The National Security Agency has proposed that ALL encryption be
done with devices designed by them, the internal workings of which will be
not be divulged. They apparently didn't like the public debate on the last
voluntary standard (for which SOME details were published), centering on
whether it had been designed to allow them to easily read "private"
communications. If this doesn't bother you, consider what your reaction would be
to the U.S. Postal service ( which already  has a legal monopoly on carrying
mail) proposing that, for effiency, only it could provide envelopes and these
envelopes could only be sealed and opened by postal service employees.

	In an unrelated (?) item, the Supreme Court has upheld a Georgia
anti-sodomy law with (apparently, I just heard it on the radio) wording that
suggests a repudiation of the "consenting adults" standard for sexual behavior.
This may signal a return to the days of an F.B.I. man under every bed, or it
may just mean they want a few more possible charges to nail dissenters with.

	As an upbeat ending, maybe we should look at all this as a business
opportunity. In preparation for the next video-game downturn, we should start
our design for a telescreen, so we'll be ready when they ask for bids. Remember,
1984 isn't in the past, it's just a few years late.

				Watch your back,
				Mike

Our right to privacy in this country is a great thing and should be
protected by our courts.  The police squads that violate our privacy
by busting down doors have no place in America, and I wish we could
jail those (you've read about them in the papers) instead of just
slapping their hands and letting them do it again.  It seems some
police just can't handle victim-less crimes.

There is a place for door-busting in the case of some violent crimes,
and I hope for our sakes that the police can use whatever force is
appropriate in those cases, and be commended for their courage instead
of harrassed by those with 20/20 hindsight.  It seems to me that our
society is giving more support and consideration to those among us
who directly or indirectly are serving to thin out our population.
What with our fears of over-population and opposing socio-economic
groups, maybe we subconciously desire to wipe out each other.  It
doesn't seem too healthy to me especially in a country that has the
power to exterminate the world, so I hope I'm way off base.

By the way, about a month ago there was an article in the Mercury that
related some findings in a major medical establishment researching
AIDS.  One of the researchers did contract AIDS through careless
handling, and it was found that the AIDS virus could survive five DAYS
on a countertop outside of a "bodily fliud" and could survive over
three hours in hot water (but of course everyone knows you can't get
AIDS in a hot tub).

I am concerned that AIDS may become a very big problem, and while it's
very sad for those affected by it, I think it would be sadder still
not to protect the right to life of our next generation.

...no, I did not vote for Reagan...

	I'm ALMOST sorry I said anything. I'm also amused (and a bit
disapointed) that all the debate centers on only ONE of the two items I
mentioned. While I certainly don't want the FBI under my bed, I am equally
opposed to them reading my mail. A case could be made that the sex laws are
more odious because while there is SOME probability of anarchist bombers being
caught by reading all mail (before they blow up the bus full of handicapped
kids), there is virtually ZERO probability that a morals bust will have any
positive effect on the population (or any effect whatever, other than on the
principals and the already clogged courts). These comparisons of relative danger
should not obscure the basic idea that ALL strengthening of government "right to
know" versus personal "right to privacy" is very dangerous and should be very
carefully watched. There are also those who maintain that child molesters have
a right to privacy from intervention, so it IS possible to go too far. A clear
sense of when "the people" means US (common public), or THEM (institutionalized
government), or nothing but a campaign slogan, is needed. In short, it depends
whose ox is gored. Anyway, my real reason for this second note is to object to
Lew Harp's "only in America...". You must be kidding, Lew. The ruler's "right"
to dictate and inspect the commoner's life is older than history, and the debate
about when and how it is REALLY needed is very little younger. The whole idea
that we, as the governed, have anything at all to say about our privacy is
only about as old as the Magna Carta, which nonetheless pre-dates America by
a few hundred years.
	One last soapbox stand: "Qui Tacit, Consentit" (Who remains silent,
consents). I know there aren't often that many desireable candidates, but there
are PLENTY of undesireable ones. Vote early and often!
					Mike

I agree that the NSA's attempt to control cryptography is creepy as
well.  Can you imagine being sentenced to jail for possession of unauthorized
encryption software or of a message that the government can't read?
We're getting more and more like Russia every day.

