
“It shall be unlawful for any person to manufacture..encryption products” (1997) - declan
http://thomas.loc.gov/cgi-bin/cpquery/T?&report=hr108p4&dbname=105&
======
cogburnd02
There are some interesting ways around government crypto restrictions.
Ciphersaber [1] is designed so that you can _memorize_ how to write a program
to implement it. Bruce Schneier proposed Solitaire, [2] which is designed to
be carried out with playing cards rather than on a computer. (Later, Paul
Crowley discovered some weaknesses [3] in Solitaire.) Diceware [4] is a method
of generating secure passphrases with (you guessed it) regular dice.

[1] [http://ciphersaber.gurus.org/](http://ciphersaber.gurus.org/)

[2]
[https://www.schneier.com/solitaire.html](https://www.schneier.com/solitaire.html)

[3]
[http://www.ciphergoth.org/crypto/solitaire/](http://www.ciphergoth.org/crypto/solitaire/)

[4]
[http://world.std.com/~reinhold/diceware.html](http://world.std.com/~reinhold/diceware.html)

------
tbrake
Am I reading this GPO link wrong or did that not make it in? Section 2804 here
actually eliminates an enforced key escrow, so I don't know.

[http://www.gpo.gov/fdsys/pkg/BILLS-106hr850rh/pdf/BILLS-106h...](http://www.gpo.gov/fdsys/pkg/BILLS-106hr850rh/pdf/BILLS-106hr850rh.pdf)

~~~
declan
The history here is non-intuitive; I'll try to explain it. I was living in DC
during the Crypto Wars of the late 1990s and covering them as a reporter (I've
since shifted to working on [http://recent.io/](http://recent.io/), of
course).

The SAFE Act as originally introduced in the House of Representatives was
designed to be generally pro-crypto by relaxing export controls. But as it
made its way through the various committees, the anti-crypto forces got their
hands on it and turned it on its head. It became a ban-non-backdoored-crypto
bill instead.

More precisely, in 1997, a House committee approved a ban on domestic
encryption without backdoors for .gov access. Here's an excerpt from the
amended anti-crypto version of the SAFE Act:

 _" After January 31, 2000, it shall be unlawful for any person to manufacture
for distribution, distribute, or import encryption products intended for sale
or use in the United States, unless that product [...] permits immediate
decryption of the encrypted data..."_

Here's how one of the anti-crypto politicos, Rep. Bill McCollum, who went on
to be Florida's attorney general, justified it while debating the House
Judiciary version of that bill:

 _" Because this bill will promote greater use of stronger encryption, law
enforcement may not be able to gather evidence that it can use to investigate
and prosecute cases. Imagine a situation where the police with a search
warrant seize the computer of a terrorist but cannot decrypt the list of
people and places that he intends to strike next. Or the situation where the
police seize the computer of a purveyor of child pornography but cannot
decrypt the files to download the images to prosecute him."_
[http://www.techlawjournal.com/cong106/encrypt/19990324mcc.ht...](http://www.techlawjournal.com/cong106/encrypt/19990324mcc.htm#1)

So yes, you're right that sec. 2804 in _one_ version of SAFE eliminates
mandated key escrow. But other versions, including the one approved by that
House committee in 1997, went exactly in the opposite direction.

~~~
ipsin
I agree that this is non-intuitive, and we've arrived at another time in DC
when time has looped back on itself, and wars have to be re-fought.

Your site, [http://politechbot.com/](http://politechbot.com/), was one go-to
source for information during the last crypto war. These days I could consult
the EFF, EPIC or the ACLU, but I wonder if there's a place again for a
cypherpunk-ish focus on DC policy, or if you've found sources covering the
current policy with a politech-like mindset.

