Law in the Internet Society
Current mass-market communications technology is very insecure. User adoption rates for encryption of emails, instant messages, and phone calls are for all intents nil. Even the use of cookie-free, untraceable internet browsing is extremely low, despite its extreme ease. Legal protection for the privacy of such communications is scarcely any better. Witness, for example, the 2007 scandal wherein the ranking Democrat on the House Intelligence committee was entrapped and blackmailed by a national intelligence agency seeking expanded surveillance powers. Authority for roaming, warrantless wiretaps has been claimed by presidents from both political parties. The dominant usage of technology in America has done much to destroy the expectations of privacy and secrecy that people enjoyed just a few decades ago. Might it be possible to convince people to take matters into their own hands?

I like to call my proposed solution the PATRIOT phone. It will look like this. It will feature RSA cryptography that is all but impossible to break, with no back doors or key escrow. With the right marketing strategy, a satisfactory product, and reasonable price points, it shouldn't be difficult to put such devices in the hands of several thousands of users. At that point, the device becomes an impediment to large scale surveillance. If even 1% of network traffic were encrypted, it would be impossible to capture that volume of traffic for cryptanalysis -- there simply aren't enough supercomputers.

Such consumer technology does not exist. There are a variety of phones that employ RSA or similarly strong encryption, but they are not interoperable and cost $1500 or more. This is puzzling. Crytographic algorithms, qua algorithms, are not patentable subject matter and cannot be monopolized. To whatever extent such monopolization was possible (i.e. by patenting cryptographic math done "on a computer" or "a microchip that performs cryptographic math"), those patents should have long since been expired. See 1, 2. This academic paper suggests a means for implementing RSA into programmable logic chips that cost less than $10, and provides sufficient computing power to encrypt voice data in real time. In fact, that paper is five years old: the technology should be trivial at this point.

*Outline -Form of a solution: the device. *Why doesn't it exist? Supply side: -firmware/chipsets patented... scale? -regulatory issues -lack of competition/barriers to entry *How else might it be implemented -the network? skype, google voice... -or private routers and a mesh grid *Legislative or regulatory response?

Work in progress, nowhere near done.

-- HarryLayman - 18 Nov 2009

 

Navigation

Webs Webs

r3 - 30 Nov 2009 - 23:47:49 - IanSullivan
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM