By William Paul Fiefer
(home)
|
You're on your own but never alone.
|
|
PGP Public Keys |
|
(Or, how to become an arms trafficker in
your spare time)
|
| My RSA public key (the default) | My Diffie-Hellman public key |
|
Note: As of September 16, 1999, the U.S. restrictions governing strong encryption have been relaxed. The information in this piece, which I've had on the Web in one form or another since 1993, is of historical interest only. If you are here out of an interest in PGP, the University of Illinois at Urbana-Champaign hosts an excellent PGP resource page. For instant gratification, grab a copy of PGP at The International PGP Home Page and start protecting your privacy now. Browse a few of my links for additional privacy tips and tools. You only need to read further if you want to see how foolish politicians and bureaucrats can be. (As an example, until U.S. cryptographic restrictions were relaxed, it was a Federal crime to transfer this MIDI audio representation of the RSA cryptographic algorithm outside the United States. If you decide to audition this peculiar, ragtime-like tune, press your ESC key or close the player applet to silence it.) My public encryption keys directly follow this essay.
Bang!I became an arms trafficker in 1993. In 1996 I appeared on a list of known arms traffickers. If you don't want someone reading your email without your permission, you might be an arms trafficker, too. I support the right of U.S. citizens to use strong encryption, a technology the U.S. Department of State regards as a munition. Any U.S. citizen distributing strong encryption software is defined as an arms trafficker if the encryption method is sufficiently powerful and if they transport that encryption tool outside the United States and Canada. Shipping a well-made Commander Billy software secret code ring to my pal in Tokyo for private email can land me in the same prison as someone shipping W-88 warheads to China or F-16s to Libya.
American business doesn't like this restriction one bit. And this isn't an instance of good capitalism overriding a better patriotic sense. When businesses transfer money electronically or hide corporate data from competitors, they need real security tools, not cutdown versions of solid code used openly by European or Asian corporations. If you're a U.S. citizen, you should object to this restriction, too. Using encrypted email doesn't make you a sleazy person any more than putting your letters in an envelope means you have something to hide. Or do you mail every piece of your correspondence using post cards? The Department of State is slowly coming to its senses regarding openly available security technologies in a time when the wires carrying everything about our lives can be reached from anywhere in the world. The FBI is still asleep on this point, as are many police agencies, who feel drug dealers will be free to hide their discussions if cryptography is deregulated. Drug dealers already talk to each other with impunity, using European and Asian technology available on the Internet or in any good library. What the FBI and the police really want is to make it easy to snoop on Joe and Jane American. U.S. citizens are not