Encode and Encypher



  • Some of the comments on "Hexed ID" made me want to probe a bit.

    Back in either the late 80's or early 90's, as I recollect, Congress came within a hairsbreadth of banning all coding schemes that were not "readable by eye".  This caused a great deal of consternation because it would effectively have banned spreadsheets, databases, word processing documents, and everything else; all at once.

     To the best of my mental image of the world, there is a distinction between "encode" and "encrypt". It is very hard to define, but here is my attempt:

    • "Encode" describes a scheme for transformation of one form of representation to another form.  For example, we might read a document with OCR and encode it as ASCII.
    • "Encrypt" describes a subset of encoding operations specific to the protection of information from interception by persons not holding a "key" needed to reverse the encrypt operation.
    • An encode operation may be simple or complex, but absent the encrypt intent, the encoding is easily reversed by anyone knowing the structure of the encoding operation. An encrypt operation can either be reversed only by having the key, or absent the key, perhaps only by extreme expenditure of effort.

    Can anyone improve on this?  Or am I just all wet in general? Or does this just fall in the category of: "I knows them when I sees them."

     



  • But they are readable by eye, if you have a hex editor! :P

    Your take on encode vs. encrypt sounds pretty accurate, though...



  •  Double-encoding FTW!

     (check the comments)



  • @Coyne said:

    Back in either the late 80's or early 90's, as I recollect, Congress came within a hairsbreadth of banning all coding schemes that were not "readable by eye". This caused a great deal of consternation because it would effectively have banned spreadsheets, databases, word processing documents, and everything else; all at once.

    Whose Congress? The United States'?

    How exactly could they have done such a thing? Why would they have done such a thing? This doesn't pass the sniff test, buddy. Cite something.

    The best they could do, and this is iffy, is vote to de-fund Government projects using file-formats that were not human-readable. They couldn't outright cancel the projects, since most of them would be coming from the Executive Branch (most likely), but they could cut funding. And even then, that doesn't explain the "why" component.



  • @blakeyrat said:

    The best they could do, and this is iffy, is vote to de-fund Government projects using file-formats that were not human-readable. They couldn't outright cancel the projects, since most of them would be coming from the Executive Branch (most likely), but they could cut funding. And even then, that doesn't explain the "why" component.

    More or less, but that wouldn't stop some congresscritter from submitting a bill or amendment that said something stupid. This particular instance was only unique in that it apparently never got passed.

    It was probably bound up with export controls or something where they thought they were going to be all hard-ass on smelly foreigners.



  • @blakeyrat said:

    Whose Congress? The United States'?

    How exactly could they have done such a thing? Why would they have done such a thing? This doesn't pass the sniff test, buddy. Cite something.

     

    To my recollection, yes, it was the U. S. federal Congress. I actually tried to cite something during the original authorship but wasn't able to figure out a way to find a reference in Google. Between the fact that the proposal failed in Congress and the bazillions of pages referencing encryption and encoding, frankly I don't even know how one would go about finding it, now. So we have to depend on my leaky memory.

    But the purpose, as I recollect it, was a hair-brained scheme by the three-letter agencies (TLA's) to ban encryption, which they termed "coding", because the TLAs were afraid everything was going to be encrypted and wanted to prevent the public from doing encryption. But like many TLA schemes, they had no idea what they were trying to ban and so proceded to get rid of that "mouse" with a "100 megaton nuke".

    To give you an idea what the "sniff test" would have told you about encryption proposals, I offer the schemes below, from around the end of that insane period that were equally hair-brained. I could cite authoritative sources for each I'm sure, but won't bother: just see the Wikipedia articles.

    • The "Clipper" chip, which the government proposed to require everone to use for encryption function that required the key for each chip be escrowed with the government and also was (probably) designed deliberately with a back-door for the TLA's. And that failed because the insanity of the proposal was exposed.(See Clipper Chip. Nail 1: Backlash. Nail 2: Vulnerability. Nail 3: Mooted by the availability of things like PGP, and died a long death.)
    • The administrative rules prohibiting the export of any encryption stronger than 56-bit DES (anything stronger being a munition, you know) that finally fell when a DES key was broken in 56 hours by a hardware key-breaker (proving that DES was too weak for international commercial use). Until the government was forced to give up the ghost on DES, people could potentially be charged with a crime for exporting a stronger algorithm. Such as, for example, travelling to Europe with a laptop containing the PGP program. (See Data Encryption Standard. Note especially the entry for "July 1998" in the "Chronology" section, which was the nail in the single-DES coffin.)
    • The investigation of PGP creator Phil Zimmerman when miraculously (after he published the source of his program in a 60-page book) an interoperative PGP program was built in Europe.  Too dumb to understand how a lowly source code book could allow Europeans to build an interoperative version, the TLA's were absolutely certain Mr. Zimmerman had exported his program and its strong encryption illegally and investigated the daylights out of him. (see the "Criminal investigation" section of Pretty Good Privacy. It not only discusses the investigation of Zimmerman, but also mentions some of the "munitions" issues.)
    • etc.
    If you think these stink, yes they do, because they proved just how dumb and incompetent TLA's are. It was an interesting time for encryption.

     



  • That's a lot of words for something that doesn't address any of my questions.



  • @blakeyrat said:

    That's a lot of words for something that doesn't address any of my questions.
    Really? Because the first sentence looks awfully like an answer...



  • @Coyne said:

    The investigation of PGP creator Phil Zimmerman when miraculously (after he published the source of his program in a 60-page book) an interoperative PGP program was built in Europe.  Too dumb to understand how a lowly source code book could allow Europeans to build an interoperative version, the TLA's were absolutely certain Mr. Zimmerman had exported his program and its strong encryption illegally and investigated the daylights out of him. (see the "Criminal investigation" section of Pretty Good Privacy. It not only discusses the investigation of Zimmerman, but also mentions some of the "munitions" issues.)

    I'm sure they understood how the book could have enabled it. However, they were also knowledgeable enough about the law to know that they couldn't prosecute him for it, so they looked for another way. Obviously, tilting at windmills, but I do wonder about foreign powers' encryption capabilities, and how much they were able to stunt their maturation. I could easily imagine foreign security / espionage organizations resisting the adoption of cutting edge technologies in favor of home grown schemes that were easier to break.

    Sheesh. Use some imagination.



  • @Ben L. said:

    @blakeyrat said:
    That's a lot of words for something that doesn't address any of my questions.
    Really? Because the first sentence looks awfully like an answer...
     

    Now we come into the vague meta-territory of whether "I don't know" is an answer to a question.



  • @dhromed said:

    Now we come into the vague meta-territory of whether "I don't know" is an answer to a question.
    Of course it is. It's not as useful as one that informs the questioner of what they want to know, but at least it imparts the knowledge that such information won't be forthcoming from that particular answerer.



  • @PJH said:

    @dhromed said:
    Now we come into the vague meta-territory of whether "I don't know" is an answer to a question.
    Of course it is. It's not as useful as one that informs the questioner of what they want to know, but at least it imparts the knowledge that such information won't be forthcoming from that particular answerer.

    I'd say that "I don't know" is a response to a question, but not an answer.

    It's indicating that I have no answer.

    Doesn't help matters that giving an unacceptable response to a question (whether rhetorical or not) is often cited as "answering back", especially when the responder is of teen age or younger.



  • @Cassidy said:

    I'd say that "I don't know" is a response to a question, but not an answer.

    It's indicating that I have no answer.

    OK, putting aside the fact that the actual response in this thread never said, "I don't know," this is bullshit.

    First, there are various rhetorical techniques that might have been applied (e.g., sarcasm) in such an answer. Secondly, something along the lines of, "I don't know, but my understanding is..." seems like a reasonable answer to a question.

