The Crypto Controversy
A Key Conflict in the Information Society
Published on 1. December 1998
306 pages
978-90-411-7228-0 (ISBN)
Description
Cryptography is essential for information security and electronic commerce, yet it can also be abused by criminals to thwart police wiretaps and computer searches. How should governments address this conflict of interests? Will they require people to deposit crypto keys with a `trusted' agent? Will governments outlaw cryptography that does not provide for law-enforcement access?
This is not yet another study of the crypto controversy to conclude that this or that interest is paramount. This is not a study commissioned by a government, nor is it a report that campaigns on the electronic frontier. The Crypto Controversy is neither a cryptography handbook nor a book drenched in legal jargon.
The Crypto Controversy pays attention to the reasoning of both privacy activists and law-enforcement agencies, to the particulars of technology as well as of law, to 'solutions' offered both by cryptographers and by governments. Koops proposes a method to balance the conflicting interests and applies this to the Dutch situation, explaining both technical and legal issues for anyone interested in the subject.
This is not yet another study of the crypto controversy to conclude that this or that interest is paramount. This is not a study commissioned by a government, nor is it a report that campaigns on the electronic frontier. The Crypto Controversy is neither a cryptography handbook nor a book drenched in legal jargon.
The Crypto Controversy pays attention to the reasoning of both privacy activists and law-enforcement agencies, to the particulars of technology as well as of law, to 'solutions' offered both by cryptographers and by governments. Koops proposes a method to balance the conflicting interests and applies this to the Dutch situation, explaining both technical and legal issues for anyone interested in the subject.
More details
Other editions
Additional editions
Bert-Jaap Koops
The Crypto Controversy:A Key Conflict in the Information Society
A Key Conflict in the Information Society
Book
12/1998
1st Edition
Kluwer Law International
€96.30
Shipment within 10-20 days
Content
- Cover
- Half Title Page
- Title Page
- Copyright Page
- Table of contents
- Acknowledgements
- Chapter 1. Introduction
- 1.1. A problem without a solution
- 1.2. What this book is not about
- 1.3. What this book is about
- 1.3.1. Focus on the Netherlands
- 1.3.2. Outline
- 1.3.3. Aim
- 1.4. How to read this book
- Part I Problem and context
- Chapter 2. An information society needs information security
- 2.1. The information society
- 2.1.1. Developments
- 2.1.2. Information society policy
- United States
- European Union
- The Netherlands
- 2.1.3. Building blocks and participants
- 2.1.4. Problems
- 2.2. Information security
- 2.2.1. Objectives
- 2.2.2. Threats
- 2.2.3. Measures
- 2.2.4. Governments' role in information security
- 2.2.5. Information security in Dutch government
- 2.3. Conclusion
- Chapter 3. Cryptography, a key technology for information security
- 3.1. Cryptography
- 3.1.1. History
- 3.1.2. Intermezzo - dramatis personae
- 3.1.3. Symmetric and public-key cryptography
- The working of public-key cryptography
- Authenticity, integrity, and non-repudiation
- 3.1.4. Cryptanalysis and the strength of crypto systems
- 3.1.5. Key length
- 3.1.6. Key management
- 3.1.7. More distinctions
- 3.1.8. Hiding cryptography
- Detecting cryptography
- 3.1.9. Protocols
- 3.2. Applications
- 3.2.1. Providers
- 3.2.2. Government
- 3.2.3. Other users
- Financial applications
- Privacy and sensitive data
- Human rights
- Public and private networks
- Other applications
- 3.2.4. Cryptography in practice
- 3.3. Conclusion - the importance of cryptography
- Chapter 4. Cryptocriminals, a public concern
- 4.1. The crime society
- 4.1.1. Organized crime
- Activities
- Seriousness
- Information behavior
- Use of cryptography
- 4.1.2. Business crime
- Seriousness
- Information behavior and use of cryptography
- 4.1.3. Computer crime
- Seriousness
- Information behavior and use of cryptography
- 4.1.4. Other types of serious crime
- 4.2. Investigation
- 4.2.1. Developments in criminal investigation
- 4.2.2. The organization of criminal investigation
- 4.2.3. The stages of criminal investigation
- 4.3. Gathering data in transport
- 4.3.1. Tapping
- Conditions
- Legal problems
- Technical problems
- Maintaining tappability
- 4.3.2. Tapping in other countries
- 4.3.3. Traffic analysis
- 4.4. Data storage
- 4.4.1. Handing over data
- 4.4.2. Search and seizure
- 4.4.3. Searching elsewhere
- 4.4.4. Providing access
- 4.5. Problems through encryption
- 4.5.1. Main crypto-problems
- 4.5.2. Cryptocriminals in practice
- 4.5.3. Cracking evidence
- 4.5.4. Further crypto-problems
- 4.5.5. Scope of the problem
- 4.6. Conclusion
