anonymous services

Jason plug-discuss@lists.PLUG.phoenix.az.us
Mon, 24 Sep 2001 20:19:10 +0000


Many Rednecks vote. They can be expected to have a gut reaction
against "terrorist encryption"

The senior citizen population is both overrepresented at the polls,
and underrepresented in cyberspace and understanding of all things
digital, including "that new-fangled ATM machine". They can also be
predicted to have a gut reaction against "terrorist encryption".

The reasons for politicians being against strong encryption,
therefore, should be QUITE obvious to any individual EDUCATED in the
functionings of US Government, as a politicians job security depends
ENTIRELY on securing aformentioned votes.

I think this is one of those situations where the monosylabic phrase
"duh" is also an applicable responce. Heheh. I am positive these
educated individuals DO see the reasons for needing strong encryption. 

I am also positive that the politicos see:

1. That the ban on exporting strong encryption continues to give great
difficulty to forein software companies, as well as foreign financial
institutions, since a great deal of internet commerce originates in or
flows thru the united states. Continuing the ban is in the best
interest of the powers that be here.
2. A ban on stronger encryption in the United States will prevent US
consumers from adoptioning stronger, foreign encryption schemes that
are acceptable for international use.

Between #1 and #2, the encryption bans serve as an isolationary fiscal
boundary between the united states and the rest of the world.

When networked processor power eclipses current the security of
current encryption schemes, only newer technologies will be left as
possibly secure. Anyone who doubts this will happen is foolish. IBM
has already demonstrated that the concept of Quantum computing is
indeed valid. I dont think this "ban" on strong encryption will be
taking away anyones PGP at any point in the near future. Its real
intention is to foster fiscal isolation. However, 20 years from now,
it may well keep everyone who hasnt developed an alternative scheme
from having any sort of encryption at all.


Regarding public key encryption (which protects anonymity of the
sender WHILE ALSO protecting the contents of the email from outside
eyes.)

From what I understand, quantum computers may well eliminate the
mathematical difficulty (factoring an extremely long product of two
prime numbers) that prevents cracking PGP and most other "public key"
systems. Encryption bans could very well block the development of an
alternative scheme. Right now, if someone wants to send Bin Laden a
private message, all they must do is locate a copy of his PGP private
key, and then post the message to him, encrypted, in ANY open forum he
may see. LIKEWISE, if any of his militia or any of our field agents in
his militia wish to rat him out, all they must do is locate an
appropriate key belonging to the US government or any citizen patriot,
and place the message in any open forum, and wait for said party to
locate the message. This doesnt guarantee delivery, but it does
(currently) guarantee privacy to a quite reasonable extent.

Note that the above is vulnerable to a type of denial of service
attack. If everyone locates Bin Laden's public key, and posts messages
encrypted to him in or on every website that they can think of, that
contain a fairly decent size of random obscene comments about what a
horrible bastard he is, then the use of a search engine to locate
messages to him will be far, far more difficult, right? If the net is
awash in crap messages to a persons private key, then people wishing
to send that person a message MUST know where to place it to be found.

Regarding strong encryption between private parties:

Single use keys whose length exceeds the length of the data being
encryped will ALWAYS be secure. For this reason, a pair of CD ROMs
burned with identical set of genuinely random data, distributed to two
agents, can be used to encrypt ~650MB of information with absolute
security. All the encrypted information needs is a few bytes of header
information that tell where on the disc to locate the bytes necessary
to XOR the encrypted communication with to decrypt it to its original
form. This form of encryption is exactly as secure as the guardianship
of said disc with decryption contents. Once a piece of data has been
used to encrypt a mail, that portion of the disc (would either be
erased or) marked "suspect/used". If marked used, then if an agent
ever recieved mail encrypted with the "used-up" portion of a key disc,
the reciever could consider the initial disc (via copying, etc) or
sender (via imprisonment, torture, etc) to have been compromised. The
sender would be expected to keep track of what they had used and not
used on the disc itself, in a manner that would not be obvious to
anyone save themselves (i.e. not part of their email script, LOL)

Eric wrote:
> People who disfavor crypto regulation may win the debate, but the victory
> would not be as lopsided as your arguments would have it.
> 
> You make it seem as though the conclusion is obvious.  How could it be that
> you see the way so clearly, while some very bright non-politicians (i.e.,
> NSA, FBI) favor crypto control?  Why don't they see your point?  Try to
> think very hard about what you might be missing?  Why are smart people [I
> don't mean to refer to myself here] disagreeing with you.  What is it that
> has not been stated in the discussion so far?  What is the best objection
> one can your argumetns?  I am not saying you are wrong.  What I am saying is
> that there is info that has not yet been revealed because the answer is not
> as easy as you would have it.  I do enjoy encryption policy discussion, even
> if my views are outside the mainstream cryptography.

-- 
jkenner @ mindspring . com__
I Support Linux:           _> _  _ |_  _  _     _|
Working Together To       <__(_||_)| )| `(_|(_)(_|
To Build A Better Future.       |                   <s>