Opinions Regarding Government Cryptographic Control

Editing and Commentary by Michael Lee (ownership notes)


  1. Introduction
  2. A Tally of Students' Responses
  3. Those Favoring the Ban
  4. Key Escrow Supporters, and Trust
  5. "If crypto is outlawed, only outlaws will have crypto."
  6. Those Opposing the Ban
  7. People Outside the Class
  8. Conclusion
  9. Copyright and Ownership Notice

1. Introduction

The original idea for this document was sparked by 67 students' answers to a homework problem in UCSB's CS177: Computer Security and Privacy. As the grader for that class, I was able to see what computer-savvy people (or more accurately, computer science students with an interest in computer security) thought. In this case, the homework problem came from Matt Bishop's Computer Security: Art and Science:
Please argue for or against the following proposition: Ciphers that the government cannot cryptanalyze should be outlawed. How would your argument change if such ciphers could be used provided that the users registered the key with the government?
Plaintext words are my own. The boldface text was originally written by students. Assume mistakes not denoted with [sic] are my own.

2. A Tally of Students' Responses

Would you agree to a ban on ciphers
the government cannot cryptanalyze?
Yes  24
No    37
Depends    4
No answer    2
Would you agree to allowing such ciphers,
but requiring key registration with the government?
Yes  25
No    29
Depends    3
No answer    10

3. Those Favoring the Ban

"With the recent terrorist attacks, it seems reasonable for the government to be able to cryptanalyze all types of enciphered data... The government's ability to access all such data may possibly yield clues to the future plans of terrorist groups."
... and ...
"If a radical group is using some complex system to send messages to other members the government should be able to read these messages if they probably cause [sic] to do so."
This was the most popular reason used in support of the proposition. If I was planning on destroying a nation, I would not feel bound by its laws. I would use strong cryptography regardless of any law passed. This sentiment is shared by others.

If the government needed access to some law-abiding citizens' encrypted data, there are already legal means through which the government could subpoena the key to recover the data. Thus, strong cryptography doesn't let law-abiding citizens hurt the government, and a ban would not help the government against criminals.

There is the notion that if everyone used weak cryptography except the criminals, then the data of criminals would be easy to detect. This is absolutely untrue. As CS 177 teaches you, there are plenty of ways to hide information through covert channels. There are even methods of image steganography which are effectively impossible to detect because the method does not change the statistical properties of the carrying data. Even if strong crypto were used in the open, it would be impossible for the government to monitor all data streams and probe them for strongly-encrypted data.
"Ciphers that could not be cryptanalyzed by the government should be banned. ... This is necessary in todays [sic] hostile high tech enviroment [sic] to ensure the safety everyone as a whole [sic]."
This misses the point of cryptography completely. The tech environment is hostile, and so we need better security through strong crypto, not worse security.
"The harms that this 'weapon' could cause greatly outweighs [sic] the benefits that these ciphers could potential [sic] bring to the government."
This is an important issue. Cryptography is what is known as a dual-use tool. It can be used for good, or for harm. Guns can be used in senseless murder, or be used by properly trained people in self defense or law enforcement. Hammers are useful tools, yet they can certainly be used to hurt intentionally. Rootkits can be used to break into systems illegally, yet system administrators use them legitimately to test their own systems' security. It makes no sense to outlaw a tool simply because it may be used for harm. See also this opinion.

Additionally, strong ciphers are not meant to benefit only the government. They are meant to increase privacy for everyone who might need it.
"People desire to have protection and security, so they should be willing to give up some privacy in order to ensure that security and protection [sic]."
This is certainly true. For example, most people agree to the possibility of having their bags searched before boarding an airplane. It is a loss of privacy with the aim of increasing security. However, there is little evidence that a ban on strong crypto will increase security, yet it will most definitely decrease our privacy.
"I can't imagine what personal info can be so secret that even the government may not know. If nothing is done wrong, then there shouldn't be something to hide."
There is a question of whether or not to trust governments. Think about the American Revolution: the birth of this country through open rebellion against a government our founding fathers thought was unfair. Think about Jews, gypsies, homosexuals, and others living in Germany during the Holocaust. Certainly, there are times in which secrecy from a government is crucial. See also this.

