[107293] in Cypherpunks
Re: Suggestion for Public Echelon counter-measures
daemon@ATHENA.MIT.EDU (Anonymous)
Fri Jan 8 20:55:29 1999
Date: Sat, 9 Jan 1999 02:30:10 +0100
From: Anonymous <nobody@replay.com>
To: jei@zor.hut.fi, cypherpunks@toad.com, ukcrypto@maillist.ox.ac.uk
Reply-To: Anonymous <nobody@replay.com>
> HOW TO COUNTER AND RENDER THE ECHELON OVERSIGTH SYSTEM USELESS:
>
> Everyone, from this day on:
>
> [various measures to introduce annoyance messages into the system]
This has been proposed several times, under various names. A CP archive search
for "tagomatic" may produce relevant results.
The problem in creating such a system is that it has to do more than simply
generate many messages, calls, etc. with "flagged" keywords; it must actually
produce a very, very large volume of messages which it is not feasible to make
computers distinguish from something which would really interest the
intelligence community. I think AI came up in the tagomatic thread, but even a
fancy cutting-edge AI-based scheme may not work.
You have to discard the assumption that SIGINT agencies could not change
ECHELON to ignore annoyance messages. Any solution to the problems ECHELON
makes involving flooding the intercept bin with false alarms is going to have
to use very tricky methods to do so. Better solutions might involve emptying
the intercept bin of valid alarms by, say, applying crypto or ending the whole
travesty with some sort of political miracle. Not that that's any easier.
Also, the assumption that millions of people will join your effort seems kinda
absurd.
It would be great if everyone would send files full of cryptographically random
bits to each other, though. Makes stego unnecessary when everything looks like
encrypted data. Note that that was merely a lame joke, not a proposal.
...
> (Seriously, I can't think of any other effective way to fight back, since
> all the commercially available and used encryption is going to be
> practically useless.)
Driftnet wiretaps and cryptanalytic work are distinct fields, and, unless the
latter is more dazzling than we suspect, I don't see the two combining. Over
the past twenty years, the DEA of DES fame has undergone lots of analysis by
lots of people. No public cryptanalytic result has even come close to breaking
the cipher to the point that it would be imaginable that the analysis would
subject encrypted traffic to driftnet wiretaps. Although SIGINT agencies
obviously have more cryptographic muscle than the academic community, you can't
say with confidence that the gap has grown so much that a well-written package
using a conservatively chosen set of cryptosystems and security parameters is
going to be "practically useless."
Not to say that anybody is confident that crypto is utterly unbreakable to
SIGINT agencies -- it's just not that breakable, so to speak. There are many
requirements for secure cryptosystem implementations, and not all of them are
always met. Maybe the hard problems aren't hard enough. Maybe the random
numbers aren't random enough. Maybe it's easy to aim a camera at a keyboard.
But some of the flaws, while valuable when aiming at one embassy, one remailer,
one suspected terrorist, etc., don't open the door to spying on all of the
crypto users all of the time, and other flaws are only of theoretical
importance -- something to avoid in your cryptosystems, but nothing that will
give you a crack at other ones.
>
> ++ J
