“We have met the enemy, and it is math”

combinations-formulaI love that tag line. The Paris Attacks Were Tragic, but Cryptography Isn’t to Blame

The most frightening thing about the Paris attacks is that a bunch of people who didn’t pass high school calculus (and probably had a fair bit of trouble with algebra 2) are now talking about laws to regulate cryptography. A subject about which they know next to nothing. (At least they know what a cellphone is, when they regulate the telecommunications industry.)

Their favored solution is to give the .gov “special access” to any cryptographic system. There are 3 problems with this. At least 3.

First is that the .gov does not have a great record when it comes to cyber security. I haven’t looked lately, but the Obamacare website was full of problems earlier this year. And that doesn’t even come close to the Office of Personnel Management fiasco of a few months back. Was the the largest data breach in history? I’m not sure, but I would guess it is close.

The second problem is that if you build in soft encryption, you invite hackers to hack.

The last problem is that you will only inconvenience people who use commercial systems. Written under American rules. But there is nothing to say that an enterprising underworld-type couldn’t write their own encryption. Who do you think invented the internet? Lawyers? You can’t outlaw math. Though I’m sure some would like to.

That final item is interesting to me because in some ways it mimics the problems with gun control. Control of the law-abiding is easy. Control of the criminal is not so easy. So what is your goal again?