[1614] in cryptography@c2.net mail archive
Re: Congress & Crypto Roundup: Vote in Commerce cmte tomorrow
daemon@ATHENA.MIT.EDU (Amanda Walker)
Wed Sep 24 15:22:23 1997
Date: Wed, 24 Sep 1997 14:20:38 -0400 (EDT)
From: Amanda Walker <amanda@intercon.com>
To: cryptography@c2.net
> The point has been made (e.g. in the N-cryptologists' "Risks of Key
> Recovery" report) that strong crypto is essential to national security,
> but it seems not to have penetrated. The info-war people generally
> believe this, but they haven't briefed Congress; the NSA/FBI have...
This is what makes me curious. The DoD has been devoting quite a lot of
attention to vulnerabilities in the public communications infrastructure,
national security consequences of an increasing reliance by the armed
forces on commercial communications media and equipment, and so on.
If the left hand is yelling "we must make the Internet less secure, in
order to preserve national security," why isn't the right hand objecting,
since they've already publically come to the opposite conclusions?
After all, the same mechanisms that enhance domestic surveillance
capabilities also enhance, ipso facto, foreign and adversarial
surveillance capabilities. Having a single point of failure for information
security (i.e., a GAK/key recovery mechanism) is a MILITARY LIABILITY
as well as an economic one.
If law enforcement has guaranteed access to all traffic, then the
obvious approach for espionage is to infiltrate law enforcement.
And hey, it's not as though that's an insoluble problem--just turn on
CNN. And it's probably a lot cheaper than maintaining high-level
cryptanalytic capability.
Hmm. Maybe GAK is a foreign plot. Anyone done a background check on
Louis Freeh recently :-)?
Amanda Walker <amanda_walker@ascend.com>
[P.S. Perry, could you update my email address on the subscription list?
I've lost the intro message from when I originally signed up. Yes, I am
lame.]