    I'd also point out that the respondent's self-professed certitude has no bearing on the correctness of the response.

    And let's not forget that (based on past experience, including this thread), there is no level of evidence or answer that will satisfy a blakeyrat query against which blakeyrat has already made up his mind.



  • @boomzilla said:

    there is no level of evidence or answer that will satisfy a blakeyrat query against which blakeyrat has already made up his mind.
     

    This is true.



  • @boomzilla said:

    And let's not forget that (based on past experience, including this thread), there is no level of evidence or answer that will satisfy a blakeyrat query against which blakeyrat has already made up his mind.

    Fair point. I'm 99.999999999% certain it's complete bullshit. Not only because Congress would never do such a thing, but because they couldn't do such a thing.

    It would be nice to have someone prove me wrong. But my bullshit detector is pretty goddamned accurate, if I do say so myself.

    Point is, next time you have some crazy-sounding idea like this, and you have no cite to back it up, and when grilled on it your only response is "I don't know but just trust me"... why don't you save us all a lot of trouble and simply not post it? There's enough bullshit on the Internet already.



  • @blakeyrat said:

    @boomzilla said:
    And let's not forget that (based on past experience, including this thread), there is no level of evidence or answer that will satisfy a blakeyrat query against which blakeyrat has already made up his mind.

    Fair point. I'm 99.999999999% certain it's complete bullshit. Not only because Congress would never do such a thing, but because they couldn't do such a thing.

    It would be nice to have someone prove me wrong. But my bullshit detector is pretty goddamned accurate, if I do say so myself.

    Point is, next time you have some crazy-sounding idea like this, and you have no cite to back it up, and when grilled on it your only response is "I don't know but just trust me"... why don't you save us all a lot of trouble and simply not post it? There's enough bullshit on the Internet already.

    There you go, for more reading see below

    http://epic.org/crypto/ban/


  • @blakeyrat said:

    @boomzilla said:
    And let's not forget that (based on past experience, including this thread), there is no level of evidence or answer that will satisfy a blakeyrat query against which blakeyrat has already made up his mind.

    Fair point. I'm 99.999999999% certain it's complete bullshit. Not only because Congress would never do such a thing, but because they couldn't do such a thing.

    I'm not sure why you're so certain that they wouldn't try. I mean, all they'd have to do is call it a tax!

    @blakeyrat said:

    Point is, next time you have some crazy-sounding idea like this, and you have no cite to back it up, and when grilled on it your only response is "I don't know but just trust me"... why don't you save us all a lot of trouble and simply not post it? There's enough bullshit on the Internet already.

    Yes, obviously a cite is always much better. The closest thing (more applicable to the OP's follow up than his actual OP) that I found was S.974 introduced by Sen Grassley in 1995 (does not appear to have made it out of the Senate).

    @EPIC said:


    Section 2(h)(1) of S.974 would amend Title 18 of the United States
    Code to make it unlawful to:

     distribute computer software that encodes or encrypts
     electronic or digital communications to computer networks
     that the person distributing the software knows or
     reasonably should know, is accessible to foreign nationals
     and foreign governments, regardless of whether such software
     has been designated as nonexportable.
    

    The legislation further provides that:

     [i]t shall be an affirmative defense to prosecution under
     this section that the software at issue used a universal
     decoding device or program that was provided to the
     Department of Justice prior to the distribution.
    

    This is obviously a far cry from the original claim of "readable by eye," and I think that as far as this thread is concerned, that claim would have to be considered apocryphal at best. But it would hardly be the first time that some act of Congress would create outrageous unintended consequences. Personally, I'd put more weight on it not having come so close to actually passing, as I would to it actually being proposed in legislation. Once again, thank God we don't have a parliamentary system.



