Cryptography and the Law...
Peter Wayner
century crook. You get a search warrant, bust in and grab
the crook's hard disk. He spits on you and says, "Just try
and decrypt it copper. I've used 1024 key bits and double,
rotating, super 21st Century, Eli Biham-proof, DES and I'm
not giving up the key."
Whoa, the criminals have won! No getting him to implicate
himself by giving up the key. He knows the 5th ammendment.
Today, unreasonable search is banned, but after a search
warrant is written, the law can get its mits on the books,
papers and other goods. Then they become applicable in
court.
I think the police might be quite afraid of this effect
of encryption. Locks can be broken and safes can be dynamited,
but a very good, non-standard encryption algorithm is pretty
safe unless someone finds a hole or devotes plenty of
manpower to cracking it. Even DES is safe against attacks
from the local police force.
On the other hand, the criminals have been using secret
codes for sometime. The movie version of the Untouchables
shows the accountant saying things like "this symbol in the books
means we payed $1,000 to Police Chief O'Hara." The Puzzle
Palace details how the NSA codebreakers will occasionally
help the police in the spare time. Bamford tells the story
of information being passed in the numbers of, and the colors
of shirts being sent for laundry.
What do people think of this scenario?
-Peter Wayner
(way...@cs.cornell.edu)
Peter Wayner Department of Computer Science Cornell Univ. Ithaca, NY 14850
EMail:way...@cs.cornell.edu Office: 607-255-9202 or 255-1008
Home: 116 Oak Ave, Ithaca, NY 14850 Phone: 607-277-6678
Doug Gwyn
>Imagine this event: you're a 21st century cop after a 21st
>century crook. You get a search warrant, bust in and grab
>the crook's hard disk. He spits on you and says, "Just try
>and decrypt it copper. I've used 1024 key bits and double,
>rotating, super 21st Century, Eli Biham-proof, DES and I'm
>not giving up the key."
What's to think about? Are you trying to suggest that encryption
should be made illegal just because some criminals may be able to
exploit it? I don't recall any constitutional principle that the
citizenry should sacrifice their rights to make it simpler to
prosecute criminals.
Peter Wayner
The Constitution is ambivalent about making laws to make it easier to
catch criminals. It merely guarantees: 1) free speech and religeon,
2) Right to Bear Arms, 3) No unreasonable search and seizure,
4) No self-incrimination and a few other clauses and phrases. In fact
the Right to Bear Arms has already been abridged by the "anti-criminalists"
who ban assault weapons and other guns like pistols which have few
uses outside of combat.
No, it's not that cryptography should be made illegal, it's just
that search and seizure will be increasingly difficult in information-based
crimes when good cryptography is present. Murder leaves a gun
behind. If there is no "smoking gun", then the cops need to look
for other evidence. In information based crime there is no need to drop
the "gun" off the bridge-- just encrypt it away.
I guess the reason I started this thread is not because I want to make
cryptography illegal, but because I anticipate this objection could be
made by the law-enforcement officials. It would be nice to think about
it before confronting it. To a certain extent, this is the argument
being made implicitly by the NSA when it bans the export of
crypto-technology. (Or their representatives in the Commerace Dept.)
The right to bear arms is in the constitution but it has been highly
regulated. There is no right to privacy just a right to search without
a warrant.
Yours in Privacy,
Marcus J. Ranum
>Imagine this event: you're a 21st century cop after a 21st
>century crook. You get a search warrant, bust in and grab
>the crook's hard disk. He spits on you and says, "Just try
>and decrypt it copper."
Sounds good to me. Possibly this will increase the evolutionary
pressure on the police to use their brains instead of Operation Sun Devil
type shenanigans scripted by the guys who write for "Miami Vice".
What's to stop the hypothetical intelligent 21st century cop from
trying smart things like planting a micro spy-eye to watch the guy's
fingers as he enters his password ? I'd hope that would take the 21st
century equivalent of a wiretapping order, but I'm in favor of making it
hard for law enforcement to just watch anyone (not that it is now, so
I don't expect it to change by then). There are lots of possibilities.
Force the criminal to be so paranoid he has to use tempest machines
and secure operating systems, until it becomes such a pain in the a**
that *he loses hir mind. :)
mjr.
--
coffeecoffeecoffeecoffeecoffeecoffeecoffeecoffeecoffeecoffeecoffeecoffeecoffee
Marcus J. Ranum
>The Constitution is ambivalent about making laws to make it easier to
>catch criminals. It merely guarantees: [...]
It guarantees what it guarantees unless it is changed legally
by an amendment or re-interpretation, or it is ignored. This is a
subtle way of saying it guarantees nothing. That is irrelevant here.
>I guess the reason I started this thread is not because I want to make
>cryptography illegal, but because I anticipate this objection could be
>made by the law-enforcement officials.