Max

It is curious that the NSA wants all encryption be done with their
devices since their charter(?) only allows them to monitor communications
that are not internal to the United States.  They are trying to pull a
fast one just like the Supreme Court. Speaking of which, their anti-
sodomy, anti-fornication, anti-adultery ruling could clearly set the
ground work to hassle just about anybody.  Only married couples engaging
in non-sodomic relations have a fundamental right to such behavior
(according to the court) which implies that marriage creates the 
fundamental right of non-sodomic behavior and that divorce destroys it.
But since at least some of these laws have not been enforced for
hundreds of years the ruler's right to enforce these laws has been waived.
So the debate is ended and I'm sure the Supreme Court will change their
ways soon.
                                     Lieu

	With regard to the following, from Mike:


From:	KIM::ALBAUGH      "Dr. Bizarro"  1-JUL-1986 12:36:40.85
To:	@SYS$MAIL:JUNK
CC:	
Subj:	Getting Technical

	About the only thing I would flat reject of Steve's message is the
notion that "they" (the courts) are very concerned these days with the
rught to choice, presumed innocence, etc (unless we means the are concerned
with stamping them out...), but I did hope to stimulate some Cryptography
related discussion. Such discussion is, by nature, pretty technical, so
I'd like to get off the junk list and only direct it to those of a similar
technical mind. SO... If any of you would like to keep this up, please let
me know, and I'll generate a CRYPTO mailing list, not limitted to this
particular issue, but generally encompassing cryptography, cryptanalysis,
and other security-related (national and commercial) issues. Please excuse
the typos above, I haven't eaten yet and have had too much coffee...?

					Mike

Albaugh's suggestion to generate a crypto mailing list is a good one (in my
opinion) in light of the possibility that certain past and present members
of the NSA have created video games (this is a totally fictional rumor) that
frankly (between you and me), were not that impressive. A few people spending
a little time on such matters could possibly lead to a whole new government
agency with its own UNLIMITED BUDGET! In other unrelated matters, I'm sure
there must be somewhere else where certain judges have outlawed certain 
private acts that certain state officials have claimed spread certain health
hazards that certain studies have shown not to be related to those certain
private acts and where all of this does bear some resemblence to reality but
then again maybe I'm not sure.
                                            Lieu

From:	KIM::ALBAUGH      "Dr. Bizarro"  1-JUL-1986 15:40
To:	@DR1:[ALBAUGH]CRYPT.DIS
Subj:	Cryptic Answers

	So far We have only 4 interested parties, so the "distribution list"
will be kim::sys$userdisk:[albaugh]crypto.dis, rather than bugging Steph to
add yet another list. Anyway, Steve asked what, other than hurt feelings,
would motivate NSA to hide details of the new system and felt that they were
being reasonable, if not totally selfless. He also felt that anything short of
a legal monopoly would be relatively harmless and that said legal monopoly
would be not bloody likely. Please correct me, Steve, if I have distorted your
position. My reply to those points follows:
	The crux of the heat they got on DES (the last one) was that by
witholding certain design details (namely the rationale for the choice of
"s-boxes"), they made it impossible for independent researchers to verify the
security of the system. There was also some question as to why the original IBM
proposal for a 64 bit key was weakened to a 56 bit key at NSA's demand. The
(perhaps paranoid) contention of some top cryptographers was that the DES was
actually designed to be broken by the NSA, to provide them access to private
communications. Even those who trusted the NSA not to read their mail were not
to keen on having "trapdoors" in the system which might be fortuitously
discovered by the Russians (or worse, their business rivals). It is axiomatic
in cryptography that any system that depends for its security on concealment of
the ALGORITHM, rather than the KEY is fatally flawed (Check out any of the
several books on the German Enigma). In this case the NSA, to its credit, did
"publish" the algorithm, but only to American Citizens (I have a copy,
somewhere in my files). Anybody who thinks that the laws against its
disemination to foreign nationals slowed the Russians down by more than 5
minutes may now leave the discussion. The Brouhaha came about when several
independent cryptographers questioned the above mentioned weaknesses and were
quite harshly shut up. No rubber hoses or black Mercedes, just Visa revocations
and threats of prosecution under the official secrets act. (please no questions
about Master-Card). In any case it was the REACTION to reasonable questioning
that provoked the paranoia. Something along the lines of "If they have nothing
to hide, how come they're so jumpy?" The problem with the new proposal is
similar. If they are unwilling to discuss even the algorithm, then the study
needed to assure its security CANNOT be made. This is a similar problem to the
one MIS managers have with having to trust programs without access to the
sources. We live with it, for the most part, but I don't think anybody likes
it. And I bet NO bank has such a setup for running its instant tellers. There
is also the point that the Russians, should they desire, could again almost
certainly "peel" one of the chips and be in a better position than a loyal
American to read your mail. Well, that was a long one... Next point:
	Without quibbling about the current courtroom climate, I submit that
no legal monoploy is required to force acceptance of the new standard. If the
NSA can get the Federal Reserve to use its new scheme, then member banks will
have to support it. Having already "bought" the NSA scheme, they are not likely
to want to pay extra for another, especially when a) their competitors aren't
spending that money, b)such action would be dimly viewed by Washington, as
obstructionism, and c)their competitors aren't being obstructionists. The
world of business/government runs on favors and "not rocking the boat". I
do want to quibble a little with the "likelihood" argument by pointing out
that the IRS gets most Americans to spend several hours and/or hundreds of
dollars on filling out a self-incriminating (see 5th amendment) document
every year. They do this primarily by threats, rather than actually dragging
very many people out of their houses and into court (where the IRS often loses).

	I do expect some lively comment on the above, but Chris Downend had
a more technical (rather than political) question, to wit:

	What ever happened to the Public-key system? Did it go away cause
	Uncle Sam didn't like it? or did it go away cause the inventors
	tried to make a buck on it rather than put it in the public domain?

	The answer is that it didn't go away. It SEEMS to be more secure
than private key systems, or rather just as secure and less prone to key-
distribution problems. Unfortunately, it is inherently computation intensive
and therefore more expensive. While there are DES chips on the market (in about
the $20 range, I think) the only public-key chip was still in development last
I heard. Some DES hardware is fast enough to place in a disk channel, whereas
the RSA (public key) chip is HOPING for 9600 bits per second. RSA, by the way
stands for Rivest, Shamir, Adelman (not sure of spellings). These three proposed
and patented the most widely known public key system, although the IDEA of
public key systems has (I think) first proposed by Diffie and Hellman. I know
of at least two other schemes, although one has been compromised (Merkle's
Trap-door knapsack), and the other is a minor variation on RSA (used by GCC
in the Atari 7800) whose major merit is it sneaks by an oversight in the RSA
patent and avoids royalty payments. Anyway, Uncle Sam's dislike for public
key systems has less to do with their success/failure than pure economics does.
The reason you don't hear much about them is partly because after the NSA
got Hellman et al to shut up, cryptography in general ceased to be very
newsworthy. In technical circles, the hot setup nowadays is to use some private
key system (often a variant of DES) for the bulk transfers and a public-key
system for distributing the private keys. It is interesting to note that at
least one system, UNIX(tm) uses a DES-like scheme, but deliberately avoids
using DES verbatim, precisely because the wide availability of DES chips makes
it easier to construct a "brute force" code-cracker, provided the cyphertext is
known to have created by DES.

	I realize that was quite a bit to read through, so now I'll shut up for
at least a day and collect some of YOUR thoughts.
					Mike

From:	KIM::DOWNEND       2-JUL-1986 15:33
To:	@KIM::SYS$USERDISK:[ALBAUGH]CRYPTO.DIS
Subj:	Privacy

Should we encrypt messages sent on crypto.dis to protect ourselves from
subversives?
		-Crispy 

	I just read that the NSA is planning to "de-certify" DES as of the
end of next year. This presumably means that they will no longer state
that "it has adequate security for non-military communications for the
forseeable future". They have not set a time for when the new proposed
standard will be available. Incidentally, one of the reasons they gave
for abandoning DES is that it has become so widespread that an attack
on it would be VERY fruitful, therefore such an attack is more likely
than one on a less often used system. In other words, DES is no good
because too many of you used it because it was so good. Not so incidentally,
this was also one of the arguments put forth by the opponents of DES
when it was under consideration, namely, that any system proposed for
widespread use MUST be more secure than normal, simply because there
is a correspondingly greater incentive to break it. At the time the NSA
said this was nonsense.
				Mike

	We have a hard enough time upgrading versions of VMS which are
supposed to be "upwardly compatible"-- that is, using the new version
isn't supposed to hurt.  If they change the standard every couple of years,
and the new standard (and new equipment/algorithm) doesn't support old
data, or "other" offices with old equipment/algorithms, there will exist
a cryptographic tower of Babel--even if bothe ends use the same language.