obligated to make that easy for anyone. The best freely available, powerful encryption technology is PGP. It was developed with the help of faculty members from MIT. You can find it using any search engine (or at The International PGP Home Page). PGP includes other security technologies, including one that thoroughly deletes your computer files. (Deleting files otherwise doesn't get rid of them; it instructs your computer not to display them.) PGP is not a toy. It is a commercial product used by large businesses and governments. The licensing restrictions governing PGP stipulate that it must be available at no charge for non-commercial use. The people who developed PGP wrote this clause because they wanted to make sure people always had good tools to protect their privacy. PGP is public key encryption. When you use public key encryption, you make a public and secret key and distribute your public key anywhere and everywhere possible. The only thing a public key can do is turn a document into encrypted gibberish. It can't decipher anything. That job is for your secret key, which you keep to yourself and never give away. Your secret key can decode only the gibberish made by your public key. In this way, public key encryption solves the problem of getting your encryption tools to your pen pals without much chance of compromising yourself. My public keys are below and PGP will read them straight off this file. PGP integrates with your mailer and your computer desktop. PGP will garble messages, wipe the originals completely, and hide data on your computer so no one but you can get to it. If you think these features are for children, wait until one of your executives has their laptop stolen at the airport. PGP is a solid piece of code, powerful enough to already have been the target of a protracted suit by the Federal government. PGP won. Now you see what it takes to be an arms trafficker. Becoming one this way won't fly you as fast as having an F-16 or make as big a bang as having a W-88, but it will keep you just as safe. |
Key ID: 0x1CF16A71 Key fingerprint: F271 EAC5 E142 D14E ACD7 3FC5 EC81 BCC7 -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQENAy79fGIAAAEH/1/oSs69WiZu8vPStFU5EXxLuSspFED0WQQ1muWZ85xHeURU jbX51Fwer8qySJWLNHctH1kn+xbJPVWkuPXo0NDn0TwIiH62J3SIJG1QQ1IsGDdJ yhTUxvgfOiWP/kMYmaGgyGrb4F9aIwznMt5KGKUGq6MqjcCBNPTf4KfVyzTr2p+K zgLF5QiW4PqtF5qreEkas4mEkUjUKvz0K47nREaQSF0o3oi0MnRAoDAnw7og3vbj 8cFHyZgEayfkUjSOFIZ001fswp0yKuAovDbNJRmZtf5djrvrIh9cLIZjAaXzja6s IFzBelEAKYHOlqV09lSfjZRkk3nNzKuJsRzxanEABRG0K1dpbGxpYW0gUGF1bCBG aWVmZXIgPHlhbWFkYUBwcmFpcmllbmV0Lm9yZz6JARUDBRAxOL65zKuJsRzxanEB ARdQB/0e3LKePwxh8wanrnUxibTM/grnSk+FRZmQrjOT5hAC+CbvtWwvS67KlYFZ trUJdm+V2sRIfJCHw/+9p/LdaS2FXKRfVKMDVRZ/pCq9YLF7ANqoDI7nPwJxMTGI +2JIQu0J5Oj0UiRv8nH9u+jFNG1hc+6EK75Wy58CZR5ixpfbYAk9P7O1+/rusk0N xVanil5v8QS15oNSBrNpLiuHjaaOiW1a6ZLec37106dUvQI4B87I7bVDgYKpOMz8 2XLxeqkOVCzZo7Vst7d+7YI+udQKhKom3JPdSexbXxuAPV5281oCVNKUwoJD021h 3OaFWza4Ynwbb2T40OPO2pzHruOf =s/kC -----END PGP PUBLIC KEY BLOCK----- |
