Inaccurate study quoting, Re: anti-crypto rhetoric (Ellison,

[Phillip Temple]

At 03:50 PM 4/6/98 -0400, you wrote:
>
>I know that's their fear -- but if they were in the commercial crypto 
>business they'd realize that it's like pulling teeth to get people to buy 
>and use crypto.  That's why ubiquitous crypto is nonsense.
>We'll never see it.

People won't buy and use crypto per se, but they will demand a certain
level of service. If that service needs a perceived level of security
(such as bank transactions) then it will happen or they will lose
customers.

In some ways, there is already ubiquitous crypto. Take GSM. Currently 50M
users in 106 countries, over 1/4 billion by 2003. They are already using
secure crypto, with no government back-doors, designed to withstand
a sustained crypto attack. However...

>Think of the phone system.  To get end-to-end crypto we'd have to replace 
>all phones in existence with encrypting phones.  Just agreeing on a standard 
>for that would take longer than the lifetime of the cryptosystem chosen for 
>that standard :) ....  Once that standard is agreed, it would take *many* 
>years (probably multiple decades) before all phone instruments were replaced.

.. the security is only from base station to handset. The purpose is
to stop a 3rd party listening in on your conversation with a scanner,
and breaking that confidentiality by means of crypto attack. Once the
information leaves the base station and enters the telcos network,
it is no longer encrypted but they are legally responsable for maintaining
the privacy of that information.

The telco has to agree to let law enforcement tap phone conversations
upon producing a warrant before they are allowed a license. Thus the
two possible breaches are the law enforcements abusing the information
given and a leak from inside the teleco. Since there are fairly tight,
controls in both, the majority of us trust them therefore there is
a fair level of end-to-end privacy.

Once an email leaves your computer and starts travelling down the
phone line or Ethernet, who takes legal responsability for the confidentially
of that information? No-one. Thus the onus is on the end user to
ensure the privacy of their information. Currently the Internet is
built on a web of trust. Security is deliberately lax as it makes
life convenient. Are the general public going to be so easy going
with their privacy, trusting it to a nod and a handshake? I genuinely
don't know. It is clear though that a service carried over the Internet
does not carry the same end-to-end security as a normal mobile
telephone call.

As to your theory that it will take decades to replace the phone,
it will probably take the same amount of time as it does for the
Internet to penetrate households and businesses. Telephony is just
one more service to be carried over it, there is nothing special
about it. It would only take a simple handshake to set the level
of security and decide which protocol to use. There is nothing wrong
with having multiple standards, as long as the phones at either end
had at least one in common.

>As for the software, crypto prevents access if the user isn't careful -- and 
>users won't put up with that.  They want access, not security.

That's just an implementation issue.

>No, I think we should remain on the alert for any logical thread that starts 
>out assuming ubiquitous crypto -- and stop the thread right there.
>
>As a co-worker of mine once noted, the US Administration should have kept 
>its mouth shut when AT&T planned to introduce the DES phone.  AT&T would 
>have sold 5 and that division would have gone out of business for lack of a 
>market.  Instead, the Administration crammed Clipper down AT&T's throat and
>alerted the world to the government threat against privacy -- and crypto
>got its biggest boost ever.

Europe resisted the Clipper idea, and as far as I know the law
enforcement agencies haven't suffered. Does anyone know otherwise?

Phillip.