	Why not have a system where an arbitrarily long key means to
invoke the system recursively for each unit of length (such as once
for each character of the password).

	Or we could adopt the mechanism VMS uses--a one-way algorithm
that means  you have to know the answer to find out what it is (re-encrypt
the same data to see if it matches).

	The real problem is that it is desired to send a minimum quantity
of data, representing a maximum quantity of information.  The less data
transmitted, the higher the information content has to be, and the more
likely possibility that the information from the cleartext can be extracted.
If you could send the Websters unabridged, you could just omit letters
that make up your message.  Unless someone knew to compare for missing letters,
and how they related to the cleartext, the amount of information to weed
through would be staggering.  Unfortunately, so would transmission time.
And there is no question about recording a disk in the encrypted format.

sas

	I like it a lot--I think that HBO and others like them have no right
whatsoever to charge a fee for something they broadcast.  The key word is
broadcast.  It is entirely reasonable for cable companies to go after
pirate viewers, because they are taking pains to service those with whom
they have a contract.  I don't own a sattelite, and probably never will,
so that is not the reason for my point of view.  I do not currently
subscribe to HBO because of the price.  I might one day, but by cable,
and legitimately (for money).  But if you can decode the signal, you
are entitled to do so.  Regardless of what HBO says.

	If someone were to have a fistfight in the middle of the street,
and have the cops come and break it up, most people would look out their
windows to see what was going on.  Would you then accede to a request to
pay admission, and that retroactively?  The idea is ludicrous.

	If you were to stand in a crowd and hear someone yell about where
to find some great treasure, would you not be entitled to act on the inform-
ation?  As well as everyone else?

	If I was to discover a circuit diagram or listing under the glass of
a copying machine in a post office, I would feel it was public information.
And the company or employee would have one hell of a time demonstrating that
I did anything wrong by using a public copier.  It is the responsibility of
companies such as Atari and HBO to keep their trade secrets uncompromised.
It is one of the reasons for having the two entites "trade secret" and "
"copyright" -- which are very different.

	A radio, or, yes, Virginia, even a television set, is an electro-
magnetic signal decoder.  Potentially more, or less, complicated than
HBO's (or anyone else's) scrambler.

	We all decode broadcast information.  Several newspapers on the
driveway of our neighbors "announces" that they are away.  Are you vio-
lating the law by knowing this?  If there is smoke coming out of their
chimney in winter, are you violating their rights be noticing?

	If the "violators" tried to sell subscriptions of their own, that
would be a different story.  But the people HBO is after have done nothing
wrong!  And do you know how they are found?  Their "pirate" decoding equipment
BROADCASTS a signal that can be detected.  This same signal might be generated
by any number of means, but IF their van detects the carrier frequency coming
from your house, you get a retoactive bill.  They are doing to you what you
have "perpetrated" on them.

	Yes, Jed's idea has merit.  But HBO has a lot of pull, and has
cause to invest a VERY large fortune in the most cost-effective manner
(notice I didn't say anything about laws or ethics) to have things seen
their way.  I don't think there exists an electronics-manufacturing company
other than IBM who has the power to survive the inevitable war.  And,
unfortunately, I am certain that company management will see things the same
way.  After all, that's their job.   So, as always, the monopolists will
continue the monopoly, the elite will continue to be the elite, the
rich get richer and the poor get poorer, because that's the way it is.

	If my soapbox seems a little slanted, that's because it is.

sas

This DES thing might have some possibilities.

Part A of this message is background and may be skipped if desired.
[If you start to read Part A and think I am proposing something illegal
go directly to Part B.-- the author.]

Part A
------
HBO and many of the other satellite networks that scramble their signal use
the M/A COM VideoCipher II system which they claim uses the DES
algorithm. [I should, however, point out that both M/A COM and HBO
are masters of disinformation and they may simply want to put everyone
on the wrong track.]

In the Videocipher II system each unit has its own ID number and is
addressed by a signal in the transmitted program that tells it to decode
the signal. [The video is either inverted or not and is changed at periodic
random intervals but the audio is digitally encrypted.] Presumably the signal 
that tells it you have paid your monthly subscription gives it the key.

The way that HBO and the other services are currently handling subscriptions
is really bogus. If you live within the service area of a cable company
you pay the CABLE COMPANY which keeps part of the money and sends the rest
to HBO. In many cases satellite subscribers are charged MORE than cable
subscribers. In this case the real pirates are the cable companies (who seem 
to be behind the move to scramble all the signals including the 'Superstations'
like WTBS, WOR, and WGN which are COMMERCIAL TV stations. 

There is already evidence that this rip-off will fail as Congress has started 
looking into the situation. [Lots of Congressman have constituants in rural 
areas and have no access to television other than  by satellite.]

As a satellite dish owner I do not mind paying a reasonable fee for being able 
to watch quality programming. If the programmers are not fairly compensated
for their work they will cease producing quality programs. (By the way there
are satellite networks supported entirely by advertising and they are as
bad as any regular commercial broadcast station.)

Like I said, I think the subscriber fee issue will sort itself out unless
the cable industry succeeds in killing off the home satellite market. There
are already two million of us and we will not give up without a fight.

Part B
-------
It is illegal to sell a box that descrambles the signal without requiring
the subscriber to pay for the service. Anyone producing such a box faces
heavy fines and jail time. Therefore anyone producing such a box could never
sell very many because of the visibility required to sell a lot of anything.
So let's not do that.

BUT.

There is nothing illegal about producing a unit that DOES require 
addressibility. It's just that no one does.

Currently, the only way to get one is to buy it from M/A COM. For $400.
Satellite receiver manufactors are pissed because M/A COM will not sell them
the chip set. M/A COM WILL sell them a complete board for $168 which will
not fit inside most satellite receivers because M/A COM deliberately made
the board large (with lots of empty board space) so customers would be fooled
into thinking they were getting their money's worth.

If someone could do it with a $50 chip set they could either make and sell 
their own unit or could sell the chip sets to satellite receiver manufactureres.

It would require a modest investment by a company with the facilities of a 
company like ATARI.

I have other thoughts on the matter if people are interested.

	Jed

	Some thoughts in reply to Steve.

	Arbitrarily long keys tend to be generated by some algorithm operating
on a shorter seed. This is the case, for instance, in "random" numbers picked
by humans, where digits past the third (or so) tend to be negatively
correlated with preceding digits (most humans feel 5555 is NOT an random
number, and 666 even less so).

	Repeated encryptions are not neccessarily any more difficult to
decrypt than single ones. Consider the simple substitution cipher that adds,
modulo 26, a key to each letter. Encryption in the key of 3, then 4 is
indistinguishable from a single encrytion with 7. The cryptanalyst need not
discover the actual keys used in encryption, just one of the many that work.
If you think my example is trivial you're right. If you think it's irrelevant,
you're wrong. Much of the work in designing encryption algorithms goes into
finding and negating fortuitous isomorphism (love that phrase). Even schemes
that have "circulating" keys with different periods need to be careful that
the total period is long, relative to the amount of traffic. Because of this,
the keys themselves are not truly random (you need to avoid certain pairs
of keys) and this lack of randomness helps your opponent.

	In general one "long enough" key is theoretically better than two short
ones, but the considerations in the first paragraph mean that your one long key
is (perhaps unconsciously) derived from a short one. Keep in mind that "long
enough" is "at least as long as the total of all messages to be sent with this
key". This is the classic one-time-pad, which is literally impossible to
decrypt, but also thoroughly impractical for any volume of traffic. The key
distribution is equal in volume to the message traffic, so if the key channel is
secure, you just use it for the message traffic. This ignores the usual use of
the one-time-pad, which is where you have a lot of time before a specific event
in which to hand-deliver the key (the pad) but must use a fast, nonsecure
channel as soon after the event as possible (the launch codes for nuclear
missiles are one such case). In practice, just about all systems use a
relatively short key (32-256 bits) as a seed and permute it in some way as they
work to generate the effect of a long key.

