtcrimes? Such laws
have existed in the world in our century, and laws like them exist
today. It is not our obligation to obey an immoral law.

Immoral laws have been passed repeatedly even in democracies. Would
you, Ms. Denning, turn in a friend for marrying someone of a different
race? That was a crime until recently in much of our country, I will
remind you. Would you have assisted the House UnAmerican Activities
Committee in finding and destroying the lives of "communists", simply
because The Law told you that you were obligated to do so?

Beyond this, though, there appears to be the confusion that that which
is legal is equivalent to that which is good. An argument is beginning
in this thread concerning the question of whether your proposal is
constitutional. I believe it is not, but that is beside the point. The
mere fact that it might be constitutional does not make it desirable.

>I don't think anyone is even contemplating saving all communications.
>The volume would be horrendous.

I am not concerned with whether they save ALL communications. I am
concerned with whether they save my communications and those of fellow
dissidents against the current system in our country. I am a political
activist, as I have noted. I am a proponent of the unpopular notion
that people should be left alone to do what they like if they aren't
hurting anyone else. I realize that this was once accepted by most
Americans, but now it is considered radical. It may someday become a
dangerous view to hold, much like the views of those who were accused
of being communists in the 1950s.

J. Edgar Hoover spent much of his carreer producing dossiers on a
large fraction of those people he considered enemies, political or
otherwise. One of his spiritual descendants may decide that I fall
into such a category. The government of East Germany had files on
virtually the whole of the population, you know, and they didn't have
computers to do the hard work for them.

>The Digital Telephony legislation, as well as existing law, only
>calls for real-time access.

More than that, it calls for convenient access. Whereas it currently
requires telephone company assistance to set up a tap, which means
that agents tapping phones at least have to show some phone company
officials their warrant, in the new order of things the FBI would like
to be able to do without those phone company personel. One wonders how
much snooping will occur without anyone knowing, and how much of that
snooping will turn into warrants, the evidence for which is the
euphamistic "confidential informer".

I close with one more thought. In a previous message, you said...

>Do we really want a society where electronic communications cannot
>ever be broken when there is good reason to believe some major threat
>against society is being planned?

This is a question of costs and benefits. If the benefit is that once
every ten years a few hundred people are saved from a terrorist
bombing an airplane versus the potential cost of the whole of the
country being monitored someday by a big brotheresque government that
can use terror and limitless access to information to enslave a
disarmed populace, I will gladly risk being one of the tiny few who
die that I may avoid the risk of being one of the millions who die.

Let us be clear here -- the government is NOT our friend. It is a
terrible instrument we have let lose in order to protect us, but as
with the devil it is a difficult and dangerous creature when it comes
to the pacts one makes with it. We are spoiled by the relative
stability of our government. Do not be fooled. Our government has
lasted a very long time by world standards, mostly because through a
large fraction of our history a dictatorship could not have succeeded
in holding the country. We are rapidly approaching a state where a
dictator COULD hold the country. Let us not be decieved into thinking
that merely because we have yet to suffer the way the people of Chile
or Russia have this century that we are immune to such forces. Our
shield up to this point has been a constitution that made tyranny
impossible. It appears that what is left of that system of protection
is being destroyed.

I fault you, Dr. Denning, not for being one who is conspiring with
those who would enslave us. I believe you are sincere in your belief
that your proposals would make our country a safer place. I do not
fault you either for your disagreement with us on this matter.
Intelligent people can have disagreements on such things. What I fault
you for is this: being a promient member of our community of
cryptographers your word holds considerable weight, likely more than
you realize. As such, you have an obligation to make pronouncements
about weighty matters with considerable care, much as, say, Alan
Greenspan of the Federal Reserve Board must select his words with care
lest he cause the stock market to crash with a careless comment. By
potentially and irresponsibly influencing legislators to take further
steps to erode our liberties, even when they have not yet requested
support for such actions, even while the FBI and other authorities
have yet to suggest that such actions are necessary, you may have
already precipitated action on their part. Considering that this
action has the potential to influence, for good or ill, the lives of
tens of millions of people, I would choose my words with more care
were I a person of your weight in the data security community.

--
Perry Metzger		pmet...@shearson.com
--
"They can have my RSA key when they pry it from my cold dead fingers."
Libertarian Party info: Phone 1-800-682-1776, E-Mail 345-...@mcimail.com

Path: sparky!uunet!ogicse!usenet.coe.montana.edu!decwrl!decwrl!
netcomsv!netcom.com!tcmay
From: tc...@netcom.com (Timothy C. May)
Newsgroups: sci.crypt
Subject: Re: Back to crypto (registered keys)
Message-ID: <1992Oct29.031316.10392@netcom.com>
Date: 29 Oct 92 03:13:16 GMT
Article-I.D.: netcom.1992Oct29.031316.10392
References: <7648@transfer.stratus.com>
Organization: Netcom - Online Communication Services  (408 241-9760 guest)
Lines: 54
X-Newsreader: Tin 1.1 PL5

Carl Ellison (c...@ellisun.sw.stratus.com) wrote:
: 
: Politics aside for a second, there's an interesting crypto problem here.


I think Carl is absolutely right. Besides the obvious policy and
philosophical issues, the Denning/Rivest key registration idea has
many "crypto protocol" aspects. Granted, it's not number theory, but
it's still part of the crypto family.

Some issues:

- Can encryption-within-encryption be detected? How?

- If noise is sent to foil traffic analysis, how will the
Denning/Rivest proposal deal with it? (The general issue that a person
can always shrug and say he was sending random bits. Are there
technical means of proving otherwise?)

- For n-out-of-m voting protocols (to reveal the key) are used, what
are reasonable values for n and m? (This related to the organization
of the "Independed Key Authority.")

- Can it be arranged that only a single message is openable? For
example, that the key to the last 3 years of messages _not_ be
released? (The authorities should only gain access to the _specific_
communication a search warrant is for, and not to all past messages,
for example. And a "wiretap" court order, allowing reading of all
messages, should also not allow reading of messages not covered.)

- What about applications like cryptograhic voting, digital money,
etc.? These systems often involve many keys, sometime generated during
execution of the protocol. How could these be handled?

- Psychologically (further afield from sci.crypt's charter), what will
be the effect on public confidence in such things as digital
signatures and timestamping if it is known that in principle the
government (or others) could obtain the private keys?


These and many other issues are clearly crypto protocol issues, albeit
with some heavy political overtones. Sci.crypt is a much better fit to
this issue than any other group I have seen.

And it is far better that we discuss and debate this issue here and
now with folks like Prof. Denning than that we ignore the issue and
then read about it as a piece of proposed legislation.
-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tc...@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^756839 | PGP 2.0 and MailSafe keys by arrangement.

Newsgroups: sci.crypt
Path: sparky!uunet!spool.mu.edu!caen!zaphod.mps.ohio-state.edu!
pacific.mps.ohio-state.edu!linac!att!cbnewsi!cbnewsh!cbnewsh.cb.att.com!wcs
From: w...@anchor.ho.att.com (Bill Stewart +1-908-949-0705)
Subject: Privacy for Banks - Re: A Trial Balloon on Registered Keys
Organization: Sorcerer's Apprentice Cleaning Services
Date: Thu, 29 Oct 1992 06:10:39 GMT
Message-ID: <WCS.92Oct29011039@rainier.ATT.COM>
In-Reply-To: 
denning@guvax.acc.georgetown.edu's message of 28 Oct 92 15:24:42 -0500
References: <1992Oct28.152443.1589@guvax.acc.georgetown.edu>
Sender: ne...@cbnewsh.cb.att.com (NetNews Administrator)
Nntp-Posting-Host: rainier.ho.att.com
Lines: 56

Dr. Denning suggests that we should all have to register our keys to
make law enforcement's job easier.  I disagree, for lots of reasons.
One reason is banking security.  Banks and other wire-transfer services
are probably the largest non-governmental users of encryption;
banking standards generally use DES-based systems to transfer money.
The systems are already less than perfect, and forcing registration of
all keys with the government would only decrease the security.

The Government don't currently have the right to wiretap all banking
communications, though it does already pry into our private financial
transactions far more than is acceptable in a free society;
giving it the keys to all transactions substantially increases the
ability of a government agency to decide that it NEEDS to inspect all
communications from Bank X to Bank Y to see when Suspicious Citizen Z
is making his transactions, and therefore they need a warrant to get
the keys out of the registry, and while they've got the key they'll
use it to inspect other traffic as well.  

