[2312] in cryptography@c2.net mail archive
Re: Rivest's Wheat & Chaff - A crypto alternative
daemon@ATHENA.MIT.EDU (William Hugh Murray)
Mon Mar 23 12:05:10 1998
To: Vin McClellan <vin@shore.net>
Date: Sun, 22 Mar 98 16:06:12 -0500
From: William Hugh Murray <whmurray@sprynet.com>
CC: "cryptography@C2.net" <cryptography@c2.net>
-- [ From: William Hugh Murray * EMC.Ver #3.1 ] --
-------- REPLY, Original message follows --------
> Date: Sunday, 22-Mar-98 02:59 AM
>
> From: Vin McClellan \ Internet: (vin@shore.net)
> To: cryptography@C2.net \ Internet: (cryptography@c2.net)
>
> Subject: Rivest's Wheat & Chaff - A crypto alternative
>
> Another elegant reconceptualization from R. Rivest!! The hot text
below is
> off Dr. Ron's website. A NY Times summary (and useful overview) can be
seen
> at: http://spyglass1.sjmercury.com/breaking/docs/062460.htm _Vin
> -----------
>
> "Chaffing and Winnowing: Confidentiality without Encryption"
>
> Ronald L. Rivest
> MIT Lab for Computer Science
> March 21, 1998
> http://theory.lcs.mit.edu/~rivest/chaffing.txt
>
> This paper introduces a new technique, which we call ``chaffing and
> winnowing''---to winnow is to ``separate out or eliminate (the poor
> or useless parts),'' (Webster's Dictionary), and is often used when
> referring to the process of separating grain from chaff.
>
> Novel techniques for confidentiality are interesting in part because
> of the current debate about cryptographic policy as to whether law
> enforcement should be given when authorized surreptitious access to
> the plaintext of encrypted messages. The usual technique proposed for
> such access is ``key recovery,'' where law enforcement has a ``back
> door'' that enables them to recovery the decryption key.
>
> Winnowing does not employ encryption, and so does not have a
> ``decryption key.'' Thus, the usual arguments in favor of ``key
> recovery'' don't apply very well for winnowing. As usual, the policy
> debate about regulating technology ends up being obsoleted by
> technological innovations. Trying to regulate confidentiality by
> regulating encryption closes one door and leaves two open
> (steganography and winnowing).
(Description not included.)
> In summary, we have introduced a new technique for confidentiality,
> called ``chaffing and winnowing''. This technique can provide
> excellent confidentiality of message contents without involving
> encryption or steganography. As a consequence of the existence of
> chaffing and winnowing, one can argue that attempts by law enforcement
> to regulate confidentiality by regulating encryption must fail, as
> confidentiality can be obtained effectively without encryption and
> even sometimes without the desire for confidentiality by the two
> communicants. Law enforcement would have to seek access to all
> authentication keys as well, a truly frightening prospect.
>
> Mandating government access to all communications is not a viable
> alternative. The cryptography debate should proceed by mutual
> education and voluntary actions only.
While I think that this technique is interesting and useful, and while I
am opposed to the government's clear intent, I think that this position
is naive. It is the act of hiding that offends rather than the
mechanism that we use. It is what we do rather than what we call it.
We have always known that if Alice and Bob share a secret, then they can
communicate secretly. The question is only whether or not the law-
abiding _may_ do so. If we consent to the idea that the "adversary" can
outlaw one such mechanism, then what is to stop them from outlawing the
other two.
The issue is not now, and never has been, about access to keys, about
encryption, or even about confidentiality. It is about the ability of
the government to read any message that it likes, not to say every
message that it might. Arguments to the effect that is futile for them
to try only increase their fear and determination. Indeed, such
arguments are similar to the ones, for example, that strong encryption
equates to perfect security for the criminal, that they use to frighten
the congress into docile cooperation. The more we say that technology
makes it impossible for them to see any message that they like, the more
determined they become to criminalize any and all attempts at private
communication.
The recent "deadline" by AG Reno and the testimony her assistant just
took to the hill give the lie to their protestations otherwise. That
they would even dare to make such arguments in front of the congress
demonstrates both their determination and the contempt in which they
hold both the people and the rule of law.
Regards, Bill
