| ...Also, I hate to say this, we may need to also require that all
| encrypted traffic allow inspection of their contents under proper
| authority (CALEA essentially)....
Why not just require that the senders of malign packets set the Evil Bit
in their IP headers?

How can you possibly require that encrypted traffic *generated by the
attackers* will allow itself to be inspected?  The NSA tried to do
that by concealing information about effective cryptographic algorithms
while providing algorithms it controlled.  But that horse has long
left the barn.  Effective algorithms are widely known and readily
available processors are easily fast enough to implement them.

If you require lawful code to use inspectable crypto, every time you
successfully inspect a datastream, you'll find - surprise! - that it
contains nothing objectionable.  Meanwhile, the streams you can't
"open up" will continue to contain all the dirty stuff.  And, of
course, if you attempt to "open" a stream and what you see looks
like random bits - is it because someone has given you a bogus
key, or because it's a compressed video stream?
                                                        -- Jerry

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to