[cryptography] crypto & security/privacy balance (Re: Digital cash in the news...)

Adam Back adam at cypherspace.org
Wed Jun 15 04:22:21 EDT 2011


Well said StealthMonger, I suspect Nico is in the minority on this list with
that type of view.

I read Nico's later reply also.  Short of banning crypto privacy and
security rights stand a better chance of being balanced by more deployment
of crypto.  (In terms of warrantless wiretaps etc which seem to just keeping
going and getting worse in many supposedly civilized western democracies.)
There are still plenty of things government security people can usefully do
towards security - spend the money on inflitration of groups who are real
security threats.

I would say privacy tech & crypto is essential to maintaining a good point
on the security/privacy balance in a world where security policy
encroachment has gone into overdrive.  To retain electronic liberty, crypto
is the answer.  I dont think crypto can be realistically banned in western
countries at this stage, the electronic part of security encroachment is
mostly opportunistic hoovering up things that are not protected.

There are multiple privacy properties - confidentiality of communication
contents, privacy of association (cryptographic freedom of association) like
pseudonymous email (protection against traffic analysis), cryptographic
enforced member only discussion groups/chats.

Then there are countries where crypto is officially or effectively already
banned - there being caught with privacy tech on your laptop, cell phone etc
would be dangerous.

Crypto and other privacy techniques can counteract somewhat - with
steganography, that though obviously its a tough threat model.  See 

http://www.nytimes.com/2011/06/12/world/12internet.html?_r=1

Its also a kind of interesting conflict that western governments think of
themselves, or try to portray themselves as moral forces of good and yet
there are a few cases where this technology the US is helping fund really
needs to be used in western democracies, including the US.  

The UK governments right to force key disclosure is an abomination, no
civilized country should be going in that direction.

Adam

On Tue, Jun 14, 2011 at 10:30:18PM +0100, StealthMonger wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Nico Williams <nico at cryptonector.com> writes:
>
>> Crypto will NOT protect you from the state.
>
>Hmm?  Protection from the state is the very reason some of us are
>here.  Even Philip Zimmermann wrote twenty years ago [1]
>
>   Why Do You Need PGP? ...  you may be doing something that you feel
>   shouldn't be illegal, but is.
>
>And the very title of David Chaum's 1985 paper was "Security without
>Identification: Transaction Systems to Make Big Brother Obsolete" [2]
>
>[1] pgpdoc1.txt
>
>[2] CACM 28(10), October 1985



More information about the cryptography mailing list