Aaaah, the old "when cryptography is illegal, only criminals
will own Kap'n Krang Decoder Wheels" argument. That does't make any
sense at all, though. Let's suppose owning a cryptosystem (or, more
accurately, the "paraphenalia" of a cryptosystem) is illegal - like
possessing "drug paraphenalia". Well, if I am a member of the Bavarian
Illuminati, and I'm using my cryptosystem to conceal evidence of
our plot to assassinate JFK, and to get Ronald Regan elected - do
you think I'm going to *CARE* if I get slapped with a misdemeanor
for having my database Rot-13'd ?!!? Not when the alternative is to
be a good law-abiding crook and keep my database in plaintext, and
still conspire to do treasonous, aye, even Un-American things!
See the flaw in the thinking ?
Problem #2: is that white noise, or is it a one-time pad ? I
dunno. Awfully hard to prove, isn't it ? Unless, of course, I left
my radioactive source and oscillators lying around. Big deal, you
zap me for a misdemeanor. You still don't get The Master Plan, unless
you resort to the rubber-hose technique of cryptanalysis. (in which
a rubber hose is applied forcefully and frequently to the soles of
the feet until the key to the cryptosystem is discovered, a process
that can take a surprisingly short time and is quite computationally
inexpensive)
>To a certain extent, this is the argument
>being made implicitly by the NSA when it bans the export of
>crypto-technology. (Or their representatives in the Commerace Dept.)
The NSA (?!) "bans" the export of crypto-technology ? This is
news to me. Even if that *WERE* the case, how does *EXPORT* limitations
on crytpo-paraphenalia limit your right to buy it legally inside the
USA to use for encrypting your favorite criminal evidence ? Don't
worry about the export laws - if you're a big international drug
cartel, you'll have no trouble getting a DES chip out of the USA to
South America. The South Americans get tons and tons of stuff into
the USA without any problem.
I'm not sure which is worse: the Evil Spying Spooks, or the
knee-jerk "they *MUST* be out to get me" types who fret and worry
about being spied on and oppressed without giving a moment's thought
to how hard it is to effectively oppress some technologies. No, wait,
I am sure which is worse - it isn't the Spooks. They reason and
evaluate potential threats logically. You don't seem to.
mjr.
--
coffeecoffeecoffeecoffeecoffeecoffeecoffeecoffeecoffeecoffeecoffeecoffeecoffee
Peter Wayner
>In article <47...@cornell.UUCP> way...@fulla.cs.cornell.edu (Peter Wayner) writes:
> Aaaah, the old "when cryptography is illegal, only criminals
>will own Kap'n Krang Decoder Wheels" argument. That does't make any
>sense at all, though. Let's suppose owning a cryptosystem (or, more
>accurately, the "paraphenalia" of a cryptosystem) is illegal - like
>possessing "drug paraphenalia". Well, if I am a member of the Bavarian
>Illuminati, and I'm using my cryptosystem to conceal evidence of
>our plot to assassinate JFK, and to get Ronald Regan elected - do
>you think I'm going to *CARE* if I get slapped with a misdemeanor
>for having my database Rot-13'd ?!!? Not when the alternative is to
>be a good law-abiding crook and keep my database in plaintext, and
>still conspire to do treasonous, aye, even Un-American things!
> See the flaw in the thinking ?
No. The problem is not cryptography for the Bavarian Illuminati
and the Drug Runners. These people wouldn't care about breaking
the law. The problem is privacy for everyone else. If these things
are against the law, normal, law-abiding people will avoid them.
People caught with drug paraphenalia go to jail.
> The NSA (?!) "bans" the export of crypto-technology ? This is
>news to me. Even if that *WERE* the case, how does *EXPORT* limitations
>on crytpo-paraphenalia limit your right to buy it legally inside the
>USA to use for encrypting your favorite criminal evidence ?
Yes, the NSA or the Commerace department bans the export of things
like DES. Read the label of Borland Sidekick or some other pieces
of software with encryption. This ban DOES effect US citizens.
Some of the latest versions of DEC Kerberos do not contain encryption
routines because DEC does not want to have two versions of the
product-- one exportable and one embargoed. Costs are too high.
The headaches of support are too great. Etc.
>I am sure which is worse - it isn't the Spooks. They reason and
>evaluate potential threats logically. You don't seem to.
I think it is reasonable and logically conceivable that the government
will try to ban cryptographic procedures because they can be used
so successfully by criminals. The argument could be made that normal Americans
don't need this sort of thing. They don't need assault rifles. Etc.
This has been done too many times in the past. One smart fellow
invented a cheap, phone scrambler and tried to patent it. One day he
received a letter from the patent office that told him his invention
was now classified. Since he wasn't even cleared to know about it, he
needed to destroy all documentation of its existence. When Goldwasser,
Micali and some other MIT dudes tried to announce Zero Knowledge
Proofs, the government tried to stop them and they only failed because
the MIT people were foreign nationals. After James Bamford wrote _The
Puzzle Palace_, the NSA followed the tracks of his research and
reclassified documents. They went into private libraries, removed
books and reclassified them.
Now you could argue that the spooks have been much more reasonable
and thoughtful than I have been in evaluating potential threats to
their job. I think that is the danger.
Doug Gwyn
It also reserves to the individual citizens all rights not explicitly
granted to the federal or state governments. That is an important
design feature. (I would agree that it has been largely subverted.)
Doug Gwyn
>invented a cheap, phone scrambler and tried to patent it. One day he
>received a letter from the patent office that told him his invention
>was now classified. Since he wasn't even cleared to know about it, he
>needed to destroy all documentation of its existence. When Goldwasser,
>Micali and some other MIT dudes tried to announce Zero Knowledge
>Proofs, the government tried to stop them and they only failed because
>the MIT people were foreign nationals. After James Bamford wrote _The
>Puzzle Palace_, the NSA followed the tracks of his research and
>reclassified documents. They went into private libraries, removed
>books and reclassified them.
The fellow couldn't have been too smart. This country has no "official
secrets act". Persons who have access to classified information in the
course of their jobs are required to first agree to follow certain rules
about the handling of such information, which is the only means by which
such regulations take effect. There is absolutely no ground for a
posterior imposition of constraints on information produced by
individuals acting privately.
As to the other claims of attempts at suppression, I don't have the
details. I do know that in other similar cases where I did know the
details, the popular media stories were not at all in line with what
had really occurred. For example, once an NSA employee took it upon
himself, without the knowledge or approval of his management, to send
a letter to one academic researcher telling him to not present a paper
at a conference. That should not be construed as any indication of
NSA policy, just the actions of an over-zealous individual.
Several academic journals and organizations have voluntarily agreed
to submit manuscripts to NSA for pre-publication review, on the grounds
that nobody really would want to inadvertently harm legitimate national
security interests. However, while generally NSA's suggestions from
such review are honored, sometimes they are not, and the author suffers
no adverse consequences.
"NSA -- just say no."
Peter Wayner
>In article <47...@cornell.UUCP> way...@kama.cs.cornell.edu (Peter Wayner) writes:
>As to the other claims of attempts at suppression, I don't have the
>details. I do know that in other similar cases where I did know the
>details, the popular media stories were not at all in line with what
>had really occurred. For example, once an NSA employee took it upon
>himself, without the knowledge or approval of his management, to send
>a letter to one academic researcher telling him to not present a paper
>at a conference. That should not be construed as any indication of
>NSA policy, just the actions of an over-zealous individual.
Right, from what I've heard the NSA is often fairly careful about
the way it approaches people. There have been people, though, who
did not submit a paper to the voluntary program, yet received a
phone call asking them to _consider_ the aspects and the potential
harm to national security. The paper, incidentally, was acquired
through legitimate, but indirect means.
In general, the NSA is very professional, but they interpret things
differently than many people on the net. Most people seem to be
libertarian-like, pro-total freedom, pro-privacy like the fellow
who flamed me earlier today. The NSA sees the danger in widespread
encryption because it comes to hamper their information gathering
duties. In the case of a potential war with Iraq, their desire
to gather as much information is certainly understandable and
very pertinent to the national interest. Export of super, re-hacked
with bigger, better sboxes, DES could just end up in the hands
of Saddam Hussein. It's better if they're using pseudo-random
number sequences generated with Linear Feedback Shift Registers.
Now, I started this thread because I don't know if many people
have considered the _harm_ to soceity from wide-spread, high-quality,
essentially unbreakable encryption. The good is so obvious to
law-abiding libertarians (if that phrase isn't a contradiction),
that many of us don't understand how there is even any bad.
Many of us might think that encryption is just such a fundimental part
of privacy that there is no way that anyone could consider banning it.
Consider this case. An Iraqi/follower of Charles Manson/ Cornell PhD
student gets real upset with the world and writes a virus that tunnels
into the hospital computers running intensive care wards. On a fateful
day, it goes off and shuts off EVERYTHING. People die. The media goes
crazy. Suddenly people find out that the virus encrypts itself with a
super-cool algorithm that is virtually unbreakable. Wow. Secret Codes.
The media writes lots of stories refering to Edgar Allan Poe and all
of his codes and morbidity. Remember that 95% of the undergraduates
don't understand what encryption is. Suddenly, encryption is not just
a tool for maintaining privacy, but a super-weird, James-Bond-class
weapon that can be used against soceity. It is now in the same class
as assault weapons which can alternately be used to defend the
sanctity of your home or destroy the peace of anothers.
