[wordup] Getting a grip on encryption realities

[Adam Shand]

Via: Interesting People <ip-sub-1 at majordomo.pobox.com>
From: Lauren Weinstein <lauren at vortex.com>

It may be time to pause for another dose of reality.  With calls from
various quarters rising for various encryption bans, let's put aside most
issues relating to the undesirability of such moves for a moment and just
look at the matter of practicality.

Anyone who wants to encrypt their materials with strong encryption has the
technical ability to do so.  No laws or regulations can put that genie,
particularly in terms of software-based systems, back into the bottle.
Terrorists are unlikely in the extreme to heed such prohibitions in any
case.

To make matters even more complex, it's possible to obscure
heavily-encoded messages in seemingly innocuous ways.  Only the
imagination really limits the possibilities.  Highly-encrypted messages
can be spread out through photographs, computer images, faxes, audio
files, plain text, and any number of other media.  Ostensibly ordinary
files, documents, or statements can contain all manner of encoded data,
with the data itself encrypted via any mechanisms up to and including
one-time pads.

Let's be clear about this.  Degrading the strength of communications
between honest citizens will not prevent disasters like Tuesday's, but
will make those honest citizens less secure.  Yet the calls for banning
strong encryption take no heed of any of these realities.  Obviously we
must fight terrorism, but weak or "back-door-enabled" crypto systems carry
a *very* high risk of being rendered ineffectual, resulting in highly
sensitive and private--but completely legal--communications being exposed.
Unfortunately, in the understandable fervor of the moment, many aspects of
technical facts and common sense are being plowed under the tank treads of
emotion.

Realistically, if we are to fight terrorism without destroying ourselves
piece by piece, we need to above all be thinking clearly.  How we handle
the encryption debate may be a harbinger of whether or not we deal
rationally with a broad range of other crucial issues in the aftermath of
terrorism.

Any way you look at it, we stand at a crossroads, not just relating to
terrorism but for ourselves as well.  Notwithstanding wars and disasters
of the past, the decisions we make now are among the most crucial we'll
ever face.  Doing the right thing speaks not only to today and tomorrow,
but to history as well.

--Lauren--

P.S.  I mentioned above how ordinary-looking materials could obscure
hidden messages.  The text above used an example of an *extremely* trivial
technique to encode (not even really encrypt) the plain text title of a
famous Beatles song--one character per sentence.  Did you notice it?  Now
that you know it's there, you probably can find it.  But what if the title
had been encrypted instead of merely encoded in plain text?

Trying to control encryption systems is now a pointless--and even
dangerous--exercise in technological futility, diverting attention and
resources from efforts that might truly have practical benefits towards
fighting terrorism, crime, and other scourges on society.  Like it or not,
that's the reality.  The sooner this fact is accepted the better off we'll
all be.