Remember Clipper? Thankfully, in the intervening years strong cryptography has come so far out of the toothpaste tuble it is unlikely ever to return. But in the era of "Patriot" Acts the general warning to be on guard for similar attempts at expanding the surveillance state are valid as ever.
Newsletter #16: Bit crime
E-commerce and IP telephony require data security that has to withstand challenges that range from a curious colleague in the next cubicle to corrupt foreign government officials out to commit multi-million dollar larceny. In other words, security needs to be secure globally, and cannot rely on the good graces of the laws of developed nations.
Now imagine being able to identify and access any telephone conversation from any past time period, between any two parties, at the touch of a button. You would know with complete certainty who the parties were, when they spoke, from which locations, etc. Sound outrageous? This would be the consequence of requiring key recovery in secure communications systems.
You may have thought that key recovery only meant that law enforcement agencies could access encrypted communications when authorized to do so. That is only part of the story. In order to use key recovery, you have to be able to identify which communications can be recovered with the escrowed key. That means everything you ever said or otherwise transmitted over a system employing key recovery can be traced back to you. This record is absolutely reliable, eternal, and easy to manage.
In fact, key recovery makes the task of managing and categorizing intercepted communications much easier than it is today when unencrypted traffic is recorded. Speaker identification technology needs to be applied to figure out who is talking (or the people recording the conversation must know the identity of the speakers). Each communications system has its own way of identifying the terminal ends of a call. Some PBXs do not identify inside stations at all. Key recovery would sort this tangle out in a tidy, system-independent way. And the trace-ability of key recovery systems still works even if users take the trouble to encrypt their message using a truly secure encryption system.
To a secret policeman, this is better than tattooing a bar code on everyone’s forehead.
Americans tend to believe that we washed enemies lists and the use of law enforcement to exact revenge on political opponents out of our system with Watergate. All that nasty stuff happens only in other places. Our politics is as sanitary as Disneyland.
Unfortunately, we have more the illusion of clean government than we have it in fact. You don’t need a massive conspiracy to do you in, just a corrupt cop, judge, IRS agent, or politician. There are plenty of them. The expanding complexity and increasing penalties in regulatory law mean there are new flavors of cops, with new opportunities for corruption, being invented every year. On top of all that, treaty obligations can open your communication to inspection by foreign law enforcement officials who may be under corrupt influences entirely outside the power of our own laws to curb. Mexico, which is now tied in to all kinds of economic, environmental, and drug interdiction laws with the U.S. has been cited by our Department of State as a cleptocracy second only to Nigeria. Making surveillance orders of magnitude easier makes abuse of power easier by the same amount.
The other side of the coin is that strong cryptography is one more tool legitimate business can use to protect their operations in such hostile environments. The expansion of legitimate economic activity is among the best hopes for reforming corrupt economic environments. Key recovery systems give the nativists and isolationists one more way to scare businesses away from dealing in difficult business climates.
Making strong encryption illegal poses another threat: it expands the realm of thought crime. It makes the possession of bits illegal. This has at least two detrimental effects. First, it exposes professionals with a legitimate need to protect systems from hacking to denunciation and arrest. It in effect lumps these people in with bomb makers and other terrorists. Just because you and I have grown up with the ethos that bits are harmless, and that computing represents a uniquely safe environment in which to build things, watch them fail, and learn from those failures, does not mean we won’t end up in the same public relations pit with the other “mad scientists” of popular culture.
Don’t believe it? This was recently said, on the record, at a public meeting, by the U.S. Attorney General: "There are now new criminals out there that don't have guns. They have computers and many have other weapons of mass destruction." But don’t think that the U.S. Attorney General is stupid enough to think that computers are as dangerous as nerve gas. She is instead incompetent and dissembling enough to lump computers in with nerve gas in order to cover her ass. She can, by demonizing computers, blunder about heavy-handedly. People will forgive you a lot of collateral damage if you are going after a crazy man with anthrax. And if you can make computers seem just as dangerous you can get away with shooting a few innocent bystanders in this domain as well. This kind of ass coverage is politically neutral and is as likely to be practiced by the next administration as this one.
Am I for going easy on malicious hackers? Heck no! I’ve had my cell phone cloned and it’s damn annoying. Cell phone cloning operations in New York City are organized criminal enterprises with a strong profit motive that feeds those profits into other organized crime activities. These are bad people that will kill if they feel the need. It is fully appropriate for the FBI to bust these guys with all the same precautions they would take with drug gangs. But larding the law with all manner of software crimes makes it ever harder for law enforcement officials to distinguish between the evil-doers and merely criminally stupid kids with a modem and time on their hands. By blurring these lines, and applying law in quantity and not with quality, we won’t be ready to distinguish between a really malicious attack that might bring down an e-commerce site with an economic impact in the hundreds of thousands of dollars and your run of the mill Web site defacing artist.
Strong cryptography, reliable digital signatures, and respect for privacy will do a lot more to secure e-commerce and the new IP-based telephony systems than new laws. Having these systems in the hands of citizens will make it more difficult for the corrupt and criminal to harm us. Key recovery, on the other hand, opens new avenues for abuse.
Can law enforcement continue to be effective in a future where people have, in effect, more privacy than in the past? The answer lies in the fact that while strong cryptography might close some avenues of evidence collection, technology produces countervailing improvements in other ways to catch crooks. Listening devices get better and smaller. Cameras are easier than ever to hide. Chemistry and biology provide new tools as well. But what distinguishes these tools from mandated key recovery is that they require somebody to go to the location of the crime and use the tool. They are not sweepingly Orwellian in scope. They are not tools of mass surveillance. This means we would have an easy to understand practical limit on the application of police power.
So when you have a choice between a key escrow system and a strong encryption system in a new product, do the right thing. By letting the horses as much out of the barn as possible now, we all can do something to make the future better, to prevent future gulags and police states, as well as to keep the systems we will increasingly rely on for our economic well-being secure.
Copyright 1998 Zigurd Mednieks. May be reproduced and redistributed with attribution and this notice intact.