	One-way algorithms are at the heart of most "public key" systems, but
there are two problems. A truly "one-way" scheme would be useless except for
authentication (which is what VMS uses it for). If you have to have the
cleartext to read the message, where did you get it. The public key systems
use pairs of "one way" functions which together form a two-way function.
As I said in a previous note, these tend to be pretty computation intense, and
the more esoteric (and faster) of them have not yet been PROVEN to be one-way.
(in fact one has recently been proven NOT to be).

	The problem of information quantity is not quite so straightforward.
Most modern encryption schemes are pretty sensitive to noise. That is, if one
bit of the cyphertext gets flipped, LOTS of the cleartext gets clobbered. For
this reason, some sort of error correction is applied as an "envelope", after
encryption. If it were applied before it would be harder for the legitimate
reader to recover from errors and easier for the interceptor to decrypt (because
of the redundancy in the "cleartext" added by check bits). Anyway, a one-time
pad with no error corection at all would suffice for most traffic that could
stand a typo here or there. The quantity of traffic (not information in Messr
Shannon's sense) would simply be twice the length of the cleartext (once for the
message and once for the key, but through two distinct channels). A real
consideration is the information density. Ideally the enemy does not even know
that a message was sent. In both World Wars, "traffic analysis" was used to
derive information about troop movements. Skilled listeners identified the
radio operators by their "fists" (characteristic rhythms of Morse-code sending)
and triangulated to find their locations. If "Fritz" has been sending from
a location where the 25th PanzerGruppe has been seen and now he seems to
be sending from 50 miles north of there then there is a good chance that the
25th has moved (or Fritz has been re-assigned, but nothing is for certain).
Since we can't be silent all the time and still send messages, the next best
thing is to send all the time and just switch between sending random trash
and real messages as the need arises. Two problems. Sending all the time
makes it real easy for the enemy to send a radio-guided rocket down your
throat. "Random trash" is not so easy to come by (see above). The German
radio operators had a foolish habit of using Bible readings for their filler,
and encrypting them with the current key. Gave the British some lovely
samples of "known cleartext" to work with. With regard to Websters Unabridged,
"book codes" are moderately popular, but such a common book as a well known
dictionary would be a poor choice. Steve's suggestion is also remeniscent of
a "Baconian cipher", but I've already prattled too long so I'd like to hang
up the tech-talk for now.

	My comment on the other message should probably start "Now, I'm not
a lawyer but...". The first ammendment protects only your right to speak, not
my right to hear, and even so exceptions have been made. I know Oliver Wendell
Holmes was in many ways a jerk, but he was also in a position to effectively
re-write the constitution and his "... fire in a crowded theatre..." remark
is valid. The "right" to listen to anything (but not to re-broadcast) is MUCH
newer (1934, Jed?) and much less sacred or widespread (Not all western nations
have it). I would also caution restraint. Carrying your argument to its logical
conclusion would make it perfectly ok for the FBI to use an inductive tap on
your phone with no court order or even probable cause. I happen to agree that
HBO is out of line IF they refuse to sell their services to individuals, but
that issue should be directly addressed, not skated around. I do feel that any
"narrowcaster" who relies on laws rather than technology to protect his data
is somewhat like a person who refuses to lock his door and lobbies for the
death penalty for trespassing. Conversely, I think I should have a right to
privacy from someone who sets up a cherry-picker outside my bedroom window
and bounces a laser off the glass to hear what I whisper.

				Mike

	I had in mind when I wrote my epistle to mention the laser-off-the-
window mechanism of descrambling audio signals.  And to point out that the
government does not rely on the court system to prevent people from doing it.
Those who care about the secrecy of their information should not broadcast it.
Because the likelihood of someone picking it up (and decoding it if necessary)
is inversely proportional to the desirability.  And, like it or not, a broad-
cast is a broadcast.

	Regarding phone taps (inductive or otherwise):  The law doesn't say
they can't tap your phone; the law says they can't use that as evidence in
court.  Fortunately, this is almost always the reason they want to tap your
phone; but (as in the case of industrial spying, or the spying industry, even)
it still can be (and is) done, and not always by the government.  Those who
care, TAKE care to prevent the occurrance.  Voice scramblers have been around
for quite a while, just for people like this.

