We all owe djb a great deal of gratitude for this hard-won freedom. This is one of the greatest victories in hacker history. I hope to never see this stricken from the law of the land.
Unfortunately, it's not the law of the land --- it's a judicial opinion, written in water and subject to change without notice. (Which is how judicial opinion should be; this is just a good opinion that ought to be codified by the legislature.)
Too much of US law is actually judicial opinion - there should be some requirement that if a law is overturned/interpreted, that the legislature has to fix the original law (example: the Affordable Care act still insists it's not a tax even though it was ruled a tax).
There is no way that the US could convert to civil law. The country was founded on the common law of Britain. Widespread adoption of civil law would require the rewriting of literally all of the founding documents ... in a country where making even a tiny change to an amendment is forever a bridge to far. It would be a revolution, a new country.
The amusing thing is that most states in the USA actually incorporate all English law, usually prior to about 1600. So all those English statutes from say, 1100, like the Magna Carta, are still on the law books in the USA.
Here is Illinois:
(5 ILCS 50/1) (from Ch. 1, par. 801)
Sec. 1. That the common law of England, so far as the same is applicable and of a general nature, and all statutes or acts of the British parliament made in aid of, and to supply the defects of the common law, prior to the fourth year of James the First, excepting the second section of the sixth chapter of 43d Elizabeth, the eighth chapter of 13th Elizabeth, and ninth chapter of 37th Henry Eighth, and which are of a general nature and not local to that kingdom, shall be the rule of decision, and shall be considered as of full force until repealed by legislative authority.
I feel that this whole attitude is coming from the latest Roe V Wade issue, but remember all Roe v Wade decision would be to send the power to regulate the issue of abortion back to the states.
If there is a legislative will to do something at federal level, then in an alternate system of civil law too there wouldn't be a statute allowing abortion.
In fact, without Supreme Court's Roe v Wade's 1970s decision, abortion would be pretty much illegal in the US (as it was, right before the 1970s decision).
No, code will be deemed whatever fits the idealogy of the judiciary. Legal reasoning is secondary except for show nowadays given the partisan majority of the supreme court. Specious and convenient reasoning abound.
The full opinion[1] is a good read to see the full reasoning how source code is free speech. The key conclusion:
> Thus, cryptographers use source code to express their scientific ideas in much the same way that mathematicians use equations or economists use graphs. [...] In light of these considerations, we conclude that encryption software, in its source code form and as employed by those in the field of cryptography, must be viewed as expressive for First Amendment purposes, and thus is entitled to the protections of the prior restraint doctrine. [4233-4234]
and then they proceed to dismantle the US's understanding on source code. Lot's of material I would never normally think about.
We should all learn from this and understand that if we don't fight for and uphold our liberties they will be taken away from us. Every fight matters and if it wasn't for the US constitution this might have gone down very differently.
No, I was just behind the times. Bernstein used to work at the university of Eindhoven, now he's at the university of Bochum, which is indeed a German city.
The .ph link doesn't require JS here. The entire purpose of archive.is/.ph etc is to archive the DOM, so you don't require to view even pages that originally required JS.
Seeing any content from the original site requires JS to click on a page made to look like Cloudflare's with Google's recaptcha. Later there's mail.ru tracking among others.
curl this link and tell me that you see any text from the original website.
With the default curl settings, I get captcha indeed; but when I fake the User-Agent header ("Mozilla/5.0 (Windows NT 10.0; rv:91.0) Gecko/20100101 Firefox/91.0"), it works for me.
I was viewing the archive in Firefox with JS off and saw the text just fine. With curl I get the text of the original website (no CAPTCHA), with the archive.is wrapper layout wrapper stuff, but that is only because I had "-" as the user-agent, with my normal config of not sending the user-agent header, I get a CAPTCHA. Sounds like other user-agents work too.
US prevented publication online of encryption code on grounds of "encryption is munitions according to International Arms Treaty (enforced by US gov, natch)". Dan J Bernstein ("djb", a famous figure in encryption circles, later creating (?) Elliptic Curve Cryptography) with help from the EFF sued.
In 1999, Judge voted that, no, encryption code was "scientific expression" and thus protected by the freedoms granted by First Amendment.
There was a fair bit more back-and-forth including shifting positions by the government under various administrations, but in effect this is the case that opened the gates to better public encryption.
djb didn’t invent elliptic curve cryptography. Elliptic curve cryptography was introduced in 1985 by Victor Miller and Neal Koblitz who both independently developed the idea of using elliptic curves as the basis of a group for the discrete logarithm problem.
He did basically run the Manhattan Project for searching for ideal curves, brute forcing millions of them and testing their properties, out of which came Curve25519, which is pretty much the curve used by anyone who knows what they're doing.
I saw him give a really awesome talk about the process of finding Curve25519 around the time he published it, and I think the story is a lot more interesting than people realize.
I would not call it the "Manhatten Project" for elliptic curves. Sure, he found a curve that, when used with Diffie Hellman, allows us to treat any 32-byte string as a public key, but note that I said only Diffie Hellman. Edwards25519 does not have this property unless you map from Curve25519 keys. In addition, you can't clamp and preserve the group structure, and you also can't assume said decoding lands in the desired prime order subgroup, because it doesn't.
Curve25519's group of points over the whole curve is not of prime order. By Lagrange, the subgroups are the prime factorization of the group order. Luckily we do have a large prime order subgroup, but we also have a subgroup of order 8 and consequently of order 4 and 2 also. If you by chance decode a point into one of these groups, scalar multiplication has a high chance of hitting the identity point. In Diffie Hellman, this isn't a problem: we call it "non contributory behaviour".
If however you care about each party making a contribution and group properties, you end up having to check group membership anyway. Not having to do that is one of the main selling points of Curve25519.
Looking through the SafeCurves criteria, there are now complete addition law for prime-order weierstrass curves, negating another safecurves benefit. Since the NIST curves form a prime order group, they don't have the same subgroup problem (all Montgomery curves, by contrast, have a subgroup of order at least 4).
We owe the "fix" to this to Mike Hamburg, effectively, who came up with a mapping to and from a Jacobi Quartic form that allows you to encode and decode directly into the prime order subgroup. This is Decaf, one of the contributions of his Ed448-Goldilocks paper, and was applied to Curve25519 under the name Ristretto.
We can go further if you like. There's extensive literature on appropriate choices of pairing friendly curves, and I'm not aware of any DJB contributions here. There are also faster curves at the 128-bit security level for Diffie Hellman, i.e. FourQ, which uses the GLV decomposition and Q-curves.
---
While DJB has made some very notable contributions and helped push the state of the art along, he's not the only contributor to the field by a very long way. At the very least, we should also mention Peter Montgomery and Harold Edwards, but these are by no means the only names.
"Dan J Bernstein ("djb", a famous figure in encryption circles..."
Before DJB became famous in encryption circles, he was famous for writing qmail (an SMTP mail server that was a more secure and simpler alternative to the ubiquitous sendmail).
> His software converted a one-way “hash function” (one that takes an input string of arbitrary length and compresses it into a finite, usually shorter, string; the function has many uses in cryptography) into a private-key encryption system (one that can be decoded only by whoever holds the private “key,” or pass code). The functionality of the software depended on two people’s having exchanged their private keys.
I get what you're saying, that would typically mean encrypt with private key, and decryption with public key, like how signature algorithms work, but still, there is no cryptosystem that makes it okay to start exchanging your private keys with random parties you're communicating with, by the very definition of "private key".
Code is speech.