In either case, thanks for all those years of good reading.

~~~
declan
<ipsin>: Thanks for your kind words! I've felt the urge to restart/resume the
Politech mailing list a few times in the last few years but haven't been able
to dedicate the time such an effort deserves. Also it works better if
moderated by a practicing journalist, I think.

The short answer is I don't think there is such a source. EFF has good action
alerts and blog posts (even if I may occasionally disagree with some of their
legislative endorsements). EPIC and the ACLU are often more DC-centric, and
Marc (who runs EPIC) is essentially an anti-cypherpunk in his views about the
private sector.

Among advocacy groups, TechFreedom.org is a relatively new entrant with free-
market, liberalize-crypto views. But Berin, who runs it, is a lawyer, not a
technologist, and is spending a lot of time on topics like Net neutrality and
telecom regulation nowadays.

If anyone is thinking of starting such a source of information with a
cypherpunk-ish/politech-like focus on DC policy, I'd be happy to offer some
advice, tips, and introductions.

------
slowmovintarget
The short version: Get it (encryption software) while you can.

~~~
RankingMember
I can't imagine anyone'll be able to keep encryption software out of people's
hands, even if it gets as dire as requiring fallback to sneakernet.

------
known
"Never do anything against conscience even if the state demands it."
\--Einstein

~~~
socceroos
The benefit of hindsight, eh, Einstein?

------
xnull2guest
"(3) Encryption

A telecommunications carrier shall not be responsible for decrypting, or
ensuring the government’s ability to decrypt, any communication encrypted by a
subscriber or customer, unless the encryption was provided by the carrier and
the carrier possesses the information necessary to decrypt the communication."

[http://www.law.cornell.edu/uscode/text/47/1002](http://www.law.cornell.edu/uscode/text/47/1002)

"18 U.S. Code § 2703 - Required disclosure of customer communications or
records

(a) Contents of Wire or Electronic Communications in Electronic Storage.— A
governmental entity may require the disclosure by a provider of electronic
communication service of the contents of a wire or electronic communication,
that is in electronic storage in an electronic communications system for one
hundred and eighty days or less, only pursuant to a warrant issued using the
procedures described in the Federal Rules of Criminal Procedure (or, in the
case of a State court, issued using State warrant procedures) by a court of
competent jurisdiction. A governmental entity may require the disclosure by a
provider of electronic communications services of the contents of a wire or
electronic communication that has been in electronic storage in an electronic
communications system for more than one hundred and eighty days by the means
available under subsection (b) of this section.

(b) Contents of Wire or Electronic Communications in a Remote Computing
Service.—

...

(c) Records Concerning Electronic Communication Service or Remote Computing
Service.

..."

[http://www.law.cornell.edu/uscode/text/18/2703](http://www.law.cornell.edu/uscode/text/18/2703)

~~~
declan
The first statute you're quoting, 47 USC 1002, was part of the 1994 CALEA
legislation. A basic principle of legal interpretation is that newer laws
trump old ones if that is clearly the legislative intent.

So if the 1997 ban-strong-crypto bill had been enacted, it would have
overriden that portion of CALEA -- effectively repealing it -- to the extent
it was in conflict.

Put another way, if Congress has the power to say X one year, they typically
have the power to say not(X) the next year.

~~~
xnull2guest
It would be interesting to see what a crypto ban would do if it were to
override CALEA and the Stored Communications Act. Where a key escrow solution
was previously required, a sudden ban on encryption would do what - force the
companies to change key sizes? Since companies are already required to give
plaintext access to communications and records (if they provide the security
themselves), what difference would a crypto-ban really achieve other than
removing the companies in question from knowing which records law enforcement
sought to access?

~~~
declan
Well, there is no U.S. law requiring key escrow. There are a very few laws
that impose escrow-like requirements on some sectors. If you're a financial
services firm you may be required to monitor employees' email, which makes
some forms of encryption tricky. And even the CALEA excerpt you quoted above
authorizes telecom carriers to provide secure end-to-end crypto (they wouldn't
have "the information necessary to decrypt the communication"). CALEA doesn't
apply to the tech firms HN knows and loves; they're not telecom carriers, a
term of art.