- Chapter 5. A survey of cryptography laws and regulations
- 5.1. Export and import controls
- 5.1.1. COCOM and Wassenaar Arrangement
- 5.1.2. United States
- 5.1.3. Import restrictions
- 5.2. International developments
- 5.2.1. OECD
- 5.2.2. European Union
- 5.2.3. Other European initiatives
- 5.3. Domestic crypto laws per country
- 5.3.1. Belgium
- 5.3.2. Denmark
- 5.3.3. France
- 5.3.4. Germany
- 5.3.5. The Netherlands
- 5.3.6. Russian Federation
- 5.3.7. United Kingdom
- 5.3.8. United States of America
- Escrowed Encryption Standard (Clipper)
- Key Management Infrastructure
- NRC report
- Broad Encryption Policy
- Draft key-recovery legislation
- Congress bills
- Conclusion
- 5.4. Concluding remarks
- Part II Framework and analysis
- Chapter 6. Framework and set of principles
- 6.1. Choosing a framework
- 6.2. A set of principles
- 6.2.1. Fundamental principles
- 6.2.2. Less fundamental principles
- 6.3. Outline of the framework
- Chapter 61/2. Outlawing cryptography
- 61/2.1. A crypto ban does not help the police
- 61/2.2. A crypto ban does hamper good guys
- 61/2.3. Conclusion
- Chapter 7. LEAKing through the Public Key Infrastructure
- 7.1. Public Key Infrastructures
- 7.2. Public Key Infrastructures and LEAK
- 7.3. Non-confidentiality cryptography
- 7.3.1. Working of DSA
- 7.3.2. Subversive use of DSA
- 7.3.3. Assessment of DSA
- 7.4. LEAKing through key deposits
- 7.4.1. LEAK techniques
- 7.4.2. Escrowed Encryption Initiative
- Defeating the LEAF
- Software key escrow
- 7.4.3. Royal Holloway's international TTP scheme
- 7.4.4. Add-ons
- Splitting keys
- Traceable ciphertexts
- 7.5. LEAKing through key recovery
- 7.5.1. Commercial Key Escrow
- 7.5.2. PGP's Corporate Message Recovery
- 7.5.3. International Cryptography Framework
- 7.5.4. Key Recovery Alliance
- 7.6. LEAKy issues
- 7.7. Assessing the LEAK options
- 7.7.1. Effectiveness of LEAK systems
- 7.7.2. The options
- 7.7.3. Applying the criteria
- 7.7.4. Conclusion
- Chapter 8. Demanding decryption
- 8.1. Preliminary distinctions
- 8.1.1. Demanding decryption or key delivery?
- 8.1.2. Decrypting stored and communicated ciphertexts
- 8.2. Demanding non-suspects to decrypt
- 8.3. Demanding suspect corporations to decrypt
- 8.4. Demanding individual suspects to decrypt
- 8.5. The rationale behind the privilege against self-incrimination
- 8.6. Is it possible to create a law demanding decryption?
- 8.7. How to enforce a decryption command
- 8.7.1. Penalize a refusal to cooperate
- 8.7.2. Penalize cryptocriminal use
- 8.7.3. Reverse the burden of proof
- 8.8. Assessing the decryption command
- 8.8.1. The decryption command in current law
- 8.8.2. Options for enforcing a decryption command
- 8.8.3. Applying the criteria
- 8.8.4. Conclusion
- Chapter 9. Alternative investigation measures
- 9.1. 'Direct eavesdropping'
- 9.1.1. Description
- 9.1.2. Situations, crimes, and encryption
- 9.1.3. Legal status in the Netherlands
- 9.1.4. Situation in other countries
- 9.1.5. Conclusion
- 9.2. Tempest monitoring
- 9.2.1. Description
- 9.2.2. Situations, crimes, and encryption
- 9.2.3. Legal status in the Netherlands
- 9.2.4. Situation in other countries
- 9.2.5. Conclusion
- 9.3. Infiltration
- 9.3.1. Description
- 9.3.2. Situations, crimes, and encryption
- 9.3.3. Legal status in the Netherlands
- 9.3.4. Situation in other countries
- 9.3.5. Conclusion
- 9.4. Crown witnesses
- 9.4.1. Description
- 9.4.2. Situations, crimes, and encryption
- 9.4.3. Legal status in the Netherlands
- 9.4.4. Situation in other countries
- 9.4.5. Conclusion
- 9.5. Data mining
- 9.5.1. Description
- 9.5.2. Situations, crimes, and encryption
- 9.5.3. Legal status in the Netherlands
- 9.5.4. Conclusion
- 9.6. Assessing the alternative investigation measures
- 9.6.1. The options of alternative investigation measures
- 9.6.2. Applying the criteria
- 9.6.3. Conclusion
- Chapter 10. The zero option
- 10.1. The zero option
- 10.2. Applying the criteria
- 10.3. Conclusion
- Chapter 11. Reconciling interests
- 11.1. Rawls and social justice
- 11.2. The crypto conflict and criminal justice
- 11.3. Description of the problem
- 11.3.1. The original position
- 11.3.2. Representative groups and their veil of ignorance
- 11.4. The crypto policy conference
- 11.4.1. The least advantaged group
- 11.4.2. Principles and ordering rules
- 11.4.3. Selecting the options
- 11.4.4. Narrowing down the problem
- 11.4.5. The key decision
- 11.4.6. Looking at the future
- 11.4.7. Evaluation
- 11.5. Agenda for a US conference
- 11.6. Conclusion
- Summary
- Abbreviations
- Glossary
- Glossary of terms
- Glossary oflegal terms (English-Dutch)
- Glossary of laws and regulations (English-Dutch)
- Glossary of organizations (English-Dutch)
- Bibliography
- Legislative proposals, decisions, and other parliamentary documents
- Dutch
- European
- Case Law
- Dutch
- European
- US
- About the author
- Back Cover