  • @serguey123 said:

    http://epic.org/crypto/legislation/edsa_397draft.html

    There you go, for more reading see below

    http://epic.org/crypto/ban/

    The original claim:

    Back in either the late 80's or early 90's, as I recollect, Congress came within a hairsbreadth of banning all coding schemes that were not "readable by eye". This caused a great deal of consternation because it would effectively have banned spreadsheets, databases, word processing documents, and everything else; all at once.

    Your cite has NOTHING to do with the original claim.

    Please don't post shit that's so easily disputed. You could have anticipated my answer here. If you're going to try to make Coyne's point for him, at least do a decent job of it. That was terrible.



  • @blakeyrat said:

    Your cite has NOTHING to do with the original claim.

    I interpreted the original claim of "readable by eyes" as plaintext because of his following post citing the Clipper chip and others regarding the controversy of the use of encryption and the possibility of making it easier to break by government agencies in order to "alledgedly" prevent crime. Maybe it was an honest mistake and he meant encryption all along, maybe not. Anyhow, in that context, those links are relevant.

    @blakeyrat said:

    You could have anticipated my answer here.

    Perhaps but I'm not a mind reader, however I did make an effort to read past his first post
    @blakeyrat said:
    If you're going to try to make Coyne's point for him, at least do a decent job of it.

    Not sure what his point was, that the government or the congress sometime do stupid things? That doesn't need much proof, that is a fact, we humans are silly creatures.



  •  @boomzilla said:

    @Coyne said:
    The investigation of PGP creator Phil Zimmerman when miraculously (after he published the source of his program in a 60-page book) an interoperative PGP program was built in Europe.  Too dumb to understand how a lowly source code book could allow Europeans to build an interoperative version, the TLA's were absolutely certain Mr. Zimmerman had exported his program and its strong encryption illegally and investigated the daylights out of him. (see the "Criminal investigation" section of Pretty Good Privacy. It not only discusses the investigation of Zimmerman, but also mentions some of the "munitions" issues.)

    I'm sure they understood how the book could have enabled it. However, they were also knowledgeable enough about the law to know that they couldn't prosecute him for it, so they looked for another way. Obviously, tilting at windmills, but I do wonder about foreign powers' encryption capabilities, and how much they were able to stunt their maturation. I could easily imagine foreign security / espionage organizations resisting the adoption of cutting edge technologies in favor of home grown schemes that were easier to break.

    Sheesh. Use some imagination.

    You think these people have imagination? LOL

    Like most major technologies, cryptography is a capability widely distributed; understood by many mathematicians worldwide. And for a long time: Look at the effort the allies expended breaking Enigma, which was created by the Germans.  Some of our latest best cryptosystems have come from outside the U. S.

     So it's not like banning the sale of hardware, which might have some effect: The export ban always was dumb, from the beginning.

     

     



  • @Coyne said:

    You think these people have imagination? LOL

    Well, really I think you're just being parochial and lacking in imagination.

    @Coyne said:


    Like most major technologies, cryptography is a capability widely distributed; understood by many mathematicians worldwide. And for a long time: Look at the effort the allies expended breaking Enigma, which was created by the Germans.  Some of our latest best cryptosystems have come from outside the U. S.

    So it's not like banning the sale of hardware, which might have some effect: The export ban always was dumb, from the beginning.

    No, it wasn't dumb. It obviously couldn't live up to actually preventing the export to all people for all time, but at the same time it could slow down the adoption by many people and organizations outside of the US. In order for your statement to make sense, you have to believe that it's OK to roll your own crypto, even using published algorithms.

    I guess you're not familiar with different means of security, but there are different ways to keep something secure: deter, detect, delay, defeat, deny. Each has its role to play. I suppose if all you care about is keeping something secure forever, then something that will only work for a limited time would seem "dumb." But that's just being dumb.

    Your Enigma argument is saying that the Germans might as well have just given an Enigma machine (or at least the details of how it worked) to the Allies. Obviously, they eventually got it, but you're ignoring reality to say that keeping it a secret was "dumb."


Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.