In the past, to get banking records, they either had to ask the bank
nicely or serve a warrant on them, which gives the bank's lawyers a
chance to intervene and make sure only the "right" records are inspected.
With a registry, all they have to do is serve a warrant on the 
Federal Institute for National Keyregistration, which will probably be answered
by the FINKs' lawyers without the bank having a chance to intervene.
Even if the bank IS notified, they're no longer handing over specific records,
which gives them control over which aaccounts are searched,
they're handing over the keys to the system, and the cops get to
examine the financial records in private, without supervision by the banks.

This vastly increases their ability to go on fishing expeditions,
since ANY bank probably has some customer who's a drug user or tax evader 
or who might be moving money around without telling the Feds, 
which is illegal because you might be using the money for something illegal.
Now we're talking about making it illegal to have private conversations,
because you might be talking about moving money around.

Dr. Denning contends that these aren't the old COINTELPRO days any more.
Even if you trust the Clinton Administration to be better behaved than
its predecessors under Nixon or Bush or J.Edgar, and I guess I do,
that's not enough - I'd rather have my privacy STAY adequately protected
when Ollie North becomes President after the economic collapse of 1995 :-).
Gambler's Ruin theory says that the house always wins in the long run,
and bad governments are NOT rare events.  
Remember World War II, when the Army used census data to find where
all the Japanese in California lived?  Sure, you're proposing that the
registry keep the keys private for now, but will they STAY private?

If key registration DOES become mandatory, I hope it's at least free -
there are about 2**32 session keys I plan to register .... only 1/2 :-).
2**32 isn't a lot, but you can use more than one at a time,
and registering 2**64 of them is rather tedious.
--
#				Pray for peace;      Bill
#Bill Stewart 908-949-0705 w...@anchor.ho.att.com AT&T Bell Labs 4M312 Holmdel NJ
# Trickle-Down Economics: Giving money to government bureaucrats 
#	and hoping some will trickle down to the people who need help.

Xref: sparky sci.crypt:4100 comp.org.eff.talk:6611 alt.privacy:
1975 talk.politics.guns:23113
Path: sparky!uunet!think.com!ames!agate!agate!hughes
From: hug...@soda.berkeley.edu (Eric Hughes)
Newsgroups: sci.crypt,comp.org.eff.talk,alt.privacy,talk.politics.guns
Subject: Re: Registering "Assault Keys"
Date: 29 Oct 92 08:06:46
Organization: /accounts/hughes/.organization
Lines: 9
Distribution: inet
Message-ID: <HUGHES.92Oct29080646@soda.berkeley.edu>
References: <1992Oct28.235027.28039@netcom.com>
NNTP-Posting-Host: soda.berkeley.edu
In-reply-to: tcmay@netcom.com's message of Wed, 28 Oct 1992 23:50:27 GMT

In article <1992Oct28.2...@netcom.com> tc...@netcom.com
(Timothy C. May) writes:

>"If encryption is outlawed, only outlaws--and the NSA--will have encryption."

Please pardon Tim for substituting "and" for "including" in the above
sentence.  He's a good sort.

Eric

Path: sparky!uunet!destroyer!gatech!darwin.sura.net!
guvax.acc.georgetown.edu!denning
From: den...@guvax.acc.georgetown.edu
Newsgroups: sci.crypt
Subject: Re: A Trial Balloon on Registered Keys
Message-ID: <1992Oct29.174332.1601@guvax.acc.georgetown.edu>
Date: 29 Oct 92 17:43:32 -0500
Distribution: world
Organization: Georgetown University
Lines: 60

I'll be offline for the next several days but wanted to make a few 
observations.  My mail has been staggering and I apologize to those
of you that I did not answer or sent just a cryptic reply.

The arguments against registration seem to fall into two classes:
1) it's futile and 2) we shouldn't trust the government.  Bill Stewart 
gets my award for the best argument for (1): just register 2**23 keys-
it actually cracked me up when I read it!

I stuck my foot in my mouth again when I said something suggesting 
that our obligation was only to follow the laws.  I guess I meant 
"legal obligation," but then it's a tautology, so I was clearly not
thinking.  I at least like to believe that I would have defied Hitler 
and other such atrocities.  

As a society we do many things to help law enforcement because humans are 
not so great  about doing certain things unless at least mildly coerced.  
How many people would pay their full taxes if employers weren't obliged to 
report their incomes?  (Some of you probably think this is a bad idea
too, but let's not go off onto that tangent.)

Perry Metzger said that under the Digital Telephony legislation, the
government wants to get access to lines without the help of the 
carriers.  This is false.  The legislation reads: "The legislation
does not establish any independent 'dial-up' authority by which 
criminal law enforcement agencies could effectuate interceptions 
without the affirmative assistance of the providers or operators.  The 
providers and operators will continue to make the necessary 
interconnections or issue the necessary switch program instructions to 
effectuate an interception."  The government wants it to be setup so 
that the providers have to activate the taps so that the gov't can't be 
accused of doing unauthorized taps.

Perry also expressed a concern about my speaking before doing all my 
homework.  This reminds me of something Donn Parker said to me 
after I did my study of "hackers", presented a paper on the topic at 
the NCSC, and then helped defend Craig Neidorf.  Donn said I should 
talk to law enforcers and that if I did, I would see it differently.  
I took Donn's advice seriously and visited several people at different 
agencies, including the celebrated Gail Thackery, over the next year.  The 
highlight was LAPD.  If you want to see the world from a different view,
go to LAPD.  Well, this adventure altered how I saw law enforcement,
and I ended up with considerably greater respect for them and 
for the dangers they confront doing their work.  Over the years I have also
worked closely with people in the FBI and other gov't agencies.  I have
considerable respect for the people I've worked with.  Obviously, these are
not the same people that some of you have encountered either directly
or indirectly.  For those of you who think I should now read about government
abuses, I have read Bamford (much of which I distrust), "Spying on
America", and "The FBI in Transition" (highly speculative) and will 
continue reading.

Our rights to electronic privacy have yet to be thoroughly sorted out
like they have for other things.  You can't, for example, rope off 
part of your property and say "sorry government, no trespassing".  We
have the capability to do that with electronic communication and in
this country we're proceeding to do just that without much thought.

Dorothy Denning
den...@cs.georgetown.edu (posting from guvax)

Xref: sparky sci.crypt:4162 comp.org.eff.talk:6631 alt.privacy:
2003 talk.politics.guns:23160
Path: sparky!uunet!hoptoad!pacbell.com!ames!saimiri.primate.wisc.edu!
zaphod.mps.ohio-state.edu!moe.ksu.ksu.edu!engr.uark.edu!mbox.ualr.edu!
grapevine!john.eichler
Newsgroups: sci.crypt,comp.org.eff.talk,alt.privacy,talk.politics.guns
Subject: Re: A Trial Balloon on Registered Keys
Message-ID: <715.517.uupcb@grapevine.lrk.ar.us>
From: john.e...@grapevine.lrk.ar.us (John Eichler) 
Date: 29 Oct 92 17:24:00 GMT
Reply-To: john.e...@grapevine.lrk.ar.us (John Eichler) 
Distribution: world
Organization: The GrapeVine BBS *** N. Little Rock, AR *** (501) 753-8121
Lines: 88


AND THE DEBATE BEGAN WITH... {From: den...@guvax.acc.georgetown.edu}

>My proposal was to register your private key with a trustee ...

>Thus, don't panic folks -- this was just me making a suggestion.  I
 didn't realize I had that much clout to cause such a stir and ...

>Well, if I ever wondered what it would be like to express an unpopular
 view, I sure know now!

WITH A SUGGESTION THAT... {From: tc...@netcom.com (Timothy C. May)}

>I urge readers to get involved in this debate.

WITH EVICTION DEMANDED... {From: atki...@itd.nrl.navy.mil (Randall Atkinson)}
[Please note the '.nrl.navy.mil' above. I didn't realize until now that the
Naval Research Laboratory moderated the cryptology conference... did you?]

>This series of postings belongs in comp.org.eff.talk or maybe
 comp.society.privacy or some other place.

>sci.crypt is only appropriate for technical discussions, not
 discussions of political philosophy...

