Update 06-The-Need-For-Strong-Crypto.md
This commit is contained in:
Dr Washington Sanchez
parent
07cefb06e8
commit
f8026176a1
@ -1,28 +1,29 @@
|
||||
6. The Need For Strong Crypto
|
||||
|
||||
6.1. copyright
|
||||
## 6.1 copyright
|
||||
THE CYPHERNOMICON: Cypherpunks FAQ and More, Version 0.666,
|
||||
1994-09-10, Copyright Timothy C. May. All rights reserved.
|
||||
See the detailed disclaimer. Use short sections under "fair
|
||||
use" provisions, with appropriate credit, but don't put your
|
||||
name on my words.
|
||||
|
||||
6.2. SUMMARY: The Need For Strong Crypto
|
||||
6.2.1. Main Points
|
||||
## 6.2 - SUMMARY: The Need For Strong Crypto
|
||||
### 6.2.1. Main Points
|
||||
- Strong crypto reclaims the power to decide for one's self,
|
||||
to deny the "Censor" the power to choose what one reads,
|
||||
watches, or listens to.
|
||||
6.2.2. Connections to Other Sections
|
||||
6.2.3. Where to Find Additional Information
|
||||
6.2.4. Miscellaneous Comments
|
||||
|
||||
### 6.2.2. Connections to Other Sections
|
||||
|
||||
### 6.2.3. Where to Find Additional Information
|
||||
|
||||
### 6.2.4. Miscellaneous Comments
|
||||
- this section is short, but is less focussed than other
|
||||
sections; it is essentially a "transition" chapter.
|
||||
|
||||
6.3. General Uses of and Reasons for Crypto
|
||||
6.3.1. (see also the extensive listing of "Reasons for Anonymity,"
|
||||
## 6.3 - General Uses of and Reasons for Crypto
|
||||
### 6.3.1. (see also the extensive listing of "Reasons for Anonymity,"
|
||||
which makes many points about the need and uses for strong
|
||||
crypto)
|
||||
6.3.2. "Where is public key crypto really needed?"
|
||||
### 6.3.2. "Where is public key crypto really needed?"
|
||||
- "It is the case that there is relatively little need for
|
||||
asymmetric key cryptography in small closed populations.
|
||||
For example, the banks get along quite well without. The
|
||||
@ -43,7 +44,8 @@
|
||||
- And of course public key crypto makes possible all the
|
||||
other useful stuff like digital money, DC-Nets, zero
|
||||
knowledge proofs, secret sharing, etc.
|
||||
6.3.3. "What are the main reasons to use cryptography?"
|
||||
|
||||
### 6.3.3. "What are the main reasons to use cryptography?"
|
||||
- people encrypt for the same reason they close and lock
|
||||
their doors
|
||||
+ Privacy in its most basic forms
|
||||
@ -268,7 +270,8 @@
|
||||
likely that in future years one will be able to purchase
|
||||
disks with "Usenet, 1985-1995" and so forth (or access,
|
||||
search, etc. online sites)
|
||||
6.3.6. "Are there illegal uses of crypto?"
|
||||
|
||||
### 6.3.6. "Are there illegal uses of crypto?"
|
||||
- Currently, there are no blanket laws in the U.S. about
|
||||
encryption.
|
||||
+ There are specific situations in which encryption cannot be
|
||||
@ -281,7 +284,7 @@
|
||||
- and even public key crypto was developed in a university
|
||||
(Stanford, then MIT)
|
||||
|
||||
6.4. Protection of Corporate and Financial Privacy
|
||||
## 6.4 - Protection of Corporate and Financial Privacy
|
||||
6.4.1. corporations are becoming increasingly concerned about
|
||||
interception of important information-or even seemingly minor
|
||||
information-and about hackers and other intruders
|
||||
@ -295,7 +298,8 @@
|
||||
- something like Lotus Notes may be a main substrate for the
|
||||
effective introduction of crypto methods (ditto for
|
||||
hypertext)
|
||||
6.4.2. Corporate Espionage (or "Business Research")
|
||||
|
||||
### 6.4.2. Corporate Espionage (or "Business Research")
|
||||
+ Xeroxing of documents
|
||||
- recall the way Murrray Woods inspected files of Fred
|
||||
Buch, suspecting he had removed the staples and Xeroxed
|
||||
@ -346,7 +350,8 @@
|
||||
corporate spies, to protect themselves against lawsuits,
|
||||
criminal charges, etc.
