[prev in list] [next in list] [prev in thread] [next in thread]
List: best-of-security
Subject: (fwd) Australia next to ban PGP
From: Julian Assange <proff () suburbia ! net>
Date: 1995-08-05 11:18:09
[Download RAW message or body]
Path: core.apana.org.au!yarrina.connect.com.au!warrane.connect.com.au!pta.pyramid.com.au!sword.eng.pyramid.com!gossip.pyramid.com!olivea!bug.rahul.net!a2i!infoseek.com!uunet!in1.uu.net!tank.news.pipex.net!pipex!sunsite.doc.ic.ac.uk!lyra.csx.cam.ac.uk!rja14
From: rja14@cl.cam.ac.uk (Ross Anderson)
Newsgroups: alt.security.pgp,alt,politics.datahighway,aus.legal,aus.net.news,sci.crypt
Subject: Australia next to ban PGP
Date: 1 Aug 1995 17:53:50 GMT
Organization: U of Cambridge Computer Lab, UK
Lines: 57
Message-ID: <3vlpne$cks@lyra.csx.cam.ac.uk>
NNTP-Posting-Host: nene.cl.cam.ac.uk
Xref: core.apana.org.au alt.security.pgp:1846 aus.legal:554 aus.net.news:266 sci.crypt:967
Australia's proposed crypto policy:
(1) Banks will get key escrow
(2) Other Australian residents will be forced to use weak crypto
Source: talk by Steve Orlowski, Assistant Director, Australian attorney
general's department, given at the Cryptography Policy and Algorithms
Conference, Queensland University of Technology, last month.
p 34: `the needs of the majority of users of the infrastructure for
privacy and smaller financial transactions can be met by lower
level encryption which could withstand a normal but not
sophisticated attack against it. Law enforcement agencies could
develop the capability to mount such sophisticated attacks.
Criminals who purchased the higher level encryption products
would immediately attract attention to themselves.'
He mentioned that his department considered itself a suitable repository
for the government central decrypting unit, which would decrypt traffic
for local police forces. He also wants to escrowed keys for banks and
other organisations allowed to use strong crypto.
Centralising the wiretap capability with the AG is represented as a useful
safeguard against abuse of power by local police forces. It would be
presented as a `data recovery' facility in order to reassure the voters.
Centralisation will enable the AG to acquire the capability to use ``more
sophisticated techniques in circumstances where the key cannot, for
whatever reason, be recovered from escrow''.
So the technical parameters would appear to be: 40 bit keys for the
masses, 56-bit escrowed keys for the banks, and a Wiener machine sitting
in Orlowski's office. Belt, braces and string.
Curiously enough, he quotes a `Review of long Term Cost Effectiveness
of Telecommunications Interception' as saying that ``Encryption by
targets of their communications (both voice and data) is not considered
as a problem for TI at present in Australia'' and goes on to say that
``there has been comparatively little market for voice encryption
products, although they have been readily available''.
He even produces some good arguments for the EFF, such as that much of
the intelligence comes from the call log data and from calls to third
parties such as airlines and hotels which are not encrypted.
He also says that the OECD countries will hold a meeting on National
Cryptography Policies later this year. While at the conference, I found
out that a classified meeting took place this March in Germany between
the signals intelligence agencies of the developed countries, plus
Australia and South Africa, at which the assembled spooks agreed to
press their governments to bring in escrow and/or weak crypto.
Australia seems rather eager to lick Uncle Sam's boots on this issue.
I wonder what the payoff was?
Ross
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic