On Fri, Sep 17, 1999 at 11:05:37AM -0400, Russell Nelson wrote:
> What's the difference between that, and someone claiming that a
> certain piece of text decrypts to a sinister message?
>
> Seems to me like the best defense against that is mass-market crypto.
> Because if the TLA claims that something decrypts to something, and I
> can use the mass-market crypto to have it decrypt to something else,
> the TLA has a credibility problem.
>
> Or is this not why you're scared?
What scares me is the possibility that there won't even be an argument
about whether or not a particular clump of ciphertext decodes to a
particular bit of plaintext because I don't think it'll be possible to
cross-examine prosecution witnesses about the way that they came into
possession of what's purported to be plaintext. They won't need to say
how they came into possession of the plaintext, because that would
reveal their methods - if you know what ciphertext they used (especially
if you're seeing it as an email message (perhaps with Received lines
intact), or as the output of tcpdump) you probably know how it was
intercepted, and that's something they want to keep secret.
The scenario I'm concerned about is a simple swearing/credibility
contest - the prosecution witness asserts that the defendant was the
author of a particular (plaintext) communication which is either a
crime, or admits to committing a crime. The defense can now choose
between offering no response, or having the defendant deny authoring the
communication (under oath, waiving their right against
self-incrimination, including related to collateral matters). The
defense won't have a meaningful opporunity to question the technical
correctness nor the constitutional/legal appropriateness of the access
to the text, because it's not possible to meaningfully explore those
issues without revealing the government's methods.
It's difficult to imagine that the Clinton administration, in light of
recent weeks' revelation about misconduct, hidden information, and
perjury which occurred regarding the conduct of federal law enforcement
officers at Waco, is proposing new legislation which limits instead of
expanding access to information about law enforcement techniques and
behavior. It's likely that a number of criminal convictions were
obtained against the survivors of the burned church building because of
the information which was hidden from the defense and the jury by
prosecutors and law enforcement agencies. That information is now coming
to light as a consequence of a later, civil suit regarding the burning
.. but would we ever have learned it if a statute prohibiting disclosure
of law enforcement methods were in effect? The current CESA draft only
applies to law enforcement methods used to gain access to electronic
information - but if the public swallows that bitter pill, we should
expect it to spread to a general prohibition about questioning the
tactics of the government in all venues.
--
Greg Broiles
[EMAIL PROTECTED]
