[2401] in cryptography@c2.net mail archive
Safe Crypto and Safe Bridges (was: Rivest's Wheat & Chaff)
daemon@ATHENA.MIT.EDU (Rick Smith)
Mon Mar 30 17:08:20 1998
In-Reply-To: <199803302028.MAA23022@joseph.cs.berkeley.edu>
Date: Mon, 30 Mar 1998 15:45:34 -0600
To: David Wagner <daw@cs.berkeley.edu>
From: Rick Smith <rsmith@securecomputing.com>
Cc: cryptography@c2.net
At 12:28 PM -0800 3/30/98, David Wagner wrote:
>But to ask about celebrated cases is missing the point. The danger isn't
>the part of the iceberg that you can see; it's the part you can't see.
>
>And the celebrity cases aren't the common case; the common case is that
>your privacy is breached, and you don't even know it.
>
>This stuff really is quite intangible. That's why it's up to us engineers
>to get it right. The public doesn't want to know about the details; they
>just trust us to "do the right thing". (Like bridge-building. The public
>doesn't want to know about stress factors and so on: just build it strong
>enough to stay up, they'll say, and don't bother me.)
A *lot* of bridges had to fall down before public outcry led to
construction standards. Someone said there was an average of one railroad
bridge falling down every month across the US during the latter part of the
1800s. And don't forget the Triangle Shirtwaist fire in New York, or the
Coconut Grove in Boston, and their effect on US fire exit regulations and
(more important) on compliance with safety regulations. A lot of people had
to *die* before safety rules were put in place. The same holds true today
for auto safety regulations. I don't see anything similar happening soon in
the crypto arena. The experiences of Gingrich and Princess Di almost
suggest that eavesdropping is an entertaining benefit of weak (or
nonexistent) crypto that the public might like to retain.
If we're talking about legislation in the context of a political democracy,
then we're talking about support by a "concerned public" on an issue. If
we're simply saying "engineers know what's right and the legislators should
yield to our expertise," then we're heading down a very slippery slope
indeed.
We really don't know yet how "safe" encryption really has to be in
practice. We know how much computation power is needed to attack particular
crypto implementations, but we don't know how that translates into "enough"
deterrence for a given application. The current export regulations exploit
this uncertainty. Clearly the regulations prevent exportable crypto from
being "safe enough" for every possible commercial application. On the other
hand, exportable crypto is probably safe enough for some applications, it's
just that the borderline is a very fuzzy one.
Rick.
smith@securecomputing.com
