9.5.1. "What are the law enforcement and FBI worries?"
- "FBI Director Louis Freeh is worried. The bad guys are
beginning to see the light, and it is digital. ... Freeh
fears some pretty nasty folks have discovered they can
commit highway robbery and more, without even leaving home.
Worse, to Freeh and other top cops, by using some pretty
basic technologies, savvy criminals can do their crimes
without worrying about doing time.
"Some crooks, spies, drug traffickers, terrorists and
frauds already use the tools of the information age to
outfox law enforcement officers. Hackers use PBXs to hide
their tracks as they rip off phone companies and poke
around in other people's files. Reprogrammed cellular
phones give cops fits." [LAN Magazine,"Is it 1984?," by Ted
Bunker, August 1994]
- Their fears have some validity...in the same way that the
rulers in Gutenberg's time could have some concerns about
the implications of books (breaking of guilds, spread of
national secrets, pornography, atheism, etc.).
9.5.2. "What motivated Clipper? What did the Feds hope to gain?"
- ostensibly to stop terrorists (only the unsophisticated
ones, if alternatives are allowed)
- to force a standard on average Americans
- possibly to limit crypto development
+ Phil Karn provides an interesting motivation for Clipper:
"Key escrow exists only because the NSA doesn't want to
risk blame if some terrorist or drug dealer were to use an
unescrowed NSA-produced .....The fact that a terrorist or
drug dealer can easily go elsewhere and obtain other strong
or stronger algorithms without key escrow is irrelevant.
The NSA simply doesn't care as long as *they* can't be
blamed for whatever happens. Classic CYA, nothing
more.....A similar analysis applies to the export control
regulations regarding cryptography." [Phil Karn, 1994-08-
31]
- Bill Sommerfeld notes: "If this is indeed the case, Matt
Blaze's results should be particularly devastating to
them." [B.S., 1994-09-01]
9.5.3. Steve Witham has an interesting take on why folks like
Dorothy Denning and Donn Parker support key escrow so
ardently:
- "Maybe people like Dot and Don think of government as a
systems-administration sort of job. So here they are,
security experts advising the sys admins on things like...
setting permissions
allocating quotas
registering users and giving them passwords.....
deciding what utilities are and aren't available
deciding what software the users need, and installing it
(grudgingly, based on who's yelling the loudest)
setting up connections to other machines
deciding who's allowed to log in from "foreign hosts"
getting mail set up and running
buying new hardware from vendors
specifying the hardware to the vendors
...
"These are the things computer security experts advise on.
Maybe hammer experts see things as nails.
"Only a country is not a host system owned and administered
by the government, and citizens are not guests or users."
[Steve Witham, Government by Sysadmin, 1994-03-23]
9.5.4. Who would want to use key escrow?
9.5.5. "Will strong crypto really thwart government plans?"
- Yes, it will give citizens the basic capabilities that
foreign governments have had for many years
+ Despite talk about codebreakes and the expertise of the
NSA, the plain fact is that no major Soviet ciphers have
been broken for many years
+ recall the comment that NSA has not really broken any
Soviet systems in many years
- except for the cases, a la the Walker case, where
plaintext versions are gotten, i.e., where human
screwups occurred
- the image in so many novels of massive computers breaking
codes is absurd: modern ciphers will not be broken (but the
primitive ciphers used by so many Third World nations and
their embassies will continue to be child's play, even for
high school science fair projects...could be a good idea
for a small scene, about a BCC student who has his project
pulled)
9.5.6. "Why does the government want short keys?"
- Commercial products have often been broken by hackers. The
NSA actually has a charter to help businesses protect their
secrets; just not so strongly that the crypto is
unbreakable by them. (This of course has been part of the
tension between the two sides of the NSA for the past
couple of decades.)
+ So why does the government want crippled key lengths?
- "The question is: how do you thwart hackers while
permitting NSA access? The obvious answer is strong
algorithm(s) and relatively truncated keys." [Grady Ward,
sci.crypt, 1994-08-15]
By Tim May, see README
HTML by Jonathan Rochkind