WITH A RESPONSE OF... {From: pmet...@snark.shearson.com (Perry E. Metzger)}

>I would normally agree with you, Mr. Atkinson, but this is an
 exceptional case. This is not a philosophical issue -- the issue
 involved is very much one of life and death, and the people who are
 most concerned are precisely those people who are on sci.crypt. I
 realize this discussion violates the group charter, but it is of such
 intense concern to the cryptography community that this is likely the
 most appropriate place for the discussion to occur.

AND... {From: tc...@netcom.com (Timothy C. May)}

>These and many other issues are clearly crypto protocol issues, albeit
 with some heavy political overtones. Sci.crypt is a much better fit to
 this issue than any other group I have seen.

>And it is far better that we discuss and debate this issue here and
 now with folks like Prof. Denning than that we ignore the issue and
 then read about it as a piece of proposed legislation.

In following this discussion it becomes quite clear that what is involved
is a very basic issue of to what degree of privacy do you and I have as
citizens living in our country.  The subject is by no means a simple one
for there are excellent arguments on each side being presented.  Before
adding in my comments, I would like to present some more excerpts (for
the benefit of those not currently following the discussion) below:

THE GOOD DOCTOR STATES... {From: den...@guvax.acc.georgetown.edu}

>The reason I made the proposal is because I am concerned that we
 may be facing a major crisis in law enforcement.  I expect many of
 you will say "that's wonderful" but I don't see it that way.

[BTW, I wonder what leads the Professor to believe that many of us will
say "that's wonderful".  I didn't think Usenet was an underground BBS!]

>This issue is not about snooping on innocent citizens but about doing
 what we can do prevent major crimes that could seriously disrupt other
 liberties.

>Some people have said we should not give up our privacy to the
 government.  But the constitution does not give us absolute privacy.
 We are protected from unreasonable searches and seizures, but not
 reasonable ones in response to "probable cause" of crime.  In all
 areas of our lives, the government can invade our privacy if they
 have good reason to believe we are engaged in major criminal activity.
 They can break into our homes, our safes, and so on.  Do we really
 want a society where electronic communications cannot ever be broken
 when there is good reason to believe some major threat against society
 is being planned?

ON THE OTHER SIDE... {From: geo...@tessi.com (George Mitchell)}

>I agree with you that the government has the right, and indeed the
 duty, to ensure that both of us, and our children, can safely walk
 through the park of our choice.  But that doesn't make me want it to
 be any easier for the government to read my private correspondence,
 just on the off chance that I might be discussing something the
 government doesn't like.

---
 . SM 1.06 ----- . Email: john.e...@grapevine.lrk.ar.us                                             

Xref: sparky sci.crypt:4148 comp.org.eff.talk:6620 alt.privacy:
1994 talk.politics.guns:23149
Path: sparky!uunet!europa.asd.contel.com!darwin.sura.net!
zaphod.mps.ohio-state.edu!moe.ksu.ksu.edu!engr.uark.edu!mbox.ualr.edu!
grapevine!john.eichler
Newsgroups: sci.crypt,comp.org.eff.talk,alt.privacy,talk.politics.guns
Subject: Re: A Trial Balloon on Registered Keys
Message-ID: <716.517.uupcb@grapevine.lrk.ar.us>
From: john.e...@grapevine.lrk.ar.us (John Eichler) 
Date: 29 Oct 92 17:24:00 GMT
Reply-To: john.e...@grapevine.lrk.ar.us (John Eichler) 
Distribution: world
Organization: The GrapeVine BBS *** N. Little Rock, AR *** (501) 753-8121
Lines: 88


(part 2)

AND... {From: strn...@netcom.com (David Sternlight)}

>I think Jerry Leichter misses the point when he argues that there's
 no inherent right to privacy in the context of this discussion of
 cryptography, in the Fourth Amendment.

>That amendment gives an absolute right to security in one's "papers"
 unless a duly executed warrant based on probable cause is executed.
 It does not say one has to be insecure in case a warrant is presented.
 Thus one is entitled to absolute communications security, and if
 a warrant is presented, one is (legally) compelled to furnish the
 plaintext.

AND... {From: c...@ellisun.sw.stratus.com (Carl Ellison)}

>Yes!  When a person's property is being searched, the police must present
 the search warrant *to that person*, up front.  Black Bag jobs are strictly
 illegal.

>Let's modify the Denning proposal to have each key be held as a shared
 secret (Adi Shamir's 1979 algorithm), with the ACLU and Common Cause in the
 list of organizations who have to agree to use the key -- and a computer
 system which decrypts session keys from the shared secret inputs, never
 releasing the private key -- and immediate notification of the key owner
 every time this occurs.

AND... {From: c...@ellisun.sw.stratus.com (Carl Ellison)}

>Don't forget the (ex-?) director of the NSA saying recently that he considers
 good encryption to be strictly munitions -- something to be kept out of the
 hands of the civilians.

>The issue is philosophical.  Do we have a right to keep secrets from the
 US Government or don't we?

With all of the above said (and hopefully I didn't distort anyone's meaning
too much with my cut and paste edit job), I would like to add a few comments.

Professor Denning said... {From: den...@guvax.acc.georgetown.edu}

>The government is not taking any action to curb crypto and is
 unlikely to take any such action in the near future.  No proposal has
 been made and no government agency that I am aware of has plans ...

I think we would all be interested in knowing which government agencies
she is talking about.  Care to elaborate Doctor?  BTW, it is nice to know
that at the current time no such action is being taken in this regard.

Continuing... {From: den...@guvax.acc.georgetown.edu}

>I expect that the next step will be government sponsored discussions
 about crypto policy, probably sponsored by NIST, at the recommendation
 of the Computer System Security Advisory Board headed by Willis Ware.
 That will provide a forum to work through these issues.

Is this Computer System Security Advisory Board the proper group to
discuss an individual's right to privacy?  I am asking because I don't
honestly know.

Continuing... {From: den...@guvax.acc.georgetown.edu}

>Someone suggested that law enforcement routinely taps without
 court order.  This is an ungrounded claim for which I have never
 seen any evidence.  Regardless, their ability to do this is
 disappearing with the new digital based technologies.  They need the
 help of the service providers, who in turn ask for court orders.

It has always been my understanding (with paying billions out of my taxes
each year) that our government is in a much better position than anyone
else in the world to have the very latest technology available for such
tasks.  Please correct me if I'm wrong.  Perhaps they can't intercept
56K bps with alligator clips!

Now this makes some sense... {From: geo...@tessi.com (George Mitchell)}

>Now it's my turn to go out on a limb.  I believe that all the parti-
 cipants in this discussion would agree that: When the Government
 can show, through legitimately obtained evidence, that a particular
 encrypted communication relates to a crime, then they can, after
 the fact, subpoena the plaintext of that communication.  What
 most of us object to is having to yield the keys before the fact.

---
 . SM 1.06 ----- . Email: john.e...@grapevine.lrk.ar.us

Xref: sparky sci.crypt:4149 comp.org.eff.talk:6621 alt.privacy:
1995 talk.politics.guns:23150
Path: sparky!uunet!europa.asd.contel.com!darwin.sura.net!
zaphod.mps.ohio-state.edu!moe.ksu.ksu.edu!engr.uark.edu!mbox.ualr.edu!
grapevine!john.eichler
Newsgroups: sci.crypt,comp.org.eff.talk,alt.privacy,talk.politics.guns
Subject: Re: A Trial Balloon on Registered Keys
Message-ID: <717.517.uupcb@grapevine.lrk.ar.us>
From: john.e...@grapevine.lrk.ar.us (John Eichler) 
Date: 29 Oct 92 17:24:00 GMT
Reply-To: john.e...@grapevine.lrk.ar.us (John Eichler) 
Distribution: world
Organization: The GrapeVine BBS *** N. Little Rock, AR *** (501) 753-8121
Lines: 50


(part 3)

Being a law abiding citizen like I assume most of the others are who read
this newsgroup, I realize the need to assist our law enforcement agencies
in waging the war against crime of any type.  On the other hand, I also
feel very strongly about the need for individual security in today's world
of electronic communication.  If I want to send a message to Dr. Denning
telling her personally that I agree with her or one to tell her to go take
a flying leap or one to ask her for a date, I want that to be private just
between us.  It's no one else's business as I see it.

Phil Zimmermann, the motivating force behind PGP said, and I quote...

