A Complete Guide To The New 'Crypto Wars'

blottsie writes: The latest debate over encryption did not begin with a court order demanding Apple help the FBI unlock a dead terrorist's iPhone. The new "Crypto Wars," chronicled in a comprehensive timeline by Eric Geller of the Daily Dot, dates back to at least 2003, with the introduction of "Patriot Act II." The battle over privacy and personal security versus crime-fighting and national security has, however, become a mainstream debate in recent months. The timeline covers a wide-range of incidents where the U.S. and other allied governments have tried to restrict citizens' access to strong encryption. The timeline ends with the director of national intelligence blaming NSA whistleblower Edward Snowden for advancing the spread of user-friendly, widely available strong encryption.

Tech Companies Making It Public

[justcauseisjustthat]

It's fantastic that tech companies are fighting/discussing this in public, for too many years it been totally behind closed doors in secret meeting.

Re:Tech Companies Making It Public

[Xest]

I don't think it has, and the summary's 2003 date is rather fucking arbitrary. What about DVD Jon's case in 2002? What about the clipper chip fiasco in the mid 1990s?

This is a battle that's been going on very publicly since the dawn of digital cryptography.

Re:Tech Companies Making It Public

[ole_timer]

yes it was developed...https://en.wikipedia.org/wiki/Skipjack_(cipher)

Blame it on Snowden !?!?!?!

[PolygamousRanchKid+]

Oh, that's just grand. I would blame the governments, who through their spying actions wake up folks and make them aware that they now need encryption. Otherwise, some government jerk will be reading their email . . . with the intention of stalking.

Oh, can the government maybe blame Global Warming and the Zika Virus on Snowden, as well . . . ?

or Stupid decisions had previsible consequences

[Thanshin]

People are expected to learn at an age of around 4, that if you bite the kid next to you, he'll either bite you back or cry and make someone else punish you for the biting. Apparently, becoming a decision maker in the justice department, the FBI or the CIA, doesn't require having acquired such wisdom.

More seriously, though, the only realistic explanations to the imbecile behavior of American governance towards cryptography is probably a mix of a few lines of reasoning:
- "So what if my decisions of today have dire consequences in tomorrow's landscape? I won't be in power tomorrow, so I don't give a flying fuck."
- "I don't understand any technology beyond the automobile, and I really don't care. Just give me a way of invading privacy now and shut up."
- "So what if today's abuses of power make everyone use cryptography tomorrow? It will just be one more reason to abuse our power even more tomorrow. Everyone outside the 0.01% is a potential terrorist criminal revolutionary."

skipjack

[ole_timer]

The war over civilian use of crypto goes back to at least 1994 with skipjack...how quickly they forget

What's old is new again

[AntronArgaiv]

Or something. Crypto, by Stephen Levy, chronicles the first crypto war. Worth reading, for background, because this time, it's not "national security", it's kiddie porn and terrorists that are going to win if we don't give the Security Services the keys to everything. And, we should TOTALLY trust them to keep us safe.
Yeah, right.
http://www.stevenlevy.com/inde...

NSA should blame themselves

[MikeRT]

Had they stuck with assisting ICE, CPB and the Coast Guard, it would have been a ho hum revelation that they were feeding law enforcement active intelligence because those agencies are interdiction agencies that operate at or beyond the borders. It was when it was discovered that the NSA was going well beyond its mission and helping law enforcement in many other ways that the public started caring. It was all totally preventable. All the director had to do is issue a directive that they will not turn over any data to law enforcement operating within territorial boundaries except on national security cases.

Re:Crypto War

[jenningsthecat]

So how many of you so-called geniuses ( Wiley Coyote ) have even begun to look at cryptology and math, and started to try to develop a few methods not of the usual sort? Maybe if a few hundred new encrypton algorithms were to suddenly pop-up, the governments would be a bit behind the curve of breaking them... and thus the race will go to the prolific instead off to the analytic... AND how many of you have begun to encrypt as much as possible? Just to ensure a good work load for the nosy buggers? ( I want my government workers to be busy...)

Somebody obviously thinks you're trolling. I suspect you are too; but I also think you're making a valid, (if somewhat exaggerated and inflammatory), argument for diversity and original research in encryption. Probably a worthwhile percentage of Slashdot members are actually capable of undertaking the work you suggest.

Also, their IS more safety in numbers - if everybody used encryption, there would be a more even balance of power between the people, and the government that is nominally of, by, and for them. Government agencies can have secure, private communications; citizens have the right to the same capability, and at the same degree of effectiveness. In fact, citizens should have the ability to pierce the government veil a lot more than is currently the case - but that's a whole 'nother argument.

Re:Longer than that, internationally

[jmd]

Phil Zimmerman and pgp in 1991

https://en.wikipedia.org/wiki/Phil_Zimmermann

Re:Crypto War

[Lumpy]

they still have not broken XOR and a one time pad.

Pedantry

[StayFrosty]

I'm sick and tired of hearing about "The debate between privacy and security." It's total bullshit. It's pretty hard to have security online without privacy. It's not a balance of one versus the other, one depends on the other. The US Government argues my case all the time when bitching about how when Snowden breached the government's privacy, he adversely affected national security.

This brings me to my next piece of pedantry: I'm tired of hearing about "National Security Issues." Terrorism, ISIS/ISIL/Daesh/IS/Whatever, Al Qaeda, Home Grown Terrorists, Lone Wolves, the Boston Marathon Bombers, etc... do not threaten the territorial integrity of the United States. There is no invasion and there never will be. The government isn't in danger of collapse. Terrorism is a PUBLIC SAFETY concern. Stop pretending otherwise. If we do that though, who is going to keep the money flowing in to the military/industrial complex?

Re:Crypto War

[shawn2772]

So how many of you so-called geniuses ( Wiley Coyote ) have even begun to look at cryptology and math, and started to try to develop a few methods not of the usual sort?

Wrong approach. If you want to improve the state of crypto, you need to start by learning to break crypto. Anyone can invent an encryption method, but unless you have invested a serious amount of time and skull-sweat into breaking ciphers, whatever you create will suck, terribly.

Maybe if a few hundred new encrypton algorithms were to suddenly pop-up, the governments would be a bit behind the curve of breaking them.

Your plan would make the government's job much, much easier, because the methods that people tend to come up with are mostly very closely related, and tend to all be based on independent reinvention of old ideas for which well-known cracking methods exist. In addition, you're solving a non-problem. We already have very good encryption algorithms, with zero evidence that the government can break them. Snowden's data actually confirms that if you use modern encryption algorithms correctly and manage the keys well, the NSA can't read your data.

What we need is more research into ways to make encryption easier to use correctly, not another gazillion crappy ciphers.