06.22.1998
The cypherpunks
have been combating this issue for almost the past decade. Law enforcement
are the main propoent of key escrow systems and commonly argue that key
escrow is necessary in order to keep communication channels open to undetectable
surveillence. Strong crypto makes "armchair" surveillence very difficult.
You must now position oneself between speaker and encryption device to
intercept communications before they become encrypted. They also like to
make the argument that key escrow technology is accepted by many corporations.
This is a half-truth. They are interested in key escrow technology for
STORED ELECTRONIC DATA. This is to prevent key loss to vast amounts of
archived data typically stored in offsite vaults. They want a way to recover
a lost key held in a "trusted" location. They are not proponents of key
escrow communications systems as law enforcement agencies would like you
to believe.
Fortunately Federal
law enforcement agencies have the man power and resources to overcome these
obstacles and conduct research into other intelligence gathering methodologies
such as tempest equipment, infiltrators, and video and audio surveillance.
Techniques which intercept the communications before it is transformed
by machine or electronic device into an unintelligable form.
It doesn't take
a genius to realize that banning strong crypto will mean that only the
small-time criminals will be speaking in the clear or utilize the state
sanctioned crypto and the higher-end terrorist groups and organized crime
families will employ the "banned" encryption technology. Meanwhile, the
common US citizen is stuck with a proven weaker cryptographic system where
the government, a body of human beings susceptable to corruption, hold
the key to unlock all "private communications".
Export restrictions
on cryptographic software is another issue that is closely releated to
this issue. The NSA, CIA, and other Intelligence gathering agencies do
not want strong crypto to leave the country. So, only government approved
algorithms are allowed for export. Of course these algorithms are weak
and because they are approved by our government for export, many foreign
companies refuse to use them for fear of snooping by our intelligence agencies.
Our cryptographic market atrophies overseas, and eventually may be seen
as criminal activity if developing systems without key escrow capabilities.
Meanwhile, the
rest of the world's crypto marches on.
To find out more
on the Strong Crypto struggle:
The
Risks Of Key Recovery, Key Escrow, And Trusted Third-Party Encryption
IPC
- These folks are on the side of responsible crypto laws
S.2067
E-PRIVACY ACT - This is before the Senate. |