	I maintain, a broadcast is a broadcast.

sas

	I want to rebut some of Steve's last message, and will below, but
I also want to point out that I originally asked for those interested in the
TECHNICAL, rather than LEGAL aspects of cryptography. I have nothing against
the discussion of HBO's latest outrage or mating habits of the lesser Bullfinch,
I just don't happen to be interested in them.
	Point one, I hope that nobody RELIES on legal mechanisms to protect
their privacy or property. That is, I hope you lock your door rather than
saying "Oh well, burglary is illegal so nobody will enter my house." Just the
same, the threat of prosecution is PART of your defense. If there was no
sanction against entering your property without your permission, you would
not only have to lock your door, you would have to armor all your walls.
At present, few thieves would bash your door in with a sledge hammer, because
it is a fairly obvious and noisy job, and they wish to avoid detection and
subsequent arrest. Not all neighborhoods recognize the sanctions mentioned,
and in these you do have to armor your house, or take the other approach
which is to CLEARLY have nothing of value in your house. This second tactic
is the basis for the inadmissability of ILLEGALY OBTAINED wiretap info as
evidence.
	Contrary to your statements, wiretaps ARE illegal, both for the
government and private individuals (or industry). There are certain
exceptions made specifically for the purpose of law enforcement, but
these exceptions are only made under circumstances equivalent to those
in which a search warrant would be issued. Your statement that it can
be, and is, done, therefore it must be legal is naive at best. Do you
seriously believe that NOBODY anywhere breaks the law. On the other hand, do
you depend SOLELY on your locks to prevent burglary, and assume that sheer
laziness, rather than some caution regarding arrest, deters thieves from
bashing the door in?
	Laws are passed to codify what behavior is sanctioned by society. The
sanctions serve to curb blatant and repeated offenses. Prudence dictates that
each individual make his own defense against the remaining sporadic attacks.
I agree that HBO should scramble a signal they don't want anyone to receive,
and they do. I also feel that the law regarding sale of decoders is subject to
debate, but point out that sale of handguns and burglar tools is regulated in
many locales. Lastly, you are free to maintain that "a broadcast is a broadcast.
(is a broadcast...?)", but the LAW is based on more than your opinion. My
feeling is that those who oppose a law should lobby to change it, not just
decide not to obey it. The subject of what SHOULD be law is not one I wish to
debate here.

This serves to add more insight to Mike's earlier comments about the
NSA's current stance on DES:

from Mini-micro Systems July 1986
--------------------------------------------------------------------------
Earlier this year, NSA began to send quiet signals at industry conferences
and meetings that DES was no longer good enough to protect U.S. data
communications. NSA's feelings surfaced publicly in March when Harold
Daniels, the agency's deputy director of information security, responded
to questions raised by analysts at Datapro Research Corp of Delran, N.J.,
about NSA's current view of DES.

In a letter to Datapro, Daniels said: "The National Security Agency has
supported, based on efforts that were initiated in the mid-1970's, the
use of DES-based encryption equipment for unclassified U.S. application
through a formal equipment endorsement program and direct government user
support. This unique initiative to engage U.S. Industry in the business
of crytographic equipment has been very successful...The use of the DES
algorithm, however, has made it an increasingly attractive target for our
adversaries."
"We will continue to endorse DES products under the existing program until
January 1,1988,"he continued, "but do not intend to certify the DES algorithm
when it is reviewed in 1988."

The article goes on to say:

There's evidence that the flap over Daniel's letter is having some effect on
the NSA itself. Telephone calls to Daniels were referred to NSA Public Relations
officials. There, an NSA official said that Daniel's letter contained some
"inaccuracies" and that an official statement explaining NSA's "real" position
on DES would be forthcoming.

---------------------end of article excerpt-----------------------------------

....It sounds like the NSA bit itself in the ass since as I recall, when
DES was being formulated, a 64-bit key (more secure) was proposed, but the
NSA pushed for the current 56-bit key. If they had used the longer key,
they probably would'nt be in their current predicament - not as soon anyway.
Or maybe there is a trapdoor in it afterall - why else would the NSA be so
paranoid? I know, that's a silly question.