I lived through the crypto wars, 1990s edition. I remember the Clipper Chip, Skipjack, and the LEAF (Law Enforcement Access Field). I remember that, after the NSA spent millions of dollars, and years and years, developing it, it took the crypto community three weeks to figure out that there was a flaw in it. (And, ironically, the flaw was not in Skipjack, per se. As far as anyone knows, Skipjack is still a reasonably decent medium strength crypto algorithm. The flaw was in the LEAF, the whole reason for the project in the first place. It's trivially easy to spoof the LEAF.)
But it seems we are going to have this all over again. LE and the spooks still think they need access to everything everyone says, all the time.
I remember "The Electronic Privacy Papers." (Still got a copy of that, too.) I remember the page that has the results of a request for info about wiretaps that were impeded by crypto. Except for the table frame itself, and the column headings, every piece of info on it is blacked out.
I remember Dorothy Denning, who was on the LE side at the beginning of the crypto wars. But, good scientist that she is, she asked for cases from LE where they couldn't get a conviction because of crypto. Nobody could give her any.
I remember PGP, and the threats to throw Phil Zimmermann in jail because of ITAR. And I've got a copy of "PGP: Source Code and Internals" by Phil, published by MIT Press, and available anywhere in the world because it was a book and therefore protected by the holy First Amendment. (For those who don't get the joke it was simply a printed copy of the PGP source code.)
I also remember that the 1990s version of the crypto wars ended not because of all of our reasoned arguments about how stupid crypto regulations were, but because American businesses told the government that non-American businesses were going to build crypto anyway, and if the regs were in place Americans couldn't compete in business. That got their attention ...
I am aware of most of the crypto war nonsense from back then even though I wasn't "living" it at the time.
A couple of years ago at IP Expo there was one of the round table speakers who was an ex-Europol Inspector who had left and taken a job in the private sector as head of security for a major bank. He openly expressed that in his previous role he was all for back doors to enable their investigative work. As soon as he saw things from the other side of the fence he realised the error of his ways and adamantly opposed any degrading or ability to bypass the strong encryption required for business. It was interesting to hear from someone making that change in career and he was not a lone voice at the Expo by any means.
@rslade wrote:I also remember that the 1990s version of the crypto wars ended not because of all of our reasoned arguments about how stupid crypto regulations were, but because American businesses told the government that non-American businesses were going to build crypto anyway, and if the regs were in place Americans couldn't compete in business. That got their attention ...
Note that the Five Eyes nations are the English-language corner of what we euphemistically call the "Free World"* and are not the sole host nations for companies with high tech crypto capabilities in the commercial sector. Russia, China, Estonia, Israel, Iran, and other nations outside the little intel-sharing circle of the 5 Eyes all have robust crypto capabilities in both government and commercial efforts. Maybe the nature of business competition, combined with the inevitable holes in ANY backdoor design, will be the bucket of water causing this new Five Eyes Ministerial Statement to melt to the stone castle floor where it belongs.
* See years of news items on NSA communication monitoring, ubiquitous camera monitoring in UK, ECHELON in EU, etc.
Pretty sure the Germans, Swiss, South Koreans Japanese and French can all do a bit in this regard as well.
Singapore has some innovative reasearch and Monetry Authority of Singapore’s Technology Risk Managment(MAS TRM) has some pretty sensible requiments form early on about application layered encryption for banking systems - the upshot of which is that a compliant system must effectively always ‘double bag’ it’s data - not news nowadays but back when it was drafted there were not that many attacks against SSL TLS. Of course from the existence of the control once can infer that the originator has though about the threat model, and every good cryptographer needs to be a good cryptanalyst to be a complete cryptologist, as peer review is really quite important.
Interesting, there is a point in that a lot of organisations still ‘roll their own’, this behaviour goes against Kerckhoff and Shannon, but does make SA certain amount of sense when you consider events like the Tiltman Break. Increasing an attackers work rate by wrapping propriety encryption inside peer reviewed Crypto offers the benefit of increasing the attackers work rate in that they would need to compromise the key or break the encryption just to get samples of cipher text from the closed system to try to deduce its workings. A lot of the merits here I think depends on who has the best mathematicians, at least until AWS has something for automated theorem proving that is better and cheaper than boffins.
I do wonder if the future holds, not just session keys being negotiated, but maybe even the ciphers, operating modes and methods that use them on real time by systems to try to frustrate a really capable adversary.
Trying to systematically weaken some of the technologies that underpin key processes the strength of which the bulk of your people or your civilisation depends on, just for expediency may cause problems for the future.
This is going to be an ongoing debate for some time from a Private Sector and Public Sector perspective, balancing the requirements for trust and advocacy, whilst accessing personal data, the data subject wants the provider to have access to and balancing digital trust and international terrorism protection requirements.
The world is moving so fast, and technological developments; a very careful balance needs to be put in place, to ensure it does not unbalance the ship to the point - every one becomes absolutely paranoid and stops sharing information. Or chaos will ensure very quickly.
If it is unbalanced now, it could have a wide spread economic impact to organisations, and how business is conducted, let alone sharing information.
Regards
Caute_cautim
Excellent reminiscences. It sparked some memories for me. Having spoken in the early 90's at Compsec (in London) with Bill Hancock and Bill Murray, I remember being curious about why a number of US attendees and speakers were wearing t-shirts with a message stating "Sink the Clipper" along with a tea clipper half in the water. I wish I had kept the t-shirts they were handing out as a souvenir. I also remember attending a lecture in the 90's by DD in London when she spoke about the changing face of Infosec, along with the crypto issues and introduced the term "Hacktivism".
Repeat after me, "Any provision that gives 'lawful access' to encrypted messages automatically opens a hole that could break the whole cryptosystem ..."
NPR wrote:Justice Department officials say all they want is a reasonable accommodation for investigators with court orders...
We have that today. Just convince a court to compel me to reveal my private key. Of course, that does not help with the unstated goal of running a fishing-expedition without starting the sixth amendment clock.
Tough noogies. It's my encryption, my eyes, my destination, my VPN.