Key ID: 0x56E05DB6 Key fingerprint: 61F6 9D8C 2CCF D860 A2D7 1491 3728 10A5 56E0 5DB6 -----BEGIN PGP PUBLIC KEY BLOCK----- Version: PGP for Business Security 5.5.2 mQGiBDW8ijwRBADuRPvv0ihAWo+av/eQOiKwWnRO3JA69sh8zNg4uvNvR3g2//LB h/K1nWQmNKqC7Vnh3AXScT1YOPTxOHhIpPn0D4fyCFSKAp860Nd6B6R2HiTEhWBB 6astGnbR7Smip5holAlC9WfbB5tTA7ave7/oieveyvUWxRO3SEoEi1Iq2wCg/6xz 8nS3M0khDzO1Nhm+j45UaX8EAOWbguRteV9X+yvrSZ1YmIPYzzNuEw+aryqxi154 sWMcpxygDSo4eglLU1GR1No8WPn6YgCAoTtCVH/P+LCj3CG96M+efVEKTZETWQdy /g1Uv1/JqWLc1cbZcsCRcGB6hWpZ401MPiu+6QFT1SxwGSxtMIr2rm2fLgnPa920 WOHVBACfVSdtbJ9d1hVbeT9XKlrMWB8y7p/BXo3HMK1/cRPqdBb4NmlkUjKJ9UnS hH8dDflP1Khu2R0HrnCmzENgauichTL3KNIpJVQo1MHHU4BSlgbzU2tMeb7A+5BR gQsBMWHgMnNipFPEdltrRfNOAsvjsJhv83JMFhff8gPfm4JCN7QrV2lsbGlhbSBQ YXVsIEZpZWZlciA8eWFtYWRhQHByYWlyaWVuZXQub3JnPokASwQQEQIACwUCNbyK PAQLAwIBAAoJEDcoEKVW4F223vwAoPOoKPUJgwe/3UbHnYx4xyMy4KM/AKDxd+aY ET3HG5eVj2S84ZBcaliPPYkBFQMFEDW8nPLMq4mxHPFqcQEB+VYH/RP7AdKX/0cq 9TkEXdlUxbYMk+xUIL5n97nCmYdrnZJ+9Kc099bj6TWj+DaVYybTKCIdRKLpIWIp CFOF/5rJPxcF759G1u/SYcKW5yqg2xw0jPbbhisntYXhFUWoUae94T5Z5wcebgrY 77ppXdB9lXazlTmAFD1nv5UEZVsUKUnFaFqmHIkkLr5jWhw6E8wY17AaqMPT0fQS AafEDh/5sI5OBFcpad80UerRTgDXegogywJrZFBUEpxeRP+kPsQlHxCHQQWXuTVI VyY2YV/Y1ls3MMGQx2FmzmLf8v6Wm3rBcwEs1BNXbYaxGTHPBljkbtNDX+wl6iyg nahxV1WP4565BA0ENbycOhAQAOLQOewgI9Ra7M6E9LYX2vBDikXJhwbGvwwr+DNZ cObK5UCDN6vM++0hi7wX3JT+uA0fGgU2AfrPGOWQbKaD/FpXN64lkOdZVZT24QKv oaVBDqQVK+3OyqoesKgSnfJT2xCIczJIajjRRtRxnaY4U6/6e5F1UPSJbzd4KEZh p/vQ4Mnn0shQ0N0FLuPTXyinQZZrXtNnXdU64UR4tA8ITfE1mLjg+SlIjBci9Pam BZWJwKunvVW634dqDsA82kaY4qEuOW/m28UEqrgGzdzqLEHa53qo6ewIB6+UZZJ9 Li8q6UFaeuB1+XxCWKOTLVQVJb1Rajn/Qj1sdezEwnkClSlBwcqWwV949GMqTWT+ j7O17Fy3ikG8GdLnJ9Jfuc08gYv53M2l3F4Pkl7DSBI7hOAUVtIxmiBE7LEG8As+ Q36hXCat9czuZfCBDA/0Z5NlioV//Pf4zDs89wV9VGbkWbYP+QmdGCrEjPKiO3z6 24n80ngQNMyf/udxs7dMXkEkQwFkUp/IPGQeEGtiUgZ6BoofYnOv2KGMvZTroOY7 6lkkqyvrVvaKLtfG2sXn+XHlOe4ynaOrqHB6NqzDE0GrQbLZS9qBZi5KSldLYMeq mZVzyLXO/xUqJNcpCxWTgBCX5PtJTX041f4iZkD9O7XT4lquJmcxejjXRxmcGXFS KXfxAAICD/9oUqWeMj30pQ9z6gT8vLvOc58FEkRI8l+gaGmJMxW0GJcLVGGej2py XXKAsNFZqHXA8LYZyCrhNMoQUZHhSA4+yhK0IdpOMkcuI4KPrStDQb3ODqgprwVc uu8yZvqgSpp5SW33EiAfETxC1lq6NSAy/yBOj1k4HA/VIXWwGDqamRrKUidsTgFt GkfSxDIyz0E11SXu93ITWuv3BN/o722R12qipBerKZFu32IqluhKUAijspcvILIR CmHSX+kKf+I4/FGtnAULMAEl+5jZBPkP4SQNetv6gszOAXAINQ0d8KTaS9052sQ6 2Y7sxN2ktutg5hFPWDXifz7sD8x47urZkeorLLzk8V+/PlKEyhyOcSFbSFH87Gzi k8TdLylx4EvjBo/QxveoHnq1W1c2hk6dFVmSw0DDOsFvFVIe0bBPFmMg9HJLorHc WrjMw3OH9QHuFPbGCqp80y4g5FmAfEQKVZogVewmmcMvv5ve6YQ8+JHO2Lemr5Lw r7CZ1JlYau4kZYTEdNsddpUDny8VKBpbsWPe/czqMtSM9qA5FtVHtjKyB5tP/+Km kmrITLAYPnDamQsPyxTkGFJ7ayYctqCXskjcSs4SH3wTjeC+uungiH11mEpiSFX9 aojO9xZ6Bg+yfLgx3JsM3P9cFQZ+TAuHyJ8xLe3j8EJaEO8R0k5XeIkARgQYEQIA BgUCNbycOwAKCRA3KBClVuBdtnfqAJ9VSagzGU55sNKOZJ8Z55ml7DmvWQCgyt57 BUI7iNaiqX1PLbirnRRSyDA= =7Onr -----END PGP PUBLIC KEY BLOCK----- |
The law is rooted in the wartime perception that letting
cryptographic techniques get free of U.S. control allows our
enemies to talk bad about us behind our backs without us knowing
about it. If that argument makes sense to you, you should know that
our enemies can get hold of extremely secure cryptographic tools
from nations other than America. Plenty of rock-solid encryption
algorithms are developed abroad and openly analyzed by academics
who pronounce them fit to use. What the U.S. law does is prevent
U.S. citizens from using encryption technologies in their daily
emails.