"It's personal.  It's private. And it's no one's business but yours. ...
Whatever it is, you don't want your private electronic main (E-mail) or
confidential documents read by anyone else.     ... We are moving toward a
future when the nation will be crisscrossed with high capacity fiber optic
data networks linking together all our increasingly ubiquitous personal
computers.  E-mail will be the norm for everyone, not the novelty it is
today.  Perhaps the Government will protect our E-mail with Government-
designed encryption algorithms.  Probably most people will trust that.
But perhaps some people will prefer their own protective measures. ...
PGP enables people to take their privacy into their own hands. There's
a growing social need for it.  That's why I wrote it."

And indeed even Internet has realized the need for privacy in E-mail
messages.  Note that there are three (3) RFCs (at nnsc.nsf.net, ie.,
rfc1113.txt, rfc1114.txt and rfc1115.txt) entitled 'Privacy enhancement
for Internet electronic mail:' Parts 1-3 which specifically deal with this
topic.

This is a complicated subject which definitely needs further clarification.
In this regard, I might throw out a suggestion for each of you to consider.
Might it be a good idea to formulate a group of interested parties (and even
perhaps a new newsgroup) to take the results of this discussion and other
such input and draft a proposed standard which would reflect the general
consensus as to how the security issue and the privacy issue should be
solved. Maybe this is too difficult a task, maybe not.  It would be great
if some members of the government would cooperate in such a task also since
all would benefit from such a standard.  Also both sides would understand
the other side's position better.

The subject of public key cryptography is a very interesting one and one
that certainly will get a lot more attention over the next few years.  In
this regard, now is definitely the time to formulate some policy, if any
exists, in this matter.
---
 . SM 1.06 ----- . Email: john.e...@grapevine.lrk.ar.us

Newsgroups: sci.crypt
Path: sparky!uunet!spool.mu.edu!uwm.edu!zaphod.mps.ohio-state.edu!
usc!cs.utexas.edu!sun-barr!ames!agate!apple!decwrl!netcomsv!
netcom.com!tcmay
From: tc...@netcom.com (Timothy C. May)
Subject: Alarmism and Prof. Denning
Message-ID: <1992Oct29.232953.29368@netcom.com>
Organization: Netcom - Online Communication Services  (408 241-9760 guest) 
X-Newsreader: Tin 1.1 PL5
Date: Thu, 29 Oct 1992 23:29:53 GMT
Lines: 70

Several people have complained, either in this group or in e-mail to
me, that some of my recent comments have been alarmist and detract
from what they consider to be my otherwise well-taken points. Fair
enough.

In one posting I said "Be afraid. Be _very_ afraid." I assumed most
folks would recognize this as the tag line from the movie "Aliens." I
thought it euphonius, so I borrowed it. In any case, having some fear
of what governments may do to us seems to me to be a healthy thing. 

I took great care to be as reasonable and as calm as possible a few
days ago when I posted the first message in this thread ("A Trial
Balloon to Ban Encryption?"). Clearly the key registration idea is
controversial.

Now let me be even _more_ reasonable. I think Professor Denning has
done us a great service, as it has gotten some healthy debate going
about these very important issues. The more than 130 messages, most of
them making excellent points, in this group (and a few others,
peripherally) indicate the intense interest and scrutiny this subject
has attracted. 

Dorothy Denning has long been involved in crypto (she wrote the book,
so to speak) and more recently in hacker matters, as detailed in Bruce
Sterling's new book "The Hacker Crackdown." To assume she is somehow
pushing this idea, in the legislative sense, seems unfounded.  It
seems to me that she thought about some of the serious implications of
widespread crypto use, developed some ideas (as Ron Rivest did last
summer in an article in "IEEE Spectrum"), and talked about them at the
recent Computer Security Conference. Now we may think her particular
idea is wrong, for political and technological reasons, but we should
not villify her for floating the idea.

I used the term "trial balloon" in perhaps a way I should not have. It
may have suggested to some that Prof. Denning, who recently relocated
to the Washington, D.C. area, is part of a cabal of crypto advisors
who are plotting the next stage of our enslavement. (A smiley) So far
as I know--and I hope we'll find out soon enough--there is no proposed
legislation along the lines Prof. Denning suggested. I doubt she was
acting as an agent for the Feds in floating this idea. Just academic
freedom at work.

Furthermore, I favor the open discussion of ideas. I am not one to
fear discussing some new idea, or technology, or whatever, for fear it
will "give Them ideas" or catalyze a crackdown. In an open society
like ours, debate is healthy.

I am happy this issue, which is one of several important crypto policy
issues that have been simmering for a long time, has come to
prominence. I look forward to seeing the debate here.

(The only thing that worries me is that folks may get so clever,
cryptographically speaking, that they patch the flaws in the key
registration proposal and thus make it more likely to become law.
Let's not lose cite of the fundamental issues surrounding liberty,
surveillance, and privacy. But since nearly everyone who has posted so
far seems strongly committed to civil liberties, these worries are
minimal.)

On with the debate.

--Tim
-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tc...@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^756839 | PGP 2.0 and MailSafe keys by arrangement.

Xref: sparky sci.crypt:4241 comp.org.eff.talk:6688 alt.privacy:
2034 talk.politics.guns:23264
Newsgroups: sci.crypt,comp.org.eff.talk,alt.privacy,talk.politics.guns
Path: sparky!uunet!newsgate.watson.ibm.com!yktnews!admin!aixproj!uri
From: u...@watson.ibm.com (Uri Blumenthal,35-016,8621267,)
Subject: Registered Keys - why the need?
Originator: u...@aixproj.watson.ibm.com
Sender: ne...@watson.ibm.com (NNTP News Poster)
Message-ID: <1992Nov01.233637.138278@watson.ibm.com>
Date: Sun, 01 Nov 1992 23:36:37 GMT
Disclaimer: This posting represents the poster's views, 
not necessarily those of IBM
References: <715.517.uupcb@grapevine.lrk.ar.us>
Nntp-Posting-Host: aixproj.watson.ibm.com
Organization: IBM T.J. Watson Research Center
Lines: 59

>>{From: den...@guvax.acc.georgetown.edu}
>>The reason I made the proposal is because I am concerned that we
>>  may be facing a major crisis in law enforcement.  I expect many of
>>  you will say "that's wonderful" but I don't see it that way.
>> 
> [BTW, I wonder what leads the Professor to believe that many of us will
> say "that's wonderful".  I didn't think Usenet was an underground BBS!]

Smiley to the second responder (:-).

Now, I'm really curious, why Ms. Denning suddently becomes concerned 
with what she calls "a major crisis in law enforcement".  Since when 
did  inability of law enforcement  to eavesdrop on anybody's private 
communications at their whim, become a "crisis"?

Now - what is really needed for the law enforcement? To be able to
intercept communications OF A SUSPECT,  WHEN AND ONLY WHEN SUCH
INTERCEPTIONS ARE AUTHORIZED BY THE COURT FOR THAT PARTICULAR
CASE. And you don't have to be Einstein, or Mr. E. Hoover to
guess what normally is being done is such a case:

Experienced guys  from FBI go to that person's house,  and BUG his 
living premises! Maybe even search his papers, and maybe even make 
a dump of his hard drives...In more serious cases and hoping those 
premises aren't TEMPEST-qualified, EME can be picked up,if there's 
enough reason... 

How come this still-practiced method is suddently discarded? 
Eavesdropping on person-per-person basis isn't enough any
more? Why?

Can having to  actually bother with getting the court warrant, and 
then  bother  to send men to a particular place,  and having to do 
that for each "suspect" personally, instead of just keying in some 
code words to your computer  to pick up anything on anybody, be 
called "a major crisis in law enforcement"?!   Well, if yes - 
it's not the law they are officially supposed to enforce!

If the "law enforcement" actually would like to be able to do
routine "surveillance" on the whole populations, picking at
random whoever they want, just to take a look - MAYBE
there's something illegal going on -  only in this 
case "unregistered keys" can be an obstacle...


Ms. Denning,  how comes you aren't aware of that simple 
method of intercepting commmunications?   Or are you in
favor of "surveillance" on much larger scale? Something
nationwide, rather than on case-to-case basis?

