[cryptography] crypto & security/privacy balance (Re: Digital cash in the news...)

Nico Williams nico at cryptonector.com
Thu Jun 16 14:02:03 EDT 2011

On Wed, Jun 15, 2011 at 5:08 PM, James A. Donald <jamesd at echeque.com> wrote:
> On 2011-06-15 7:05 PM, Nico Williams wrote:
>> It's only when push comes to shove that crypto
>> doesn't help.
> In the conflict with Al Quaeda, as in any war, push has come to shove, and
> yet encryption does help.

Encryption, assuming they use it, hasn't helped them all that much.  A
great many of their rank-and-file as well as their leadership are
dead.  At least some of them were found via intelligence processes
that, from what we know, required no code breaking.  Osama, for
example, was found in part by traffic analysis.  Maybe he should have
been using Tor instead of USB sticks and couriers, but I bet usage of
Tor from a sleepy Islamabad suburb would have led to his being found

In other words, you've proved my point.

> [...]
> The state can escalate - but so can we.

Sheer lunacy.  There's a real world analogy for most online
situations, and if you're willing to stretch a bit, for all online

Crypto is no more than an equivalent of doors, locks, keys, safes, and
hiding.  At the end of the day the rubber has to meet the road.
People need to interact with other people in order to obtain the
things they need for mere survival.  There are not eight billion
deserted islands in which each of us can survive alone, and we'd not
want to anyways because we're social beings.  And when the rubber
meets the road, the crypto stops helping.

Anyone can build a fortress to protect themselves from the surrounding
state.  There have been many such fortresses in the U.S., yet when
push came to shove in the case of the Branch Davidians in Waco, TX,
the fortress didn't help.  The reason: the state has more resources
because they represent a larger society.  Now, maybe the Davidians
should have made bio/chem/nuclear weapons with which to blackmail the
state into leaving them alone, but that would probably have brought
them to the attention of the state sooner, soon enough, one hopes,
that they never managed to get the weapons and delivery mechanisms
that would make them capable of pulling off the blackmail.


More information about the cryptography mailing list