Bruce Schneier points to an AP story about a convicted child-molester and suspected murderer who used cryptography to secure his tell-all diary:
Joseph Duncan III is a computer expert who bragged online, days before authorities believe he killed three people in Idaho, about a tell-all journal that would not be accessed for decades, authorities say.
Duncan, 42, a convicted sex offender, figured technology would catch up in 30 years, “and then the world will know who I really was, and what I really did, and what I really thought,” he wrote May 13.
Schneier points out that such cases are often used by the government to illustrate the dangers of allowing regular people to encrypt data. “How can we allow people to use strong encryption, they ask, if it means not being able to convict monsters like Duncan?”
Schneier does a good job pointing out a few reasons why, but he dances around one of the most obvious: If Duncan thought the diary would be readable now, he never would have written it. His goal was a delayed release. He wanted to wait 30 years before the details of his confession were known. I guess it was an attempt to secure some sort of perverted legacy. But he never would have done so if he thought it would be released now (and used against him).
Encryption didn’t allow him to commit the crimes, nor did it allow him to cover up the crime, as the data was encrypted under the assumption that it could not be broken for 30 years (which seems to be to be an unwise assumption, but look who we’re talking about here). Indeed, since it is quite possible that the authorities will break the diary in the short term, you could even argue that encryption is actually helping the authorities prosecute the man (as he wouldn’t have written the diary in the first place if he knew it would be broken so quickly). Could the fact that he knew he could encrypt a confession contribute to his motivation for the crimes? I doubt it, but stranger things have happened.
All technology is a double edged sword: they have good and bad uses and they’re used by honest citizens and criminals alike. Except, as Schneier notes, the good usually outweighs the bad for almost all technologies.
You probably know I feel this way (and I think you agree), but things in life shouldn’t be banned because it *might* be used in a bad/evil way…by someone…somewhere…sometime.
Really, if we’re going to use that logic, then all vehicles must be banned. Not only are there many, many vehicular accidents resulting in horrible injuries and deaths, but vehicles are often purposefully used as weapons. But I have a feeling that motorized transportation is too highly cherished by the Western world to let it go.
I pick on automobiles because they’re so ubiquitous.
Anyway, this Duncan III fellow might be a “computer expert,” a real genius, but I doubt that his encryption system will take 30 years to be cracked. But I’m no cryptography buff (that’s Charles), so what do I know?
Exactly. Schneier himself uses the automobile example in the same way.
Depending on the details of the encryption algorithm he used, there are a few possible ways it could be broken. There could be a flaw in the encryption software, but it would also depend on how random the key is (or, if he never expected to read the document again, I suppose he could have deleted it, which would be bad). I suppose it could take quite a while, depending on how much in the way of resources they dedicate to the issue.