Live from Austin!

I was enjoying some soft blue cheese on fresh French bread, thinking about algorithms, when I had a sudden revelation. I’ve implemented it as The NSA cheese test so you can enjoy it.

A US court has ruled that authorities cannot force people to incriminate themselves by divulging their encryption passwords.

This is in marked contrast to the UK, where the Regulation of Investigatory Powers Act (RIPA) makes it a crime to decline to hand over all your incriminating files if the police demand it. If the case doesn’t involve national security, you can be put in jail for two years. If it does, five years.

Of course, the authorities would only use that power if absolutely necessary to fight terrorism, right? Well, the first person to fall afoul of section III of RIPA was an animal rights protester. She claims she didn’t have any encrypted files.

Got any old encrypted e-mails for which you no longer have the key? The RIPA has no limit, they can demand keys for files years old. Lost or forgotten the key? Someone sent you something encrypted with the wrong key? Off to jail you go.

Why are people releasing new hard drive designs that use 40 bit DES encryption? A 600MHz Celeron can crack that in a weekend. Sheesh.

I was writing the other day about how politicians who are in opposition will speak out against something they agree with because they feel they have to, because it’s their job as the opposition; once they get into power, they’ll make a 180 degree turn and do the exact thing they denounced. Therefore the only way to predict a politician’s actual behavior is to examine his past voting record when in power, and completely ignore anything said when campaigning. Case in point:

There is a concern that the Internet could be used to commit crimes and that advanced encryption could disguise such activity. However, we do not provide the government with phone jacks outside our homes for unlimited wiretaps. Why, then, should we grant government the Orwellian capability to listen at will and in real time to our communications across the Web?

The protections of the Fourth Amendment are clear. The right to protection from unlawful searches is an indivisible American value. Two hundred years of court decisions have stood in defense of this fundamental right. The state’s interest in effective crime-fighting should never vitiate the citizens’ Bill of Rights. […]

The administration’s interest in all e-mail is a wholly unhealthy precedent, especially given this administration’s track record on FBI files and IRS snooping. Every medium by which people communicate can be subject to exploitation by those with illegal intentions. Nevertheless, this is no reason to hand Big Brother the keys to unlock our e-mail diaries, open our ATM records, read our medical records, or translate our international communications.

—John Ashcroft, October 1997.

The government is discussing a massive crackdown on use of encryption software.

Well, this is the most interesting thing I’ve heard about in a while: someone’s come up with a provably unbreakable encryption scheme that’s actually practical to implement.

There’s an article in the New York Times about it; basically, the scheme goes as follows:

• Someone sets up a satellite to generate a stream of truly random numbers, synchronized to some appropriate time code.

• The sender and recipient exchange a secret using an existing public-key encryption scheme, or using some other secure channel. The secret is a time code value.

• At the pre-arranged time, the sender uses the random number stream from the satellite to encrypt the data, and the recipient temporarily caches the same chunk of random data in RAM.

• When the recipient receives the encrypted message, he decrypts it with the cached data, then throws that data away.

What makes the system unbreakable is that unless you know the secret before the message is sent, you don’t know what part of the random number stream is going to be used—and it’s infeasible to store the entire stream indefinitely. What’s more, once the message has been decrypted, neither the sender nor the recipient has the means to decrypt it again.

The NYT article has some dismissive comments from people like Bruce Schneier, pointing out that even with breakable cryptography, there’s usually an easier way to get the data. But I think this new development is still valuable, because it’s a workable system of “rubber hose resistant cryptography”. That is, it’s a system where you can’t force the recipient to divulge the key and decrypt the message, because he provably can’t do it.

With today’s cryptosystems, if you log all a person’s messages over the course of years you can potentially one day get access to all of them—either by obtaining the single key used, or by breaking the cipher. This new system is equivalent to one-time pad, which is known to be unbreakable, and there’s no way to get access to messages after the fact.

I wonder how long it’ll be before someone sets up an implementation of this? Perhaps the NSA already use it…