But putting all that aside for the moment, banning crypto without backdoors
would, at a minimum, create real difficulties for U.S. companies and require
many open source/free software projects to move overseas. It would also make
felons of many HN readers. That's no exaggeration; an ex-Mozilla fellow now
building the crypton.io framework wrote to me this evening saying: "That bill
would have made my work criminal."
[https://twitter.com/deezthugs/status/556678844120576000](https://twitter.com/deezthugs/status/556678844120576000)

To be clear, I don't believe the FBI|NSA|DOJ|DEA|DHS|CIA|etc. cadre of TLAs
are pushing for a ban on domestic crypto now. But they tend to take the long
view. Look very carefully at what _is_ eventually proposed. Is it a ban on
whole-disk encryption without backdoors? Would it extend to PCs? What about
open source projects and AOSP? Would mere possession of non-backdoored crypto
be a crime, or distribution, or commercial sale? Etc.

I view a lot of this as the Feds trying to pressure Apple and Google into
adopting an escrowed solution for encrypted devices -- without actually
enacting a law. Laws are public, subject to legal challenge (a federal appeals
court in the Junger case held there are 1A issues involved in a crypto ban),
and tend not to make it through Congress very quickly. But extralegal pressure
can be applied in secret, is not subject to legal challenge, and can happen
much sooner.

HN threads in the past have discussed some of these extralegal pressures that
can be brought to bear. Multi-billion dollar .gov contracts are a big one too.

~~~
xnull2guest
Thank you for the informative post.

By letter of the law, CALEA does not require key escrow. Do you believe that
in practice along with extralegal pressure in the manner described above, that
CALEA and associated laws amount to near ubiquitous key escrow?

~~~
declan
Nope. I think the opposite, in fact. But it's late in the SF area, and it's
time for me to go to sleep. Happy to resume this in the morning.

~~~
xnull2guest
Cheers for good sleep!

Do you believe that the USG can get access to nearly any telecommunication
record in close to real time for emergencies if it needs it, and to nearly any
telecommunication record history up to some amount of time later for
investigations? If you do not, could you defend this belief - it runs counter
to conventional wisdom.

Presuming you do believe that access to telecommunication records can be made
post hoc and/or on demand: do you believe this is because of weak crypto
(KASUMI, A/5, etc) or because there is no encryption for there to be escrowed
for large or critical parts of the infrastructure? Or is it something else?

~~~
declan
There are too many questions here crossing too many areas of the law to answer
in an HN comment; some of the language you're using includes legal terms of
art where the meaning is not necessarily intuitive. A blog post would be more
suitable and I can't take that much time away from my work on
[http://recent.io/](http://recent.io/)

But briefly: You should assume, as I've written in many places in the past,
that your records in the hands of the AT&T/VZ/etc. phone companies can easily
be accessed by TLAs. The NSA itself brags of a surveillance "partnership" with
those companies, as I wrote in this CNET piece:
[http://www.cnet.com/news/surveillance-partnership-between-
ns...](http://www.cnet.com/news/surveillance-partnership-between-nsa-and-
telcos-points-to-at-t-verizon/) In those cases, crypto has little to do with
it.

In this HN comment yesterday, I wrote here about some of the privacy
differences between our favorite Silicon Valley companies and AT&T/VZ/etc.:
[https://news.ycombinator.com/item?id=8902638](https://news.ycombinator.com/item?id=8902638)

~~~
xnull1guest
Thanks. From what I can tell you agree with:

> there is no encryption for there to be escrowed for large or critical parts
> of the infrastructure

That is to say that TLAs get access to records before encryption is ever
applied to them (I would tend to agree with this) thus obviating the need for
escrow. Laws requiring key escrow, then, become red herrings to the larger
discussion about the legality of access.

I personally would classify 'partnerships' under extralegal pressure. Under
this interpretation you do seem to agree with the GP comment - though I would
understand if one were to argue that for some important semantic reason I
asked the question with the wrong word. I would probably agree that
'partnerships' are only a strict subset and not synonyms for extralegal
pressure.

It does appear that there are partnerships with some digital corporations and
that PRISM is a program for corporations that resist 'partnered' access to
records. Given the history of telecoms and their development of partnerships,
current development of partnerships in our industry and known applications of
extralegal pressure in our industry, we ought to be especially watchful.