Regards,
Uri.
------------
<Disclaimer>
-- 
Regards,
Uri.		u...@watson.ibm.com
------------
<Disclaimer>

Xref: sparky sci.crypt:4304 comp.org.eff.talk:6729 alt.privacy:
2069 talk.politics.guns:23378
Path: sparky!uunet!ukma!darwin.sura.net!guvax.acc.georgetown.edu!denning
From: den...@guvax.acc.georgetown.edu
Newsgroups: sci.crypt,comp.org.eff.talk,alt.privacy,talk.politics.guns
Subject: Re: Registered Keys - why the need?
Message-ID: <1992Nov3.090942.1626@guvax.acc.georgetown.edu>
Date: 3 Nov 92 09:09:42 -0500
References: <715.517.uupcb@grapevine.lrk.ar.us> 
<1992Nov01.233637.138278@watson.ibm.com>
Distribution: world
Organization: Georgetown University
Lines: 117

In article <1992Nov01.2...@watson.ibm.com>, 
u...@watson.ibm.com (Uri Blumenthal,35-016,8621267,) writes:
>>>{From: den...@guvax.acc.georgetown.edu}
>>>The reason I made the proposal is because I am concerned that we
>>>  may be facing a major crisis in law enforcement.  I expect many of
>>>  you will say "that's wonderful" but I don't see it that way.
>>> 
>> [BTW, I wonder what leads the Professor to believe that many of us will
>> say "that's wonderful".  I didn't think Usenet was an underground BBS!]
> 
> Smiley to the second responder (:-).

I apologize for the insult.  What led me to say what I said was that 
many people had said things that I interpreted as disrespectful of
all law enforcement.
 
> Now, I'm really curious, why Ms. Denning suddently becomes concerned 
> with what she calls "a major crisis in law enforcement".  Since when 
> did  inability of law enforcement  to eavesdrop on anybody's private 
> communications at their whim, become a "crisis"?

The word "crisis" is probably too strong.  But let me elaborate on the 
effect of COURT-AUTHORIZED taps.  According to the FBI, they have been
essential in preventing serious criminal activity including organized 
crime, drug trafficking, extortion, terrorism, kidnaping, and murder.  
During the period 1985-1991, court-ordered electronic surveillance 
conducted by the FBI alone led to 7,324 convictions, almost $300 
million in fines being levied, over $750 million in recoveries, 
restitutions, and court-ordered forfeitures, and close to $2 billion in 
prevented potential economic loss.  Since the FBI conducts fewer than 1/3 of 
all court-ordered intercepts, total benefits by all law enforcement 
agencies is considerably higher.  Intercepts have played a major 
role in combatting organized crime.  According to the 1986 President's 
Commission on Organized Crime, OC reduces the output of the U.S. 
economy by $18.2 billion a year (1986 dollars), cost 414,000 jobs, 
raise consumer prices by 0.3%, and lower per capita personal income by 
$77.22.  According to the FBI, the entire hierarchy of OC has been 
neutralized or destabilized through the use of electronic surveillance 
and 30 odd years of success would be reversed if they lost the ability 
to conduct court-authorized electronic surveillance.  In 1988 David
Williams of GAO testified before the Senate that "Evidence gathered 
through electronic surveillance has had a devasting impact on OC."  According 
to the FBI, electronic surveillance has been critical in identifying 
and then dismantling major drug trafficking organizations.  Although
the benefits are hard to quantify, in 1988 the Public Health Service
estimated the health, labor, and crime costs of drug abuse at $58.3
billion.  The FBI also uses electronic surveillance to investigate
government corruption.  The "Ill-Wind" case involving the persons
in the DoD and defense contractors has so far led to 55 convictions
and over $500 million in fines etc.  The use of electronic 
surveillance has prevented several terrorist attacks, including the
bombing of a foreign consulate in the US and a rocket attack against
a US ally.

Wiretapping yields evidence that is considerably more reliable than 
that obtained from other methods such as informants, and is less
dangerous for law enforcers than breaking and entering to install
bugs in homes or offices.  I recently had the good fortune to hear
Ed Tufte give a talk (author of "The Visual Display of Quantitative
Information").  He had a chart that showed why the jury acquitted John
Gotty at one of his trials.  The chart was a list of all the 
informants and the crimes they had committed.  How could the jury 
believe the evidence with that chart?  Electronic surveillance was
essential in the ultimate conviction of Gotty and other OC leaders.  

Nevertheless, wiretapping is not used much because the law requires 
that law enforcers show that other methods have been
tried and have failed (or would be likely to fail) and because it is
expensive.  The average cost of a wiretap in 1991 was $45K.  Most
of this goes to labor.  Those of you who think that law enforcers
are likely to start tapping everyone with or without a warrant need
to do a reality check on cost and government budgets.  Assuming there
are about 100 million lines, the total cost to listen in on them
all would be $4.5 trillion!

If law enforcement loses the ability to conduct court-authorized 
taps, they will have to use other means if even possible, such as
breaking and entering.  This is not necessarily better in terms of
protecting liberties and privacy.
 
> that for each "suspect" personally, instead of just keying in some 
> code words to your computer  to pick up anything on anybody, be 
> called "a major crisis in law enforcement"?!   Well, if yes - 
> it's not the law they are officially supposed to enforce!

Law enforcers are not asking for the ability to activate taps from
a computer.  The Digital Telephony proposal states clearly that 
the service providers are to activate the taps -- with a court
order -- and then route the bits to law enforcement. 

> Or are you in
> favor of "surveillance" on much larger scale? Something
> nationwide, rather than on case-to-case basis?
> 
> Regards,
> Uri

Thank you for the opportunity to clarify this possible misunderstanding. 
I am absolutely opposed to any form of large scale surveillance.  I
do believe in the process of getting warrants and I do support 
wiretapping when a warrant has been obtained.  I am not in favor
of relaxing the requirements to get a warrant.  I don't remember the
details, but at least an FBI agent must go through several levels
within the agency to get a warrant before that is even taken to
a judge.

I believe I said this before, but let me remind everyone that the
government has not proposed that keys be registered.  I believe that
Ron Rivest was the first to make this suggestion.  I made it at the 
NCSC and Silvio Micali has come up with a scheme that is even more
foolproof.  I do not know if any government agency will pick up
on our suggestion or if they'll suggest another.  Are there other
approaches that would give you greater assurance against the
government and still allow for meeting the legitimate needs of
law enforcement?  If so, I'd love to hear them.

Dorothy Denning
den...@cs.georgetown.edu

Path: sparky!uunet!gatech!utkcs2!darwin.sura.net!
guvax.acc.georgetown.edu!denning
From: den...@guvax.acc.georgetown.edu
Newsgroups: sci.crypt
Subject: Lead Balloons
Message-ID: <1992Nov4.125819.1637@guvax.acc.georgetown.edu>
Date: 4 Nov 92 12:58:19 -0500
Distribution: world
Organization: Georgetown University
Lines: 31

If I could take back the words that have come back to haunt me I 
would, but alas this is not possible.  My comment about taxes was
not directed at Mr. Eichler, but perhaps at the ex-cop he wrote
about or the person who wrote me privately suggesting that taxes
themselves were a crime far worse than Organized Crime.  While I 
have considerable faith in the goodness of humanity, I also recognize 
our frailty.  This goodness/frailty is not limited to people either 
inside or outside the government.  How best to deal with human
frailty is no doubt one of the great questions that will not be
solved by me or by cryptography.

While I recognize that the government has a long list of abuses,
Mr. Eichler's example being one of many, I am unconvinced that the
best way to deal with these abuses or by those performed by people
outside the government is by making it harder for law enforcers.
As someone has said, "A society that cannot enforce its laws invites
disrespect for those laws."  But regulating crypto may not be a good
solution either unless we can come up with an acceptable means.

Someone asked whether John Gotti would have used encryption.  I don't
know, but he didn't.  Rumor is that these guys started their 
conversations with some sort of ritual: "Gee, do you suppose they're
listening? ..."  

The $45K per wiretap average came from the "Wiretap Report" for 1991.
It lists all wiretaps for the year -- well, at least the court-ordered
ones :-) 

Dorothy Denning
den...@cs.georgetown.edu

Xref: sparky sci.crypt:4602 alt.privacy:2188 comp.org.eff.talk:6932
Newsgroups: sci.crypt,alt.privacy,comp.org.eff.talk
Path: sparky!uunet!ukma!darwin.sura.net!spool.mu.edu!umn.edu!csus.edu!
netcom.com!tcmay
From: tc...@netcom.com (Timothy C. May)
Subject: A Silver Bullet to Limit Crypto?
Message-ID: <1992Nov11.183644.14979@netcom.com>
Organization: Netcom - Online Communication Services  (408 241-9760 guest) 
X-Newsreader: Tin 1.1 PL5
Date: Wed, 11 Nov 1992 18:36:44 GMT
Lines: 101


Key Registration as a "Silver Bullet" to Limit Crypto Use


Two weeks ago, and more than 500 related messages ago, I posted the
"Trial Balloon to Ban Encryption?" message, alerting sci.crypt and
other newsgroups to the Dorothy Denning "trial balloon." Prof. Denning
has continued the balloon metaphor, calling her first proposal a "lead
balloon" and her improved, law-enforcement-friendly version a "copper
balloon." Others have called it a "uranium balloon," i.e., it's worse
than the lead balloon.

