Re: [ISN] Strong Crypto Kills?

From: mea culpa (jerichoat_private)
Date: Fri Jun 12 1998 - 15:39:35 PDT

  • Next message: mea culpa: "[ISN] Cryptographers Discuss Finding of Security Flaw in 'Smart Cards'"

    Reply From: Kingade <kingadeat_private>
    >Reply From: Josh Rouleau <jrouleauat_private>
    >>            CRYPTO KILLS -- REALLY, IT DOES
    > IMHO by enabling this backdoor you now have the potential of
    >increased cases of electronic hijacking of Data and blackmail.
    >Am I being paranoid here?
    I don't think you're being paranoid at all. I see virtually NO benefits in
    handing over keys, and being led to believe you are using 'secure'
    encryption. One of my main feelings is that however it is done, by the
    Government or not, if 'official' people have access to these keys, firstly
    it is likely that eventually someone will abuse the priviledge, perhaps in
    the name of justice, perhaps not, but far more importantly, in my mind it
    is a certainty that sooner or later, unauthorised people will get hold of
    them as well.
    I think it is quite arrogant of the government to assume it can create a
    system which is 'hackproof'. I envisage a time when you see compiled
    exploits distributed, making a mockery of the system. 'PrivacyNuke for
    Win95' if you like.
    Everyone uses the internet now, and many people realise it is quite
    insecure. A large number of people do not wish to send their credit card
    details over the web to a on-line store when they realise it can be
    intercepted. However, as soon as that little blue key comes up in Netscape,
    showing transmissions are encrypted, more people decide that it is safe,
    despite the fact that, especially here in England, the encryption can
    feasibly be broken.
    With a public key system, people will be told that their transmissions are
    encrypted and unbreakable, and so they will place more trust in them, and
    transmit things they wouldn't have otherwise. And they won't all be plans
    for being a terrorist either. There will be credit cards, detailed personal
    details and so on flying around, if people believe it is safe to do so. And
    then someone will find some way of decrypting them, and they will be used
    for some evil purposes most probably.
    And the argument that strong crypto helps criminals seems strange to me as
    well. For an incredibly long time, there have been various sorts of
    criminals around, and the huge majority of them probably don't have PGP at
    home :-) These days, a lot of criminials no doubt use insecure mediums such
    as the telephone and so on to communicate, but we don't see the phone being
    banned, as that would be ludicrous, although I'd wager many many more
    crimes are planned and executed via telephone, than PGP encrypted mail.
    As other people have said, why would the criminals suddenly balk at
    committing the further crime of using 'illegal' encryption if they wanted
    to? It's hardly a crime in the league of murder or whatever is it?
    Just a few of my thoughts,
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated []

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:55:50 PDT