Re: Brin on privacy

Eugene Leitl (
Fri, 20 Dec 1996 23:15:03 +0100 (MET)

On Thu, 19 Dec 1996, Lyle Burkhead wrote:

> > [ routine low-overhead encryption part of TCP/IP ]
> The NSA would love this. It would give everybody a false sense of

NSA would just hate this. Just write an according RFC, and listen for
comments. You might even face legal action.

> security. An encrypted file generated by a speedy, unsafe encryption

Why? You still are free to use heavy-duty encryption, should you feel
like it. An encryption scheme which takes 1 hour to break makes routine
snooping by dedicated parallel scanner chips totally worthless. The step
from us to ks is a tall order.

> program would differ from a file generated by better encryption
> programs. The difference wouldn't be apparent to a casual observer,

But not obviously so. Perhaps I should elaborate on unsafe encryption: I
consider IDEA relatively secure, while DES being unsafe encryption.

> but the NSA could see the difference.

But not _casually_. That's the point.

> > so that high-entropy pieces (compressed stuff causes this anyway)
> > won't cause scanner chips raise their virtual eyebrows whence
> > flowing thru NSA (heard the interrupt pling?) nodes
> True, they would have to rely on other methods besides scanner chips
> that simply recognize high-entropy messages. But other methods are
> available. Devising such methods would give them something to do,

Though such methods, should they exist, are surely not public.... I doubt
easy methods exist. It is quite impossible to tell random from
pseudorandom, and compressed stuff from encrypted stuff (ok , the latter
gives a totally white spectrum).

> maybe increase their budget... no problem.

Good cryptography scales very favourably in terms of roi. NSA would have
a very hard time scanning myriads of trivially encrypted packets, even if
their budget rise to astronomical (and I mean it) heights.

> In a sea of pseudorandom bits generated by a simple encryption
> program, a "seriously" encrypted message would stand out. Then

CAMs/iANs do not produce trivial sequences. The only way to tell them
apart would try a serious cryptoattack, which is a very costly business.

> they would know: here is somebody who has something to hide.
> The standard encryption isn't good enough for this guy -- so who is he?
> And then they would proceed to find out who he is.

These arguments are not valid. Cryptography does not work this way.

> Let me rephrase my original statement: using more encryption than
> other people commonly use is like painting your windows black when
> everybody else uses curtains. It just attracts attention.

It is a wrong picture, but everybody using cryptography equals to anybody
having windows. It is just some of them are bulletproof. Really easy to
tell, huh?


> Lyle

| |transhumanism >H, cryonics, |
| |nanotechnology, etc. etc. |
| |"deus ex machina, v.0.0.alpha" |
|icbmto:N 48 10'07'' E 011 33'53'' | |