In reading the hundreds of comments about ways to bypass the Denning
proposal, about the many clever schemes to avoid detection, I came to
some realizations about the likely reason for key registration. Also,
at the recent Hackers Conference in Lake Tahoe, lots of interesting
points came up (crypto, PGP, anonymous remailers, digital cash,
privacy, and the "Crypto Crackdown," to borrow Bruce Sterling's title
of "The Hacker Crackdown," were hot topics). Mike Godwin of the EFF,
who may be reading this in comp.org.eff.talk, spoke on such
policies...he told us this kind of crackdown on crypto tools is a
priority of several government agencies and that the issue will not go
away with the new administration.

But why scheme to register keys, by whatever means, if the system is
so easily thwarted and bypassed? Neither Prof. Denning nor her
colleagues, both in and out of the NSA and FBI, are dummies.

The "silver balloon," or silver bullet, is this:

* a formal key registration system will directly affect and limit use
of the _most important_ part of public key systems: the ability to use
public key directories (like phone books) rather than set up all
communications on a one-to-one basis (as private key systems require,
for key exchange, and as many of the key registration bypasses
implicitly or explicitly require).

* enforcement, at least for publicly announced P-K keys, can be by
insisting that a special message ("This is J. Random User.") be signed
with one's registered/deposited key and then verified with the public
key to ensure the same private key-public key pair is used. (Yes,
there are still bypasses and clevernesses to spoof these systems, but
most "publicly visible" use of P-K methods, the main raison d'etre for
public keys, will be affected and effectively controlled.) Keys can
and will be registered under this proposal, but many people will
simply not bother with the hassle and just won't use P-K methods (thus
making the monitoring job easier).

* bypassing the key registration laws by "going underground" is always
possible, but for this purpose one can already use one-time pads, pack
message bits into the least significant bits of digital recordings and
images, and generally do all sorts of other devious things. The key
point is that the wide use of public key methods is reduced, which may
be the real motivation.

* reducing the wide use of crypto technology by the masses allows the
monitoring agencies a slightly easier job in monitoring those who
_are_ using crypto. One can imagine exactly the same arguments for
restricting or registering voice scramblers for phone use: by
requiring registration, fees, etc., many users will simply not bother
to use scrambling (and there may be related to spread the idea that
anyone using scrambling--or crypto in general--is somehow suspect,
must have something to hide, etc.

* the key registration ideas discussed so far severely limit use of
crypto protocols that _dynamically_ generate lots of public keys.
Cryptographic voting, most forms of digital cash, anonymous remailers,
and several other exciting uses all tend to generate a lot of keys "on
the fly." Are all of these to be registered? How? For how much money
per registration? And how long will it take? Weeks?

Instead of concentrating on how these kinds of uses, mentioned by many
people, effectively make the Denning/Rivest/Micali proposals
unworkable, we should look instead at how these proposals may _in
fact_ be aimed at limiting the explosive use of crypto for these new
applications. A government afraid of digital cash, of anonymous
remailing networks, of information markets in technologies, and of
lots of other interesting uses, may see key registration as a way to
contain this explosion.

Even if the private keys kept at the "trusted key authority" were
_never_ looked at by court order or otherwise, the key registration
act itself would place severe limits on the use of modern
cryptographic protocols for novel uses and for wide use by the public.

In this sense, the key registration idea may be a silver bullet, or
balloon, to head off these uses. A chilling effect (the "liquid
nitrogen balloon"?).

Any thoughts on this view?



-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tc...@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^756839 | PGP Public Key: awaiting Macintosh version.

Xref: sparky sci.crypt:4642 alt.privacy:2198 comp.org.eff.talk:6949
Newsgroups: sci.crypt,alt.privacy,comp.org.eff.talk
Path: sparky!uunet!looking!brad
From: br...@clarinet.com (Brad Templeton)
Subject: Re: A Silver Bullet to Limit Crypto?
Organization: ClariNet Communications Corp.
Date: Thu, 12 Nov 1992 04:25:49 GMT
Message-ID: <1992Nov12.042549.11780@clarinet.com>
References: <1992Nov11.183644.14979@netcom.com>
Lines: 24

Sorry to join this too-voluminous-to-read thread at this point, but I
don't understand why people are proposing registration of encryption keys.

The implication seems to be that this is to placate law enforcement people
who want to continue to be able to tap/intercept/read private communications,
perhaps to stop them from trying to ban encryption altogether?

Is this some sort of joke?  Do people seriously suggest such sort of
placation is necessary or a good idea?  Or is it law enforcement that's
pushing for this registration?

There is no need to compromise.  Law enforcement is just going to have to
face a hard fact -- in a few years they won't be able to wiretap.  It is
a heavy price for them to pay, but the other options are simply too much of
a burden on either our freedoms, or our industries.   I think the chance of
them winning a ban on encryption are small.  There is no need for anybody
to compromise with key registration schemes that will be meaningless in the
long run.

(Surely any criminal element would use a registered key for outside encryption
and an unregistered method for inside encryption, facing only the charge of
unregistered encryption if they are wiretapped.)
-- 
Brad Templeton, ClariNet Communications Corp. -- Sunnyvale, CA 408/296-0366

Xref: sparky sci.crypt:4688 alt.privacy:2224 comp.org.eff.talk:6977
Newsgroups: sci.crypt,alt.privacy,comp.org.eff.talk
Path: sparky!uunet!ferkel.ucsb.edu!taco!rock!stanford.edu!ames!
sun-barr!cs.utexas.edu!milano!cactus.org!ritter
From: rit...@cactus.org (Terry Ritter)
Subject: Re: A Silver Bullet to Limit Crypto?
Message-ID: <1992Nov12.202330.22580@cactus.org>
Followup-To: sci.crypt
Organization: Capital Area Central Texas UNIX Society, Austin, Tx
References: <1992Nov11.183644.14979@netcom.com> 
<1992Nov12.042549.11780@clarinet.com>
Date: Thu, 12 Nov 1992 20:23:30 GMT
Lines: 54


 In <1992Nov12.0...@clarinet.com> br...@clarinet.com
 (Brad Templeton) writes:


>Sorry to join this too-voluminous-to-read thread at this point, but I
>don't understand why people are proposing registration of encryption keys.
>
>The implication seems to be that this is to placate law enforcement people
>who want to continue to be able to tap/intercept/read private communications,
>perhaps to stop them from trying to ban encryption altogether?
>
>Is this some sort of joke?  Do people seriously suggest such sort of
>placation is necessary or a good idea?  Or is it law enforcement that's
>pushing for this registration?

 I am reading this under sci.crypt where we have been discussing
 arguments against possible legislation.  There have been a few
 posted, but none come close to the impact of preventing child
 molesting, finding terrorist plots or thwarting assassinations, the
 sort of things which would be used to propose such legislation.

 Basically, I would like to hear a cogent argument which would
 influence legislation.  I doubt that calling it "a joke" would
 do that.


>There is no need to compromise.  Law enforcement is just going to have to
>face a hard fact -- in a few years they won't be able to wiretap.

 The issue is not so much wiretapping, although we will need strong,
 cogent arguments against that as well.  The questionable area is
 the (preservation of?) the ability of society to penetrate
 individual secrecy *after* due process.  Two ways are suggested:

    1. By requiring key registration (presumably, the use of an
       unregistered key would itself be a crime);

    2. By requiring the user to provide access to enciphered
       messages (presumably by retaining ciphertext and keys), with
       the inability to provide such access itself being a crime.

 As to whether or not we "compromise," I can only assume that you
 expect the courts to come to our aid *after* legislation has been
 passed.  Maybe they will, but I think that attitude wastes any
 opportunity we may have to influence the legislation in the first
 place.