|
||||
- third party research agencies will be used
|
||||
6.4.3. Encryption to Protect Information
|
||||
|
||||
### 6.4.3. Encryption to Protect Information
|
||||
- the standard reason
|
||||
+ encryption of e-mail is increasing
|
||||
- the various court cases about employers reading
|
||||
@ -379,13 +384,16 @@
|
||||
of creating walls, doors, permanent structures
|
||||
- there may even be legal requirements for better security
|
||||
over documents, patient files, employee records, etc.
|
||||
6.4.4. U.S. willing to seize assets as they pass through U.S.
|
||||
|
||||
### 6.4.4. U.S. willing to seize assets as they pass through U.S.
|
||||
(Haiti, Iraq)
|
||||
6.4.5. Privacy of research
|
||||
|
||||
### 6.4.5. Privacy of research
|
||||
- attacks on tobacco companies, demanding their private
|
||||
research documents be turned over to the FDA (because
|
||||
tobacco is 'fair game" for all such attacks, ...)
|
||||
6.4.6. Using crypto-mediated business to bypass "deep pockets"
|
||||
|
||||
### 6.4.6. Using crypto-mediated business to bypass "deep pockets"
|
||||
liability suits, abuse of regulations, of the court system,
|
||||
etc.
|
||||
+ Abuses of Lawsuits: the trend of massive
|
||||
@ -406,7 +414,8 @@
|
||||
reach of courts
|
||||
- replacing the courts with PPL-style private-produced
|
||||
justice
|
||||
6.4.7. on anonymous communication and corporations
|
||||
|
||||
### 6.4.7. on anonymous communication and corporations
|
||||
- Most corporations will avoid anonymous communications,
|
||||
fearing the repercussions, the illegality (vis-a-vis
|
||||
antitrust law), and the "unwholesomeness" of it
|
||||
@ -422,29 +431,34 @@
|
||||
generally pursue the "darker side of the force," to coin a
|
||||
phrase.
|
||||
|
||||
6.5. Digital Signatures
|
||||
6.5.1. for electronic forms of contracts
|
||||
## 6.5 - Digital Signatures
|
||||
### 6.5.1. for electronic forms of contracts
|
||||
- not yet tested in the courts, though this should come soon
|
||||
(perhaps by 1996)
|
||||
6.5.2. negotiations
|
||||
6.5.3. AMIX, Xanadu, etc.
|
||||
6.5.4. is the real protection against viruses (since all other
|
||||
|
||||
### 6.5.2. negotiations
|
||||
|
||||
### 6.5.3. AMIX, Xanadu, etc.
|
||||
|
||||
### 6.5.4. is the real protection against viruses (since all other
|
||||
scanning methods will increasingly fail)
|
||||
- software authors and distributors "sign" their work...no
|
||||
virus writer can possibly forge the digital signature
|
||||
|
||||
6.6. Political Uses of Crypto
|
||||
6.6.1. Dissidents, Amnesty International
|
||||
## 6.6 - Political Uses of Crypto
|
||||
### 6.6.1. Dissidents, Amnesty International
|
||||
- Most governments want to know what their subjects are
|
||||
saying...
