9.5.1. "What are the law enforcement and FBI worries?" - "FBI Director Louis Freeh is worried. The bad guys are beginning to see the light, and it is digital. ... Freeh fears some pretty nasty folks have discovered they can commit highway robbery and more, without even leaving home. Worse, to Freeh and other top cops, by using some pretty basic technologies, savvy criminals can do their crimes without worrying about doing time. "Some crooks, spies, drug traffickers, terrorists and frauds already use the tools of the information age to outfox law enforcement officers. Hackers use PBXs to hide their tracks as they rip off phone companies and poke around in other people's files. Reprogrammed cellular phones give cops fits." [LAN Magazine,"Is it 1984?," by Ted Bunker, August 1994] - Their fears have some validity...in the same way that the rulers in Gutenberg's time could have some concerns about the implications of books (breaking of guilds, spread of national secrets, pornography, atheism, etc.). 9.5.2. "What motivated Clipper? What did the Feds hope to gain?" - ostensibly to stop terrorists (only the unsophisticated ones, if alternatives are allowed) - to force a standard on average Americans - possibly to limit crypto development + Phil Karn provides an interesting motivation for Clipper: "Key escrow exists only because the NSA doesn't want to risk blame if some terrorist or drug dealer were to use an unescrowed NSA-produced .....The fact that a terrorist or drug dealer can easily go elsewhere and obtain other strong or stronger algorithms without key escrow is irrelevant. The NSA simply doesn't care as long as *they* can't be blamed for whatever happens. Classic CYA, nothing more.....A similar analysis applies to the export control regulations regarding cryptography." [Phil Karn, 1994-08- 31] - Bill Sommerfeld notes: "If this is indeed the case, Matt Blaze's results should be particularly devastating to them." [B.S., 1994-09-01] 9.5.3. Steve Witham has an interesting take on why folks like Dorothy Denning and Donn Parker support key escrow so ardently: - "Maybe people like Dot and Don think of government as a systems-administration sort of job. So here they are, security experts advising the sys admins on things like... setting permissions allocating quotas registering users and giving them passwords..... deciding what utilities are and aren't available deciding what software the users need, and installing it (grudgingly, based on who's yelling the loudest) setting up connections to other machines deciding who's allowed to log in from "foreign hosts" getting mail set up and running buying new hardware from vendors specifying the hardware to the vendors ... "These are the things computer security experts advise on. Maybe hammer experts see things as nails. "Only a country is not a host system owned and administered by the government, and citizens are not guests or users." [Steve Witham, Government by Sysadmin, 1994-03-23] 9.5.4. Who would want to use key escrow? 9.5.5. "Will strong crypto really thwart government plans?" - Yes, it will give citizens the basic capabilities that foreign governments have had for many years + Despite talk about codebreakes and the expertise of the NSA, the plain fact is that no major Soviet ciphers have been broken for many years + recall the comment that NSA has not really broken any Soviet systems in many years - except for the cases, a la the Walker case, where plaintext versions are gotten, i.e., where human screwups occurred - the image in so many novels of massive computers breaking codes is absurd: modern ciphers will not be broken (but the primitive ciphers used by so many Third World nations and their embassies will continue to be child's play, even for high school science fair projects...could be a good idea for a small scene, about a BCC student who has his project pulled) 9.5.6. "Why does the government want short keys?" - Commercial products have often been broken by hackers. The NSA actually has a charter to help businesses protect their secrets; just not so strongly that the crypto is unbreakable by them. (This of course has been part of the tension between the two sides of the NSA for the past couple of decades.) + So why does the government want crippled key lengths? - "The question is: how do you thwart hackers while permitting NSA access? The obvious answer is strong algorithm(s) and relatively truncated keys." [Grady Ward, sci.crypt, 1994-08-15]
Next Page: 9.6 Current Crypto Laws
Previous Page: 9.4 Crypto Policy Issues
By Tim May, see README
HTML by Jonathan Rochkind