 Inevitably there must be limits to all rights.  What are the limits
 on the individual's right to secrecy?

 ---
 Terry Ritter   rit...@cactus.org

Xref: sparky sci.crypt:4691 alt.privacy:2227 comp.org.eff.talk:6979
Path: sparky!uunet!ferkel.ucsb.edu!taco!rock!stanford.edu!ames!sun-barr!
cs.utexas.edu!zaphod.mps.ohio-state.edu!darwin.sura.net!
guvax.acc.georgetown.edu!denning
From: den...@guvax.acc.georgetown.edu
Newsgroups: sci.crypt,alt.privacy,comp.org.eff.talk
Subject: Re: A Silver Bullet to Limit Crypto?
Message-ID: <1992Nov12.172726.1727@guvax.acc.georgetown.edu>
Date: 12 Nov 92 17:27:26 -0500
References: <1992Nov11.183644.14979@netcom.com> 
<1992Nov12.042549.11780@clarinet.com>
Distribution: world
Organization: Georgetown University
Lines: 47

In article <1992Nov12.0...@clarinet.com>, 
br...@clarinet.com (Brad Templeton) writes:
> Sorry to join this too-voluminous-to-read thread at this point, but I
> don't understand why people are proposing registration of encryption keys.

So far as I know, the only people who have floated the idea are Ron 
Rivest, Silvio Micali, and myself.  In my case, I was looking for a 
way that would allow LE to have the capability to decrypt a line with
a court order, but not without one.  My goal was a method that would
provide people with more security than, say, requiring that they use
weak crypto or crypto with trapdoors known to the government.
I am not pushing the idea of key registration.  Many good arguments
have been presented suggesting that it would be unworkable, and
then there is the more general issue of whether crypto should be
even regulated at all.  I don't have answers to these questions.
> 
> The implication seems to be that this is to placate law enforcement people
> who want to continue to be able to tap/intercept/read private communications,
> perhaps to stop them from trying to ban encryption altogether?
> 
As near as I know, there is no attempt on the part of LE to ban 
encryption outright and no proposals are on the floor to limit its
use.  The government folks I know all agree that encryption
is essential to protect communications.
>  
> Is this some sort of joke?  Do people seriously suggest such sort of
> placation is necessary or a good idea?  Or is it law enforcement that's
> pushing for this registration?
>
LE has not asked for registration so there's nobody to placate.
> 
> There is no need to compromise.  Law enforcement is just going to have to
> face a hard fact -- in a few years they won't be able to wiretap.  It is
> a heavy price for them to pay, but the other options are simply too much of
> a burden on either our freedoms, or our industries.   I think the chance of
>
You might be right, but let's make sure we know and understand the 
options and their implications before deciding.  There is also a price
to be paid for LE losing the ability to wiretap that I don't think is
well understood.  I have been trying to understand these implications
while at the same time looking to see if there's some middle ground that would
make it harder for criminals but at the same time protect communications from 
unwarranted taps by LE or anyone else.  

> Brad Templeton, ClariNet Communications Corp. -- Sunnyvale, CA 408/296-0366

Dorothy Denning,
den...@cs.georgetown.edu

Xref: sparky sci.crypt:4735 alt.privacy:2240 comp.org.eff.talk:7007
Path: sparky!uunet!know!mips2!news.bbn.com!noc.near.net!
news.Brown.EDU!qt.cs.utexas.edu!yale.edu!jvnc.net!darwin.sura.net!
zaphod.mps.ohio-state.edu!cs.utexas.edu!sun-barr!ames!agate!linus!
linus.mitre.org!bistromath.mitre.org!ptrei
From: pt...@bistromath.mitre.org (Peter Trei)
Newsgroups: sci.crypt,alt.privacy,comp.org.eff.talk
Subject: Re: A Silver Bullet to Limit Crypto?
Message-ID: <1992Nov13.182730.8977@linus.mitre.org>
Date: 13 Nov 92 18:27:30 GMT
References: <1992Nov11.183644.14979@netcom.com> 
<1992Nov12.042549.11780@clarinet.com> 
<1992Nov12.172726.1727@guvax.acc.georgetown.edu>
Sender: ne...@linus.mitre.org (News Service)
Organization: The MITRE Corporation
Lines: 119
Nntp-Posting-Host: bistromath.mitre.org


     We've really got two separate problems:

     1. The availability of technology which makes communications
surveilance (CS) increasingly cheap, easy, and undetectable. Can we
ensure that it will not be misused, by governments and others?

     2. The wide spread use of strong cryptography (SC) and it's
enabling technology (personal computers). Can we ensure that things
which should not be hidden are not?

     These should be viewed against the background of the increasing
shift towards digital forms of communications and data storage.



     The Communications Surveilance (CS) problem:

     In the past, CS could be and was performed, both legally and
illegally. However, it was sufficiently difficult and resource
intensive that it was restricted to valuable targets.  The average
citizen had no reason to worry about having his or her phone calls
watched for evidence of adultery (still a crime here in
Massachusetts).

     The new technologies change all that - they are an enabler for
casual intrusion and snooping. Digital text can be trivially searched
on the fly, and it is often rumored that overseas phone lines can be
searched by voice recognition (VR) systems (I have no idea if this is
true - I think Bamford talks about it). Even if VR systems are not
practical today, we must assume that tomorrow they will be.

     Many people have little or no faith in procedural restraints on
governmental CS; there have been too many cases of illegal wiretaps.
In this group, Phil Karn has stated that he was told that the
government is resisting digitally encrypted cellphones, despite the
possibility of tapping the landline part of a call, because "A
warrant would be required to gain the telephone company's assistance,
and warrants were considered to be "too impractical" in many cases."

     If this is true, it appears that those who lack faith in the
government have a case.  Even if todays government were composed of
saints and angels, they worry that a future government may not be so
scrupulous.

     The upshot of this is that there is a defensible position that:

"Not only should the government not tap casually without a warrant; it
should not *be* *able* to tap casually, period. Tapping should remain
difficult and expensive enough that it will only be used on targets of
high perceived value. Procedural barriers against improper tapping are
not, and will never be, adequate - they can be eliminated at the
stroke of a pen, or simply ignored."



    The Strong Cryptography problem:

    Strong cryptography (SC) and its relatives (digital signatures,
zero knowledge proofs, et al) are a two edged sword. On one hand,
they can be used as a tool for message security:

* That it comes from whom it says it does.  
* That it has not been tampered with.  
* That no one but the but the sender and intended recipient can read it.

    Most of the readers of this group are aware of the potential
services requiring these attributes. SC *WILL* be widely used in the
near future for a myriad of purposes.

    Many of the services proposed or already in use (eg, Kerberos)
make use of "session keys", which are generated on the fly and used
for brief periods.

    On the other hand, if a document is encrypted with SC, and you
can't obtain the key, you are SOL, regardless of how legitimate is
your need to read it. In an earlier post, you made an analogy to
fencing off a part of your land, and declaring that no one, not even
the government, could enter it without your permission. You felt that
this was absurd - no government could or would tolerate such a
situation.

    They may not have a choice. SC is something new under the sun: as
far as we know, it IS strong. It's discovery within the mathematics
may have fundamentally changed what we can hope to know about a
non-cooperating system or person.  To complicate matters, SC is
*easy*. The software can be developed and run on any personal
computer.

     A blanket ban on the use of SC is utterly impractical - it would
turn the US into an information backwater, as the rest of the world
avoids using our markets, networks, and systems due to their lack of
security, and of services predicated on SC. The US is already losing
in the world marketplace due to the pathetic ban on DES software
exports.

     Requiring key registration is almost as bad. Much of the world
information traffic would again avoid the US due to the hassle it
would present, doubts about the trustworthyness of the key registry,
and the lack of services requiring briefly held session keys.

     My feeling is that the cat is out of the bag. Strong cryptography
is out there, it can and will be used, and it's use cannot be
prevented.  We might be able to check it's use in the US, but doing so
will cripple the US as an economic power.  In the future, law
enforcment organizations will have to rely on other ways to obtain
information, whether they like it or not.

     Ms. Denning: you are designing stable doors, long after the horse
has bolted.

