Careful when you make arguments along the lines of "it's a lost cause, the genie is out of the bottle"
Cryptography using nucleic acids and molecular biology techniques (polymerase chain reaction, etc.) and quantum cryptography, to name just two, are not quite here yet -- by the time they are, it is possible that every conventional crypto system in use today of any key length will be vulnerable to brute force attack due to improvements in computing and cryptanalysis. Some legislator somewhere will make this counter argument to keep the debate alive because it makes the anti- argument seem more informed than the pro- argument. The debate about "strong" encryption must include a discussion of what "strong" means, for strong is relative and even subjective. Sincerely, Jason Coombs [EMAIL PROTECTED] -----Original Message----- From: Jay D. Dyson [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 25, 2002 9:09 AM To: Security-Basics List Cc: [EMAIL PROTECTED] Subject: Re: strong encryption - governments denying individuals the right to use -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 24 Apr 2002 [EMAIL PROTECTED] wrote: > I am having to write a position paper on - should our government > (Australian) deny individuals the use of strong encryption? > > Unfortunately I have challenged myself and decided that I would support > the idea of the Government denying individuals the right to use strong > encryption. Only problem is I can't find any information that > explicitly supports this argument, nor am I sure what I should put in > this 'Position Paper'. That stance is indefensible. The reasons against this stance are thus: 1. Strong encryption is already available to the general. public. Attempts to control such access is a lost cause. 2. Forbidding public access to strong encryption is based on the presumption of guilt of the general populace by the government. (The argument being used is that if someone has nothing to hide, then they don't need strong encryption products; nevermind the individual's right to privacy.) 3. Individuals -- as well as commercial entities -- have legitimate needs to safeguard their data against access to unauthorized parties. 4. Arguing that individuals should not have access to tools to safeguard their digital assets is tantamount to arguing that individuals should not be allowed to have locks on their doors or safes in their homes. 5. Arguments that claim that access to strong encryption should be denied because it potentially benefits the criminal element (organized crime and terrorists) is disingenuous at best. Every civil liberty a civilized nation affords its people can be perverted by the criminal element, but that does not legitimize any attempt to rescind those civil liberties. Indeed, all evidence gathered to date clearly indicates that even the most virulent participants in the al Qaeda terrorist network do not even use cryptographic or steganographic software on their data. 6. Arguments that use of strong encryption circumvents criminal investigations are dubious since law enforcement has already demonstrated the capacity to bug the suspect's computer to capture keystrokes and thus gain the suspect's passphrase to their cryptographic products and ultimately gain access to the encrypted data. 7. Restriction of cryptography for individual use would ultimately have a negative impact on commerce, since all cryptographic products would come under additional regulation and all commerce would have to account to various legal and government agencies for every use of a cryptographic product. This would expose sensitive commercial data to third parties who are not exempt from corruption and could easily benefit from such data. 8. Restriction of cryptographic access for individuals is done for one reason: the convenience of law enforcement. It would be far wiser to bring law enforcement agencies up on the technological curve rather than force the dumbing-down of an entire people. Those are the biggest reasons why you will be hard-pressed to find any defense for your position. And if I may be so bold, I'd like to ask this: if you're taking a position on this, but you can't personally justify this stance to yourself, then why are you taking that position? Mull that over. - -Jay ( ( _______ )) )) .--"There's always time for a good cup of coffee"--. >====<--. C|~~|C|~~| (>------ Jay D. Dyson -- [EMAIL PROTECTED] ------<) | = |-' `--' `--' `- O Lord, make my enemies ridiculous. - Voltaire -' `------' -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (SunOS) Comment: See http://www.treachery.net/~jdyson/ for current keys. iEYEARECAAYFAjzIVEoACgkQGI2IHblM+8E2rwCeIw7aCzNzT9bw0Y1XTK2ItKJG mdgAmgMY0/pBw3/+OFcLW+v6fR5+RxFj =IsfK -----END PGP SIGNATURE-----
