Dikes of sand - was Re: RIP and smartcards

[Padgett 0sirius]

At 09:59 AM 03/11/2000 -0000, you wrote:
>From: <lists@notatla.demon.co.uk>
>To: <ukcrypto@maillist.ox.ac.uk>
>Sent: Friday, March 10, 2000 6:09 PM
>Subject: Re: RIP and smartcards
>
>
>> Charles Lindsey <chl@clw.cs.man.ac.uk>
>>
>> > Suppose the only copy of your private key is contained within your
>> > smartcard (dongle/whatever). Indeed, it was likely generated on board
>> > the smartcard.
>> >
>> > Are you supposed to deliver up your smartcard to Plod when he arrives
>> > with a notice? And if so, how can you continue to conduct your business
>> > without it? Or, in other words, is a smartcard a "key" within the
>> > meaning of the bill?
>>
>> And if extracting the key from the smartcard is impossible even for you
>> does handing over the smartcard mean you have handed over the key ?
>> You'd have given him all the possession you had.  It's not a great feat
>> of configuration to set up a PC like this - a cheap 486 might suit.
>
>And there are many other problems too, but I won't elaborate here since I
>want plenty of ammunition for when the HO comes up with its plans for
>protecting seized keys and costs this will involve.

I am currently designing to FIPS 140-1 level III protection
(http://csrc.nist.gov/cryptval/140-1.htm). This is far from inexpensive.

Further we are dealing with new issues that have not yet been considered
such as *provable trust* (much like a chain of custody but more involved).
For example the architecture requires keys be fully accountable, secured in
approved containers when not in use, and use is confined to dedicated
off-line systems for the upper levels, and only within a TEMPEST
environment (RF shielding -100 db from 1 Mhz to 1 Ghz). And this is for a
commercial facility. (a very very nervous one but still commercial).

Agree the future is with smart cards having on-board processors (keys may
be generated inside or may accept external keys but may only export public
keys). This is in the microcode). These exist today. Level IV cards do not
seem to be available yet (proof against physical attack) but products
should be coming shortly since there is a commercial demand.

Don't forget, commercial and government requirements for trust and commerce
are driving the issue. Law enforcement needs are "second generation problems".

My concern is lawmakers being induced through ignorance (curable) by
special interests to make demands that will slow down commercial progress
much as ITAR/EAR did in the US in the first place.

The public is already getting used to the convenience of "shopping from
home" and that will require widespread distribution and new means of
dealing with problems as they arise. Attacks on the Internet are getting
common. Again, cryptographic techniquest of identity assurance are the best
weapons we have today yet the developers are slowed by concern that their
sales will be restricted.

Add to that an argument that parochial lawmakers may understand - the world
today is a global market. Trade routes are everywhere and instantaneous. If
a particular market segment proves difficult, it will simply be bypassed.
In the US, once thriving communities became ghost towns when the railroads
picked a different route. Twenty years ago something similar happened in
the US: the Interstates with 70 mph speed limits had created some natural
stopovers in the NE to Florida corridor. When the national 55 mph speed
limit was imposed, these moved and many marginal sites simply disappeared.
Civil disobediance quickly moved the stopovers back to their natural places
but not in time for many small businesses.

Unlike King Canute ordering the tides, special interests are frantically
throwing up dikes that will ultimately be inundated. The problem is that
instead of a gradual and manageable influx we will have a sudden and
unmanageable deluge when the dikes of sand give way while many small
companies will not survive the artificial local drought while their
neighbors prosper. 

also ref: 18th admendment to the Constitution of the United States.
(http://www.usconstitution.net/const.html#Am18)
      	A. Padgett Peterson, P.E., CISSP: Cybernetic Psychophysicist
 Anti-Virus, Cryptographics, & Antique Radio Researcher
http://www.freivald.org/~padgett/index.html
 mailto:padgett@gdi.net     PGP 6.5 Key on request