|
||||
- Strong crypto (including steganography to hide the
|
||||
existence of the communications) is needed
|
||||
- Myanmar (Burma) dissidents are known to be using PGP
|
||||
6.6.2. reports that rebels in Chiapas (Mexico, Zapatistas) are on
|
||||
|
||||
### 6.6.2. reports that rebels in Chiapas (Mexico, Zapatistas) are on
|
||||
the Net, presumably using PGP
|
||||
- (if NSA can really crack PGP, this is probably a prime
|
||||
target for sharing with the Mexican government)
|
||||
6.6.3. Free speech has declined in America--crypto provides an
|
||||
|
||||
### 6.6.3. Free speech has declined in America--crypto provides an
|
||||
antidote
|
||||
- people are sued for expressing opinions, books are banned
|
||||
("Loompanics Press" facing investigations, because some
|
||||
@ -458,8 +472,8 @@
|
||||
- crypto untraceability is good immunity to this trend, and
|
||||
is thus *real* free speech
|
||||
|
||||
6.7. Beyond Good and Evil, or, Why Crypto is Needed
|
||||
6.7.1. "Why is cryptography good? Why is anonymity good?"
|
||||
## 6.7 - Beyond Good and Evil, or, Why Crypto is Needed
|
||||
### 6.7.1. "Why is cryptography good? Why is anonymity good?"
|
||||
- These moral questions pop up on the List once in a while,
|
||||
often asked by someone preparing to write a paper for a
|
||||
class on ethics or whatnot. Most of us on the list probably
|
||||
@ -479,7 +493,8 @@
|
||||
degree of anonymity makes possible.
|
||||
- "People should not be anonymous" is a normative statement
|
||||
that is impractical to enforce.
|
||||
6.7.2. Speaking of the isolation from physical threats and pressures
|
||||
|
||||
### 6.7.2. Speaking of the isolation from physical threats and pressures
|
||||
that cyberspace provides, Eric Hughes writes: "One of the
|
||||
whole points of anonymity and pseudonymity is to create
|
||||
immunity from these threats, which are all based upon the
|
||||
@ -491,7 +506,7 @@
|
||||
systems which do not require violence for their existence and
|
||||
stability. I desire anonymity as an ally to break the hold
|
||||
of morality over culture." [Eric Hughes, 1994-08-31]
|
||||
6.7.3. Crypto anarchy means prosperity for those who can grab it,
|
||||
### 6.7.3. Crypto anarchy means prosperity for those who can grab it,
|
||||
those competent enough to have something of value to offer
|
||||
for sale; the clueless 95% will suffer, but that is only
|
||||
just. With crypto anarchy we can painlessly, without
|
||||
@ -501,7 +516,7 @@
|
||||
prospect of a nation of mostly unskilled and essentially
|
||||
illiterate and innumerate workers being unable to get
|
||||
meaninful, well-paying jobs.)
|
||||
6.7.4. Crypto gets more important as communication increases and as
|
||||
### 6.7.4. Crypto gets more important as communication increases and as
|
||||
computing gets distributed
|
||||
+ with bits and pieces of one's environment scattered around
|
||||
- have to worry about security
|
||||
@ -510,14 +525,15 @@
|
||||
- private spaces needed in disparate
|
||||
locations...multinationals, teleconferencing, video
|
||||
|
||||
6.8. Crypo Needed for Operating Systems and Networks
|
||||
6.8.1. Restrictions on cryptography--difficult as they may be to
|
||||
## 6.8 - Crypto Needed for Operating Systems and Networks
|
||||
### 6.8.1. Restrictions on cryptography--difficult as they may be to
|
||||
enforce--may also impose severe hardships on secure operating
|
||||
system design, Norm Hardy has made this point several times.
|
||||
- Agents and objects inside computer systems will likely need
|
||||
security, credentials, robustness, and even digital money
|
||||
for transactions.
|
||||
6.8.2. Proofs of identity, passwords, and operating system use
|
||||
|
||||
### 6.8.2. Proofs of identity, passwords, and operating system use
|
||||
- ZKIPS especially in networks, where the chances of seeing a
|
||||
password being transmitted are much greater (an obvious
|
||||
point that is not much discussed)
|
||||
@ -525,7 +541,8 @@
|
||||
procedures for access, for agents and the like to pay for
|
||||
services, etc.
