[3164] in cryptography@c2.net mail archive
Re: An Essay on Freedom, Anonymity & Financial
daemon@ATHENA.MIT.EDU (C Matthew Curtin)
Sun Aug 9 18:23:16 1998
Date: Sun, 9 Aug 1998 17:43:40 -0400 (EDT)
From: C Matthew Curtin <cmcurtin@interhack.net>
To: perry@piermont.com
Cc: dianelos@tecapro.com, cryptography@c2.net
In-Reply-To: <199808091915.PAA03823@jekyll.piermont.com>
Reply-To: cmcurtin@interhack.net
>>>>> "Perry" == Perry E Metzger <perry@piermont.com> writes:
Perry> Do we really want a police state, even if it makes us
Perry> marginally more safe?
More safe from what, and from whom?
I suggest that in any system, there are risks, and at some point, we
deal with the fundamental question: "which set of risks are we most
willing to manage?"
There's something else that's very interesting about the notion of
using cryptography for worldwide authentication of everything.
Essentially, if a crime is committed, the person whose authentication
credentials were present at the time is almost certain of a
conviction. This makes identity theft even more valuable than it is
today. But how can we have identity theft in a world where everything
requires strong cryptographic authentication?
Cryptosystems are not perfect. Even a perfect cryptosystem could be
used imperfectly. Even good cryptosystems, used properly, can be
subverted by someone pointing a gun to the head of a legitimate user
of the system. We point this sort of thing out all the time.
Nevertheless, outside of the "crypto community", people put too much
faith in these systems.
Dianelos Georgoudis suggests that the Right Thing is for one central
authority to have essentially all power, except for the power to
abuse. No explanation of _how_ to accomplish such a feat is offered.
This isn't the kind of "detail" to figure out "later", after you get
done giving someone the ability to do everything and anything.
--
Matt Curtin cmcurtin@interhack.net http://www.interhack.net/people/cmcurtin/