							Peter Trei
							pt...@mitre.org


Disclaimers: 

1. I do not have access to non-public information concerning communications
   surveiliance.

Path: sparky!uunet!ogicse!psgrain!puddle!f93.n104.z1.fidonet.org!Zhahai.Stewart
From: Zhahai....@f93.n104.z1.fidonet.org (Zhahai Stewart)
Newsgroups: comp.org.eff.talk
Subject: Re: A Silver Bullet to Limit Crypto?
Message-ID: <20498.2B09F9FC@puddle.fidonet.org>
Date: 17 Nov 92 23:01:30 GMT
Article-I.D.: puddle.20498.2B09F9FC
Sender: ufg...@puddle.fidonet.org (newsout1.26)
Organization: FidoNet node 1:104/93 - Adelante, Boulder CO
Lines: 49


 > I don't understand why people are proposing registration of encryption 
 > keys.

 Dorothy Denning writes:

 d> So far as I know, the only people who have floated the idea are Ron 
 d> Rivest, Silvio Micali, and myself.  

 Then the following may interest you, from last May, as published in
 Newsbytes (Story by Barbara E. McMullen, 5/15/92, Newsbytes).  You may
 want to add at least one more name to the list, this time an official.

 Donald Delaney, New York State Police senior investigator spoke (along 
 with EFF's Mike Godwin) to the New York Amateur Computer Club's May 1992
 meeting: 

 "During the question and answer period, Delaney suggested that a method
 of resolving the encryption debate would be for third parties, such as 
 banks and insurance companies, to maintain the personal encryption key 
 for those using encryption.  A law enforcement official would then have 
 to obtain a judge's ruling to examine or "tap" the key for future use to 
 decipher the contents of the file or message."

 (Godwin disagreed; discussion ensued.  Perhaps he could tell us more).

 So yes, registration of encryption keys has been suggested (at least 6
 months ago) by a law enforcement official.  Note that this account:

  (1) suggests private key depositories rather than a gov't agency
  (2) does not differentiate between public and single key systems
  (3) does not neccessarily limit itself to public data networks

 I don't know if this suggestion predates or postdates your own; it may
 be independent in any case, given the differences.  I would be interested
 in whether you think this represents an earlier proposal for key 
 registration to resolve the conflicting goals, the spread of your
 proposals into law enforcement, or independent but later thought.
 Delaney is fairly active, so I imagine this was not the only forum 
 at which he was presenting his ideas back then.  Delaney's speciality
 seems to be computer crime, and catching "hackers".  He does not seem
 to be rabid, but he seems to represent the law enforcement viewpoint
 more than the civil liberties side, not surprisingly.
    ~z~


--  
uucp: uunet!m2xenix!puddle!104!93!Zhahai.Stewart
Internet: Zhahai....@f93.n104.z1.fidonet.org

Path: sparky!uunet!ukma!darwin.sura.net!guvax.acc.georgetown.edu!denning
From: den...@guvax.acc.georgetown.edu
Newsgroups: comp.org.eff.talk
Subject: Re: A Silver Bullet to Limit Crypto?
Message-ID: <1992Nov18.152824.1800@guvax.acc.georgetown.edu>
Date: 18 Nov 92 15:28:23 -0500
References: <20498.2B09F9FC@puddle.fidonet.org>
Distribution: world
Organization: Georgetown University
Lines: 51

In article <20498.2...@puddle.fidonet.org>, Zhahai....@f93.n104.z1.fidonet.org 
(Zhahai Stewart) writes:
> 
>  > I don't understand why people are proposing registration of encryption 
>  > keys.
> 
>  Dorothy Denning writes:
> 
>  d> So far as I know, the only people who have floated the idea are Ron 
>  d> Rivest, Silvio Micali, and myself.  
>
>  Then the following may interest you, from last May, as published in
>  Newsbytes (Story by Barbara E. McMullen, 5/15/92, Newsbytes).  You may
>  want to add at least one more name to the list, this time an official.
> 
>  Donald Delaney, New York State Police senior investigator spoke (along 
>  with EFF's Mike Godwin) to the New York Amateur Computer Club's May 1992
>  meeting: 
> 
>  "During the question and answer period, Delaney suggested that a method
>  of resolving the encryption debate would be for third parties, such as 
>  banks and insurance companies, to maintain the personal encryption key 
>  for those using encryption.  A law enforcement official would then have 
>  to obtain a judge's ruling to examine or "tap" the key for future use to 
>  decipher the contents of the file or message."

Obviously my memory leaves something to be desired since I discovered 
that Jim Bidzos (of RSA Data Security) also suggested the idea on a
panel (that I chaired!) at the March Computers,Freedom, and Privacy Conf.
Don Delaney was at the conference, so he might have picked it up from
Jim (his talk was in May).
 
>   (1) suggests private key depositories rather than a gov't agency

I think we're all in agreement on this.

>  I don't know if this suggestion predates or postdates your own; it may

It predates mine.  The first time I publicly mentioned this (that I 
can remember at least :-) was at the National Computer Security Conf.
in October.

>  be independent in any case, given the differences.  I would be interested
>  in whether you think this represents an earlier proposal for key 
>  registration to resolve the conflicting goals, the spread of your
>  proposals into law enforcement, or independent but later thought.

I'm clearly not the first.  It's possible that others have suggested
the idea as well.  It's not particularly "innovative".

Dorothy Denning
den...@cs.georgetown.edu

Path: sparky!uunet!elroy.jpl.nasa.gov!decwrl!hoptoad!gnu
From: gnu@hoptoad.uucp (John Gilmore)
Newsgroups: sci.crypt
Subject: Avoiding infrastructure that tempts police state fate
Message-ID: <39329@hoptoad.uucp>
Date: 29 Nov 92 08:52:07 GMT
References: <1992Oct28.152443.1589@guvax.acc.georgetown.edu> 
<1992Oct29.024630.5630@shearson.com>
Organization: Cygnus Support, Palo Alto
Lines: 43

pmet...@snark.shearson.com (Perry E. Metzger) wrote:
> It has been said (I am told by John Gilmore) that it is imperative in
> our technological age that we consider what infrastructural tools
> would be needed for an effective police state and assure that the
> government never has access to such tools lest a police state arrive.
> High on the wish list of all police states is the capacity to tap all
> communications. 

Here is the passage that you are referring to, from my speech to the
first Computers, Freedom and Privacy conference:

                 We have to realize that people who run the government
  can and do change.  Our society, and our permanent rules, must assume
  that bad people -- criminals even -- will run the government, at least
  part of the time.  ...
  
  The whole conference has spent a lot of time talking about ways to
  control uses of information and to protect peoples' privacy after the
  information was collected.  But that only works if you assume a good
  government.  If we get one seriously bad government, they'll have all
  the information they need to make an efficient police state and make it
  the last government.  It's more than convenient for them -- in fact,
  it's a temptation for people who want to do that, to try to get into
  power and do it.  Because we are giving them the means.

  What if we could build a society where the information was never
  collected?  Where you could pay to rent a video without leaving a
  credit card number or a bank number?  Where you could prove you're
  certified to drive without ever giving your name?  Where you could send
  and receive messages without revealing your physical location, like an
  electronic post office box?

  That's the kind of society I want to build.  I want a guarantee -- with
  physics and mathematics, not with laws -- that we can give ourselves
  things like real privacy of personal communications.   ...
-- 
John Gilmore                g...@toad.com  --  g...@cygnus.com  --  g...@eff.org
				RESTRICTED
    Notice. - This document contains information affecting the national
    defense of the United States within the meaning of the Espionage Act
    (U.S.C. 50: 31, 32).  The transmission of this document or the
    revelation of its contents in any manner to any unauthorized person
    is prohibited.

			        About USENET

USENET (Users’ Network) was a bulletin board shared among many computer
systems around the world. USENET was a logical network, sitting on top
of several physical networks, among them UUCP, BLICN, BERKNET, X.25, and
the ARPANET. Sites on USENET included many universities, private companies
and research organizations. See USENET Archives.

		       SCO Files Lawsuit Against IBM

March 7, 2003 - The SCO Group filed legal action against IBM in the State 
Court of Utah for trade secrets misappropriation, tortious interference, 
unfair competition and breach of contract. The complaint alleges that IBM 
made concentrated efforts to improperly destroy the economic value of 
UNIX, particularly UNIX on Intel, to benefit IBM's Linux services 
business. See SCO vs IBM.

The materials and information included in this website may only be used
for purposes such as criticism, review, private study, scholarship, or
research.

Electronic mail:			       WorldWideWeb:
   tech-insider@outlook.com			  http://tech-insider.org/