|
||||
- unforgeable tokens
|
||||
6.8.3. An often unmentioned reason why encyption is needed is for
|
||||
|
||||
### 6.8.3. An often unmentioned reason why encyption is needed is for
|
||||
the creation of private, or virtual, networks
|
||||
- so that channels are independent of the "common carrier"
|
||||
+ to make this clear: prospects are dangerously high for a
|
||||
@ -552,16 +569,18 @@
|
||||
- robust cyberspaces built with DC-Net ("dining
|
||||
cryptographers") methods?
|
||||
|
||||
6.9. Ominous Trends
|
||||
6.9.1. Ever-increasing numbers of laws, complexities of tax codes,
|
||||
## 6.9 - Ominous Trends
|
||||
### 6.9.1. Ever-increasing numbers of laws, complexities of tax codes,
|
||||
etc.
|
||||
- individuals no longer can navigate
|
||||
6.9.2. National ID cards
|
||||
|
||||
### 6.9.2. National ID cards
|
||||
- work permits, immigration concerns, welfare fraud, stopping
|
||||
terrorists, collecting taxes
|
||||
- USPS and other proposals
|
||||
6.9.3. Key Escrow
|
||||
6.9.4. Extension of U.S. law around the world
|
||||
|
||||
### 6.9.3. Key Escrow
|
||||
### 6.9.4. Extension of U.S. law around the world
|
||||
- Now that the U.S. has vanquished the U.S.S.R., a free field
|
||||
ahead of it for spreading the New World Order, led of
|
||||
course by the U.S.A. and its politicians.
|
||||
@ -570,8 +589,8 @@
|
||||
- U.N. mandates, forces, "blue helmets"
|
||||
6.9.5. AA BBS case means cyberspace is not what we though it was
|
||||
|
||||
6.10. Loose Ends
|
||||
6.10.1. "Why don't most people pay more attention to security
|
||||
## 6.10 - Loose Ends
|
||||
### 6.10.1. "Why don't most people pay more attention to security
|
||||
issues?"
|
||||
- Fact is, most people never think about real security.
|
||||
- Safe manufacturers have said that improvements in safes
|
||||
@ -593,26 +612,30 @@
|
||||
- Crypto is economics. People will begin to really care when
|
||||
it costs them.
|
||||
|
||||
6.10.2. What motivates an attackers is not the intrinsic value of the
|
||||
### 6.10.2. What motivates an attackers is not the intrinsic value of the
|
||||
data but his perception of the value of the data.
|
||||
6.10.3. Crypto allows more refinement of permissions...access to
|
||||
### 6.10.3. Crypto allows more refinement of permissions...access to
|
||||
groups, lists
|
||||
- beyond such crude methods as banning domain names or "edu"
|
||||
sorts of accounts
|
||||
6.10.4. these general reasons will make encryption more common, more
|
||||
|
||||
### 6.10.4. these general reasons will make encryption more common, more
|
||||
socially and legally acceptable, and will hence make eventual
|
||||
attempts to limit the use of crypto anarchy methods moot
|
||||
6.10.5. protecting reading habits..
|
||||
|
||||
### 6.10.5. protecting reading habits..
|
||||
- (Imagine using your MicroSoftCashCard for library
|
||||
checkouts...)
|
||||
6.10.6. Downsides
|
||||
|
||||
### 6.10.6. Downsides
|
||||
- loss of trust
|
||||
- markets in unsavory things
|
||||
- espionage
|
||||
+ expect to see new kinds of con jobs
|
||||
- confidence games
|
||||
- "Make Digital Money Fast"
|
||||
6.10.7. Encryption of Video Signals and Encryption to Control Piracy
|
||||
|
||||
### 6.10.7. Encryption of Video Signals and Encryption to Control Piracy
|
||||
- this is of course a whole technology and industry
|
||||
- Videocypher II has been cracked by many video hackers
|
||||
- a whole cottage industry in cracking such cyphers
|
||||
|
||||
Loading…
Reference in New Issue
Block a user