[1145] in cryptography@c2.net mail archive
Re: Supreme Court dicta on safe combinations
daemon@ATHENA.MIT.EDU (Phil Karn)
Wed Jul 2 15:53:48 1997
Date: Wed, 2 Jul 1997 11:20:29 -0700 (PDT)
From: Phil Karn <karn@ka9q.ampr.org>
To: unicorn@schloss.li
CC: cryptography@c2.net, karn@homer.ka9q.ampr.org
In-reply-to: <Pine.SUN.3.96.970702034705.3967B-100000@polaris.mindport.net>
(message from Black Unicorn on Wed, 2 Jul 1997 04:00:10 -0400 (EDT))
Thanks for the thoughtful and detailed analysis!
The more I read Doe v US, the darker it looks for those who would like
to use the Fifth Amendment to protect their encryption keys -- despite
the dicta in Footnote 9. If this issue went to the Supreme Court,
Stevens is the only one Justice you could count on (he wrote the lone
dissent).
Nevertheless, good lawyers could probably use Doe v. United States to
argue either way. It would make for a fascinating moot court session
in a law school somewhere.
E.g, the claim that forcing a defendant to reveal a crypto key would
force him to testify as to the contents of his mind could be answered
by saying that a defendant forced to hand over a physical key (which
is not testimonial) is also implicitly forced to reveal the contents
of his mind, specifically the location of the physical key. Otherwise
the government could just go and seize it without his help. (The fact
that ciphers and physical locks both use things called "keys" supports
this argument -- never underestimate the weight of analogy in a legal
argument!)
The only reason the consent form became an issue in Doe V. United
States was because the banks were in the Caymans, and unlike US banks
they could not be "brute forced" by subpoenas. (Here's another
metaphor: US bank accounts are subject to US government GAK, but
Cayman banks are not.) Strong crypto is just like a Cayman bank,
except the Cayman bank has the interesting feature of not responding
to requests made under duress. Wish I could design a cipher like that.
On the other hand, one could make the novel argument that encryption
is merely a "mental privacy amplifier" that makes the contents of a
computer equivalent to the contents of your mind: completely
inaccessible without your cooperation. Clearly, I can not be forced to
reveal memorized incriminating information even if the information is
very large and I had a photographic memory. A computer with an
encryption program just gives each one of us a photographic memory --
almost a "bionic extension" of our own brains.
Perfect forward secrecy is looking more and more vital all the time.
At least where it applies, i.e., for communications.
Phil
