[cryptography] Is the NSA now a civilian intelligence agency? (Was: Re: Snowden: Fabricating Digital Keys?)

Nico Williams nico at cryptonector.com
Mon Jul 1 18:47:14 EDT 2013


On Mon, Jul 1, 2013 at 4:57 PM, grarpamp <grarpamp at gmail.com> wrote:
>> And when LEA
>> get caught doing this nothing terribly bad happens to LEA (no officers
>> go to prison, for example).
>
> It is often in the interest/whim of the executive to decline to
> prosecute its own,
> even if only to save embarassment, so many of these cases will never see a jury.
> That's why you need citizen prosecutors who can bring cases before both grand
> and final jury. For example, how many times have you seen a LE vehicle failing
> to signal, speeding/reckless, with broken running lights, etc... now
> try to criminally
> (not administratively) prosecute that just as you might be prosecuted for same.

I'd love to see proposals for how to criminal prosecutions by the
public would work.

>> their own secrecy is the best and
>> strongest (though even then, not fail-safe) guaranty of non-use for
>> criminal investigations.
>
> Didn't the requisite construction of plausible paths from tainted seed just
> get covered. So, No! The only guaranty against secret taint is transparency.
> Try removing the 'non-' next time.

Sometimes it's easy to cover up, sometimes it's not.  If you look at
how the Allies used their cryptanalytic breaks in WWII you'll see that
they made sparing use of their sigint obtained that way -- they had to
be very careful when to act and when not to act on it, and when they
did they had to take extra steps to make the enemy to believe other
avenues to be plausible.

Transparency is nice, but the thing is: I don't think you can keep a
PRISM-like system secure from being abused by analysts and sysadmins,
much less by political appointees, and I think it's harder still to
pull that off if its existence is public knowledge.  Whereas the
incentive to keep the secret from spilling is so strong that it should
act as a moderator on its operators.  That incentive is lost once the
program is public, and then transparency isn't enough: there's always
going to be ways to game the controls, and those controls will never
be as strong as the need to keep the program secret had been.

I could be wrong though.  It might well be that in practice there's no
difference between abuse potential when the program was secret vs. now
that it's public, in which case it's clearly better that it be known
to the public.  But my instinct tells me otherwise, and that's not a
defense of the program, just... paradoxical, ironic.

Nico
--


More information about the cryptography mailing list