Assuming that every government in the world is perfect, there would still be the problem of other cryptanalysis entities. Banning strong crypto not only opens up security to the government, it opens up security to everyone else who can cryptanalyze.
"Some people may believe that this 'violation of privacy' by the government, or 'big brother', will cause horrible repercussions. However, on the ninth day of September in the year two thousand and one, anno domini, we witnessed the horrible repercussions that can occur when 'big brother' fails to watch our backs."
There are plenty of clues that our government and law enforcement agencies had about the 9/11 attacks, but ignored or missed completely. I am not saying "shame on the government" for missing clues that are only so obvious in hindsight, but rather that our government is already collecting a lot of information. It is the effective processing of this existing information that should be focused on, not the mad scrambling for more information at the cost of Constitutional rights.

4. Key Escrow Supporters, and Trust

"If the keys were given to the government, my answer would change. As lone [sic] as there is some way for monitoring to take place, ... the government should be allowed to know how to decode a message."
Oversight is almost impossible. For example, the Carnivore system, or DCS1000, is little more than a packet capture and filter tool, yet it caused great concern among not only civil rights groups, but also Congress. The FBI continually opposed public disclosure of the system's details. It was then shown to capture more than it was intended to, thus breaking wiretap laws. Now we're not talking about a system that would just be used to listen to communications where it was installed, but one which would have access to all encrypted data flowing throughout the country.
"The government can be trusted and it is assumed that it won't leak your key to any other person."
The first statement is a matter of opinion and culture/background. There are countries where the government is blindly assumed to be trustworthy. There are countries where it is illegal to say anything bad about the government.

As governments consist of people, they are prone to error and being influenced by others. While I believe that the US government is good in general, recent legislation being considered and passed into law has convinced me to not trust the government with my data. Again, this is opinion. See also here.

However, the second statement has nothing to do with opinion. Even if it were naively assumed that the government and its agents were incorruptible and generally perfect, their systems may not be. It has been shown that introducing key escrow into any cryptographic infrastructure opens its security up to a number of serious problems. The only way that I can guarantee that the government cannot leak my key is if the government doesn't have it to begin with.
"The government needs to guarantee that those keys will be protected from unauthorized access, or the ciphers no longer provide any security."

"As long as no other malicious user can break my cipher, its [sic] ok."

"This just now means that most no one else could break your code except for the government."
Such a guarantee simply cannot be made.
"If you are protecting yourself, well then, you could be protecting yourself from your government because it is run by humans and humans are corruptible.

5. "If crypto is outlawed, only outlaws will have crypto."

"Although one may argue that enemies of United States could use ciphers that the government cannot cryptanalyze to transfer potention hazard information [sic], but terrorist are [sic] not going to register with the government either way."

"Say strong ciphers were banned, who cares, the bad guys will still use them. This defeats the protection that would be afforded by such measures. Such a measure also makes legitimate cryptography a formality. Since ciphers would be weak enough for the goverment [sic] to break, so could ordinary people with sufficient power (which is easier to come across these days)."

"It seems if the ciphers exist, they will be used. FUD and obscurity of their existence will delay their use, but they will eventually appear. Its [sic] then better to be aware and informed, and thus be on equal footing with the abusers of such ciphers."

"The rationale of such proposition is to enable the government to intercept the communication of criminals and terrorists, for the good of the public. However, it is precisely those people who would ignore the law. there's no deterrence effect."

6. Those Opposing the Ban

"In this country of ours, speech is free. If I want to encode a message to another country, that should be my own business. ... If I give the key to the government, it could get into the wrong hands, or be abused. Citizens of this nation should NOT be under the watch of the government 24/7."
... and ...
"If a locksmith designed a lock that could not be opened by the FBI, should he be charged to go to jail? No. A cipher is just a lock on information, no matter waht the content of information it is trying to lock, it is just a lock. Imagine that a police officer says to a shopkeeper "you are running illegal business because we can not open your door", how silly does that sound?"
Cryptography not only falls under the First Amendment in the Bill of Rights but also the Fourth.
"Registering the keys with the government is highly dangerous. It becomes a honey pot for hackers to go after."
That's certainly one of the many risks of key escrow.
"What should be regulated is how you can use them. For example encrypting secure data and sending it to China should be illegal, not because of the encryption method, but for the fact that the data itself is being used illegally (espionage)."
See above for a discussion of dual-use tools.
"If someone obtains the list of ciphers that the government can solve, then they basically have the access to all the ciphers that United States could potentially use!! Furthermore if the government restricts the kind of ciphers that could be used, then the ciphers used by everyone would not be as advanced and difficult to solve."
With an explicit allow list, our enemies only have to focus on attacking a limited number of weak ciphers. With an explicit deny list, users can bypass the provision by inventing new secure schemes, or changing old ones trivially and then renaming them. When Napster was shut down, there was Gnutella, Kazaa, and countless others waiting to fill the niche. To outlaw strong crypto is to ignore both science and reality.
"First of all, this would mean that our private cryptography advancements will be limited to how advanced the government has become and cryptanalyzing. However, this will not stop foreign enimies [sic] from developing much better ciphers. So the possibility exists that the only useful ciphers will be the ones our enimies [sic] use. Also, who is to say that other countries aren't as good at cryptanalyzing as our goverment [sic]? By limiting our own ciphers we may be allowing other foreign goverments [sic] to steal our private data."
... and ...
"One of the goals of cryptography is to develop schemes that cannot be cryptanalyze [sic] and the other is to cryptanalyze it. If the government outlaws this type of encryption schemes [sic] it will hinder the progress of cryptography and it would just force its development overseas."
This is a good point. You cannot ignore the fact that laws can and have been pushing away legitimate security research.

7. People Outside the Class

Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.
-- Ben Franklin, November 11, 1755

Experience teaches us to be most on our guard to protect liberty when the government's purposes are beneficent.
-- Justice Louis D. Brandeis, Opinion in Olmstead vs. U.S., 1928

Are we at last brought to such humiliating and debasing degradation that we cannot be trusted with arms for our own defense? ... If our defense be the real object of having those arms, in whose hands can they be trusted with more propriety, or equal safety to us, as in our own hands?
-- Patrick Henry, Debates in the Several State Conventions 45, 2nd ed., Philadelphia, 1836

My greatest fear is that too many members of the public will embrace the government's call to give up some freedom in return for greater safety, only to find that they have lost freedom without gaining safety.
-- ACLU President Nadine Strossen, Reason, December, 2001

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
-- Amendment IV, United States Bill of Rights

1. Creativity and innovation always builds on the past.
2. The past always tries to control the creativity that builds on it.
3. Free societies enable the future by limiting the past.
4. Ours is less and less a free society.
-- Lawrence Lessig, OSCON 2002 Keynote

That's what Americans do now. They're always willing to trade away a little of their freedom in exchange for the feeling, the illusion of security.
-- George Carlin, You Are All Diseased

Every tool is a weapon if you hold it right.
-- Ani DiFranco, My I.Q.

and many, many more...

8. Conclusion

Now I've presented my views on the importance of strong cryptography and the ineffectiveness of banning it, especially for security reasons. While different people may have different beliefs about the role that government should play in their lives, and may value their freedoms differently, it is hard to show how any government control of cryptogarphy would have any benefit.

Those with an interest in these issues should listen to Lessig's OSCON keynote address. While it doesn't deal with cryptography, it deals with technology, the freedom to use technology, and the impact of government legislation upon this freedom. The presentation is encoded in Flash and mirrored here.

9. Ownership

Quotations in sections three through six come from students in the Fall 2002 session of CS177 at UCSB. I have not listed names of students for privacy reasons as this is a controversial topic, and one purpose of this document is to be a learning aid while class is still in session. If you see your work here and want to be credited with your name and/or e-mail address, contact me. If you want to know the source of one of these quotes, contact me.

My goal here is not to belittle any of the students' opinions, nor to profit from their works without giving credit, but rather to use their responses to fuel a discussion about cryptography.