Inaccurate crypto rhetoric (was Re: Inaccurate study quoting,
Re: anti-crypto rhetoric)
Carl Ellison
cme at cybercash.com
Sat, 04 Apr 1998 19:49:58 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Following is my response to Mr. Perillo. I didn't realize until now
that UKCrypto was carrying this debate.
- Carl
- -----BEGIN PGP SIGNED MESSAGE-----
Mr. Perillo,
thank you for taking the time to correct the exaggerations in my
comp.risks posting of 6 Mar 1998 (19.62). May I assume from your message
that you share my belief that the cryptography policy debate is far too
important to be conducted in exaggerated, black and white, doom-saying
rhetoric?
Of course criminals have used cryptography for a very long time.
Criminal invention and use of verbal codes is old enough that there is a
word in the English language for it: argot. This should not surprise us.
My own informal survey of even non-mathematical adults has shown that the
vast majority used some code or cipher as teenagers in order to keep
secrets from prying adults. In turn, this is consistent with David Kahn's
observation: "It must be that as soon as a culture has reached a certain
level, probably measured largely by its literacy, cryptography appears
spontaneously -- as its parents, language and writing, probably also did.
The multiple human needs and desires that demand privacy among two or more
people in the midst of social life must inevitably lead to cryptology
wherever men thrive and wherever they write." [The Codebreakers, p. 84]
As you emphasize, criminals are not limited to inventing their own
codes and ciphers. I am not familiar with your evidence that drug cartels
and terrorist organizations have used encryption products from
international sources (e.g., Crypto AG), but I am not surprised. I have
seen Jane's catalog of counterintelligence devices, including military grade
cryptography, and I would not be surprised if serious criminals shopped
from such catalogs [metaphorically speaking]. [I had heard of course about
the Crypto AG weakness allegation, but had understood this to be part of
"The Boris Project" by NSA, to weaken cryptographic devices sold to Iran
and other governments. It was also my understanding that the techniques
for exploiting such a planted weakness would not be shared by the NSA with
the FBI. However, you are probably in a better position to know the truth
about this last point than I am.]
So, instead of stooping to splashy rhetoric and exaggeration as
characterized by Director Freeh's testimony before Congress (which I
imitated in my RISKS 19.62 posting), let us consider the facts of
cryptography without inflammatory rhetoric.
The notion that criminals adopt cryptography very rapidly (which is
how Director Freeh summarized it), with the implication that very soon all
criminals will be using cryptography to frustrate law enforcement, is
stated a little more scientifically by Denning & Baugh in the finding of a
50-100% annual growth rate. However, it is clear that this can not be a
product of rapid criminal adoption of new technology, as implied by
Director Freeh. If that were true, we could start with a minimum of one
criminal organization using cryptography strong enough for the government
not to break, in April of 1927 [Kahn, p. 803], and take the minimum annual
growth rate of 50% to get 1.5^{71} = 3,180,382,777,245 organized crime
groups using cryptography in April of 1998. This is clearly impossible.
Therefore, the observed growth rate must be influenced by something other
than speed of adoption among criminals. It may, for example, be a side
effect of the recent rapid adoption of PCs by the general population. We
also do not know what limited the growth of the criminal use of
cryptography in the last 71 years, not to mention the hundreds of years
before that. These are topics deserving much study, but they show clearly
without further study that Director Freeh exaggerates improperly in his
claim that soon all criminals will use strong cryptography and all law
enforcement will be frustrated.
Perhaps the most important conclusion of the Denning-Baugh study was,
as you point out quite properly, ``instead, the study's main conclusion was
that it was unable to find any current incident where the use of
cryptography significantly hindered an investigation or prosecution. "Most
of the investigators we talked to did not find that encryption was
obstructing a large number of investigations. When encryption has been
encountered, investigators have usually been able to get the keys from the
subject, crack the codes, or use other evidence," states the report.''
This is a remarkable conclusion and one of which I was well
aware. As I have said numerous times in the past, I believe it is our job
as good citizens and policy makers to accept reality unemotionally and make
plans to help law enforcement:
We need to help Director Freeh accept that he will never have an FBI
keyhole into the cryptography of criminals. They can always make
their own strong cryptography. The usual counter-argument to that is
that even criminals will need to use cryptography to talk with their
bank or the IRS -- but the implied false assumption behind that
argument is that people will use only one kind of cryptography.
Cryptography is effectively free and there is no limitation on the
number of different systems one might keep on his PC and employ. Each
application will be specific to its use (banking, tax returns, ...)
and each will include its own cryptography.
We must resist with great effort the attempt to force honest citizens
to accept FBI keyholes, just as we would resist an attempt to force
honest citizens to leave house and car keys at the local police
station or to plant FBI microphones in all private bedrooms or other
places where some criminal might, someday, have an incriminating
conversation.
We must follow up on the Denning-Baugh study and attempt to discover
the true limits to growth of criminal adoption of cryptography. Why
wasn't the world flooded with it decades ago?
We must also pursue their very encouraging conclusion that even when
cryptography was used, it did not interfere seriously with
investigations. Why was this true and how can we help law enforcement
continue this record?
We should probably start a real research project to help the FBI find
ways to gain the intelligence it needs even in the unlikely
disasterized case that all criminals use strong cryptography with no
government access. I have a number of such thoughts and have offered
to share these with the FBI, to no avail so far. I will not publish
them, for obvious reasons.
We should keep in mind the NRC study conclusions that compared the
positives and negatives of strong cryptography. In particular, strong
cryptography helps thwart crime and that will become ever more true
as our lives move ever more on-line. At the same time, any government
keyhole into civilian privacy would become a more inviting criminal
target as this change in society progresses.
Mostly, I believe we need to do what we can to correct what appears to
me to be an inability on the FBI's part to withstand the childish taunt,
"Nyah, nyah, I've got a secret and I won't tell you."
- Carl
- -----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.5.3
iQCVAwUBNRXYFxN3Wx8QwqUtAQEU5AP/aBPUGeLFg3E7Sbnx+yMA3Dmg/QBc9lT0
zCfhzq301EMCtfUkhLDoXjOO+nt45/RhxNtVV9Aw1OlURtbz4XSGSsosHEE3VRVV
V1NIfAen6tZrlgvuM5oc/0hokpmTZlIZzj8RUnyYoa0+7Gw64VgDRFIlvluT2n6I
U2TmV14rzKY=
=kxVO
- -----END PGP SIGNATURE-----
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 08FF BA05 599B 49D2 23C6 6FFD 36BA D342 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.5.3
iQCVAwUBNSbVNRN3Wx8QwqUtAQFSnAP/QAvMTNjM/pjWbkFpyRbYGocMMQgrsA6f
LJDWfOBf4KQ6pkbGozHBEwgDcmm1GQG8SjNJCVKeq+ETCjiVf7UA6cHHooqDjSAd
oIMAYHE2kU7gmqH5rJuhvqmuG/I36XuKzL+xMdDFBotc5ubt52B4Zmy3kNKU/aJW
0upCzQP8HFg=
=bqqs
-----END PGP SIGNATURE-----
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 08FF BA05 599B 49D2 23C6 6FFD 36BA D342 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+