Privacy is not an absolute concept. I think most Americans would
agree that criminals and crazy people on the edges of soceity don't
deserve privacy once a reasonable suspicion of wrong doing can be
gathered. Once the warrant is issued, there is no privacy.
Marcus J. Ranum
>Consider this case. [...]
>The media goes
>crazy. Suddenly people find out that the virus encrypts itself with a
>super-cool algorithm that is virtually unbreakable. Wow. Secret Codes.
>The media writes lots of stories [...]
>[...] Suddenly, encryption is not just
>a tool for maintaining privacy, but a super-weird, James-Bond-class
>weapon that can be used against soceity. It is now in the same class
>as assault weapons [...]
Picture this case: someone beats a senator to death with a Hagelin
M209 code machine. :) Sure, it could happen. Next thing you know there'd
be laws against rotor devices...
I don't think there's a likelihood of cryptography being controlled
since it has become fairly essential to some fairly important businesses.
>Privacy is not an absolute concept.
Privacy is an intangible. There are laws (which may or may not be
being obeyed) that can be interpreted to ensure citizens more or less
protection against unwanted observation and search. The way to protect
privacy is by taking an active and concerned part in legislation that
affects privacy related laws. Worrying about the press is futile, since
the press' agenda is different from yours - they want to make mountains
out of molehills to sell papers - and your privacy isn't their concern
either, for that matter (ask "People" magazine).
>I think most Americans would
>agree that criminals and crazy people on the edges of soceity don't
>deserve privacy once a reasonable suspicion of wrong doing can be
>gathered.
Aye, there's the rub. Are suspected communists "on the edges of
society" ? Are they "crazy people" ? What about homosexuals ? Some members
of the psychiatric profession or various religions might argue that. No,
I *don't* agree that a "reasonable suspicion of wrong doing" is sufficient
excuse to waive someone's legal rights - there has to be some concrete
evidence that the person poses a *threat* - not just that they are
suspicious or weird or crosseyed.
mjr.
Doug Gwyn
>There have been people, though, who did not submit a paper to the
>voluntary program, yet received a phone call asking them to _consider_
>the aspects and the potential harm to national security.
Sure, that would be a reasonable request. I know of people who have had
similar experiences, sometimes even visiting Ft. Meade to discuss the
specific issue with those concerned at the agency. I myself some time
ago received an official call from the agency, asking that I avoid
indicating that the agency had any interest in topic "X". I responded
by noting that anyone with any sense would already know that the agency
would be quite interested in topic "X", and that I certainly wouldn't
disclose any privileged information about the topic. I guess that was
an acceptable response, since they've left me alone since then. The
point is to not be intimidated. This country's founding fathers tried
to ensure that as a citizen you would have the freedom to conduct your
personal affairs as you deem fit, subject only to not causing harm to
others. While many of the people within the current bureaucracy do not
understand or agree with this, I think there is still substantial public
support for personal freedom in this country.
>Now, I started this thread because I don't know if many people
>have considered the _harm_ to soceity from wide-spread, high-quality,
>essentially unbreakable encryption.
That's already fully available to anyone who wants it, and has been for
decades.
Encryption itself causes NO harm. It is the other (hopefully criminal)
activity that is the actual agent of harm. I can cause an immense
amount of damage with the aid of a pencil or a telephone, but that is
no reason to regulate the use of such equipment. (In the Soviet Union,
copiers were regulated, in order to prevent the spread of ideas that
the state did not wish individuals to contemplate.)
Peter Wayner
> Aye, there's the rub. Are suspected communists "on the edges of
>society" ? Are they "crazy people" ? What about homosexuals ? Some members
>of the psychiatric profession or various religions might argue that. No,
>I *don't* agree that a "reasonable suspicion of wrong doing" is sufficient
>excuse to waive someone's legal rights - there has to be some concrete
>evidence that the person poses a *threat* - not just that they are
>suspicious or weird or crosseyed.
Hah. My brother (19 at the time) was stopped for speeding. The cop
didn't just give him a ticket. He searched the car and the ash
tray for drug residue. Oh, my brother now works for an ad agency
in NY and enjoys it. He has very short hair and has never seen
the Grateful Dead. His only crime was that he was young. The
court just requires that the police have some reasonable suspicion.
He was also white. Ask any black man about the difference between
"threats" and perceived "threats." There is a big difference betweent
the way the law works in reality and the way that it works in theory.
In theory we have tons of freedoms. In reality they have been
curtailed to help stop criminals and unfortunately this reality is
often tainted by ugly racism. The fact is that the exportation of
cryptography has always been curtailed and so has research in the
field.
We need to think about how cryptography can be _harmful._ Eventually
we will have to defend it and it is not enough to use platitudes
or speak of privacy. The arguments must be reasonable and make
concessions toward the policing of soceity.
Patriotism is the last refuge of scoundrels. Unfortuantely,
absolute freedom is as well.
Yours in flame,
Peter