~~~
declan
Briefly: There has been plenty of misreporting about PRISM. I tried to correct
some of that in 2013 here: [http://www.cnet.com/news/no-evidence-of-nsas-
direct-access-t...](http://www.cnet.com/news/no-evidence-of-nsas-direct-
access-to-tech-companies/) (Note the Washington Post backed away from their
initial claims and rewrote its original PRISM story.)

~~~
xnull1guest
Thank you again for your reply. I am aware of the confusion regarding PRISM
and its 'vernacular' use to encompass the activities from other disclosed
programs in addition to confusion about its particular details.

In your haste I'm afraid you may have drafted a response that is not on the
topic of its parent, though this is okay since it appears the conversation
found a natural and agreeable conclusion.

------
chernevik
Could someone please post a comment or link on the state of constitutional
protection for strong encryption?

I think I've read that the courts have ruled that dissemination and use of
strong crypto algorithms is protected by the First Amendment, but I'm not sure
of that.

~~~
frostmatthew
_Bernstein v. United States_ [1] maybe?

[1]
[https://en.wikipedia.org/wiki/Bernstein_v._United_States](https://en.wikipedia.org/wiki/Bernstein_v._United_States)

~~~
tdaltonc
and Junger v.Daley

[http://en.wikipedia.org/wiki/Junger_v._Daley](http://en.wikipedia.org/wiki/Junger_v._Daley)

[http://www.jstor.org/discover/10.2307/1342657?sid=2110509888...](http://www.jstor.org/discover/10.2307/1342657?sid=21105098883821&uid=4&uid=2)

~~~
declan
This is the big one.

The late Peter Junger, who brought this case, was a principled civil
libertarian and law professor who deserves to be remembered for dealing the
final blow to the federal government's anti-encryption regime. He was the
first person to secure a precedential court decision that said this:

"Because computer source code is an expressive means for the exchange of
information and ideas about computer programming, we hold that it is protected
by the First Amendment." [http://caselaw.findlaw.com/us-6th-
circuit/1074126.html](http://caselaw.findlaw.com/us-6th-circuit/1074126.html)
(The 9th Circuit in _Bernstein_ didn't go that far, despite valiant efforts by
EFF, as I recall it.)

Peter was a computer tinkerer as well as a lawyer. He once did me the favor of
speaking to a class I taught at Case Western, and, in addition to discussing
his own encryption case, talked about setting up a mail server --I recall the
school let him place a colo'd box in one of their server rooms because he was
an emeritus. He also wrote an article called "You Can't Patent Software:
Patenting Software Is Wrong": [http://samsara-
blog.blogspot.com/](http://samsara-blog.blogspot.com/)

TLDR: One big reason why we haven't seen a proposed US law restricting mobile
device encryption today is because of what Peter Junger did in the 1990s.

~~~
chernevik
Thanks, all

------
rokhayakebe
Many are quick to jump and state that we should all have 100% privacy, and
that governments should not look into our communications. At the same time we
are asking for the government to protect us. Something like 9-11 happens and
we blame our national security officials. Something like the Boston Marathon
happens and we do the same.

At some point we have to choose: Natural Freedom or Societal Freedom, but we
cannot have both.

I for one believe that we should TRULY consider recording every message we
send/receive.

We should have a very high threshold for using these communications against
people, and making sure they can only be used for matters of the people's
security.

~~~
mhuffman
I am baffled as to why you think a criminal or terrorist would follow the
rules set forth by the US Congress and not use unbreakable encryption in their
communications. The only people that would be successfully watched would be
law-abiding engineers of products and law-abiding users of those products.

~~~
rokhayakebe
Certainly having the ability to read all messages is not built with the
intention that we will find a message from the chief of ISIS emailing his top
generals.

As a strategist, to disintegrate/infiltrate any terrorist cell, you will not
begin from the top and work your way down.

Every organization is more fragile at the bottom, hence you can expect someone
will make the mistake of using the system and leaking information, allowing
national security officials to work their way up from there.

~~~
mhuffman
So your theory is that we should all be spied on in the off chance some of the
low-hanging fruit in a hypothetical criminal organization simply makes a
mistake or goofs up enough to put it in the officials lap.

Working off that theory, why not just not spy on millions of innocent
civilians and let the criminal bunglers bungle anyway?

