Linux Today: Linux News On Internet Time.

GNU-Darwin authentication and encryption position paper

Sep 15, 2001, 12:02 (24 Talkback[s])
(Other stories by DR. Michael L. Love)

[ Thanks to proclus for this link. ]

"...Policy makers might be tempted to enforce a top-down encryption and authentication scheme which includes back doors for various parties. Such measures may receive strong backing from certain vendors of proprietary encryption solutions and web commerce interests, because they stand to benefit from an exclusive government contract. Such a proprietary lock-out would lead to a disastrous outcome in wartime, because back doors will certainly be found and exploited by our enemies leading to unnecessary loss of life. Moreover, a uniform encryption scheme leaves the US with far greater vulnerability, when the scheme is inevitably broken by our enemies. Monolithic authentication schemes are clearly not the answer, whereas broad based diversity is a part of America's strength. Americans must be free to make their own choices about encryption and authentication software, especially now that we are all coming together for a common purpose.

Strong encryption can present certain problems for law enforcement and national security agents, but good citizens will immediately turn their encryption keys over to government agents in order to aid investigation in the event that foul play is suspected. If they do not divulge their keys, then the government may pursue a warrant and demand that the keys be made available. It may be necessary to give such warrants additional legal force, by adding penalties for those who do not comply with them. Moreover, certain government agencies should be provided with additional funding so that they can use world class computers and cryptology in order to break the encryption devices of our enemies. This approach will quickly lead to dramatic improvements in the existing cryptographic software, especially for the widely available free software encryption programs, which are benefited by the open source development dynamic. We would suggest that this compromise is in the best interest of our freedom and national security during wartime preparations.

All US citizens should immediately start open-signing their email messages as a voluntary act of patriotic duty. In addition, any information which would assist our terrorist enemies should be encrypted as a matter of course. Let's use this powerful software to help us win the war against terrorism."

Complete Story

Related Stories: