[3738] in cryptography@c2.net mail archive
Re: Wassenaar vs. CipherSaber
daemon@ATHENA.MIT.EDU (Arnold G. Reinhold)
Mon Dec 7 15:59:59 1998
In-Reply-To: <199812042309.SAA14436@postal.research.att.com>
Date: Mon, 7 Dec 1998 14:41:37 -0500
To: Steve Bellovin <smb@research.att.com>, jim@acm.org
From: "Arnold G. Reinhold" <reinhold@world.std.com>
Cc: cryptography@c2.net
At 6:09 PM -0500 12/4/98, Steve Bellovin commented on the CipherSaber web
site http://ciphersaber.gurus.com:
>
>I'm glad the site is up, but for many purposes it solves the wrong problem.
>Encryption algorithms are easy to write, or even to type in or scan from
>printed programs. But what's interesting is easy-to-use crypto, or
>crypto that can interoperate. Remember that most of PGP is *not*
>crypto algorithms.
The problem CipherSaber addresses is keeping strong crypto available to the
general public in the face of coordinated Government attempts to ban it. I
think that is exactly the right problem at the moment. The recent US press
release on Wassenaar reminds us that this threat is still being vigorously
pursued. That itchy feeling under your collar is the noose being tightened.
I submit that the following are not likely to be effective in keeping
strong crypto available:
o Complaining about the breakdown of democracy in our respective
countries. Democracy is at its best a crude check on the power of
governments. Influencing the outcome of the bureaucratic process takes
organization and money. Domestic bans on crypto just might register on the
public's radar screen; export controls won't. And Mr. Aarons is being very
clever in trying to separating civil liberties interests from corporate
interests.
o Overly complex protocols that attempt to solve all problems, real or
imagined, for all time. Bloated programs, caused by feature creep,
marketing oneupsmanship, and poorly specified standards are a chronic
condition of the software industry, one that we grumble about, but live
with. In the face of export controls, however, bloat turns into a fatal
disease. Complexity is Mr. Aarons' greatest ally.
o Relying on S/MIME, Netscape and Fortify: "Restrictive tests on
end-user re-configurability" may well force Netscape to close the holes
that Fortify uses and the export of Fortify itself could be banned.
o Relying on countries that are not part of the Wassenaar agreement. These
countries are often beholden to the US and Europe for aid and trade, and
most do not have strong traditions of free speech and democracy. They can
be convinced or bought.
The best solution is to make easy-to-use, interoperable strong crypto
systems widely available. Phil Zimmermann did that with PGP. If he hadn't,
this debate would probably not take place. If we cannot depend on the
Internet to distribute such programs in the future, the next best approach
is to make interoperable strong crypto systems easy to reproduce.
CipherSaber attempts to do that.
CipherSaber proves the feasibility of easy-to-reproduce, interoperable
strong crypto system that is usable. I invite each reader of this list to
build a CipherSaber and see for yourself. Every architect should put up a
tent and sleep in it once in a while.
I do not propose CipherSaber as the next world crypto standard. We can do
better. I agree with Raph Levien that the trick is to agree on one profile.
Maybe it should be DSS, SHA1 and 3DES. Have a couple of groups develop test
implementations and, when they achieve interoperability, put up a web site
with a clearly defined and easy to use data format and some test messages.
Then see what other people can come up with.
As Ben Franklin said, we must all hang together or, assuredly, we will all
hang separately.
Arnold Reinhold
