9.19.1. "Are trapdoors--or some form of escrowed encryption--
justified in some cases?"
+ Sure. There are various reasons why individuals, companies,
etc. may want to use crypto protocols that allow them to
decrypt even if they've lost their key, perhaps by going to
their lawyer and getting the sealed envelope they left with
him, etc.
- or using a form of "software key escrow" that allows them
access
+ Corporations that wish to recover encrypted data
+ several scenarios
- employee encrypts important files, then dies or is
otherwise unavailable
+ employee leaves company before decrypting all files
- some may be archived and not needed to be opened for
many years
- employee may demand "ransom" (closely related to virus
extortion cases)
- files are found but the original encryptor is unknown
+ Likely situation is that encryption algorithms will be
mandated by corporation, with a "master key" kept available
- like a trapdoor
- the existence of the master key may not even be
publicized within the company (to head off concerns about
security, abuses, etc.)
- The mandatory use of key escrow, a la a mandatory Clipper
system, or the system many of us believe is being developed
for software key escrow (SKE, also called "GAK," for
"government access to keys, by Carl Ellison) is completely
different, and is unacceptable. (Clipper is discussed in
many places here.)
9.19.2. DSS
+ Continuing confusion over patents, standards, licensing,
etc.
- "FIPS186 is DSS. NIST is of the opinion that DSS does not
violate PKP's patents. PKP (or at least Jim Bidzos) takes
the position that it does. But for various reasons, PKP
won't sue the government. But Bidzos threatens to sue
private parties who infringe. Stay tuned...." [Steve
Wildstrom, sci.crypt, 1994-08-19]
- even Taher ElGamal believes it's a weak standard
- subliminal channels issues
9.19.3. The U.S. is often hypocritical about basic rights
- plans to "disarm" the Haitians, as we did to the Somalians
(which made those we disarmed even more vulnerable to the
local warlords)
- government officials are proposing to "silence" a radio
station in Ruanda they feel is sending out the wrong
message! (Heard on "McNeil-Lehrer News Hour," 1994-07-21]
9.19.4. "is-a-person" and RSA-style credentials
+ a dangerous idea, that government will insist that keys be
linked to persons, with only one per person
- this is a flaw in AOCE system
- many apps need new keys generated many times
By Tim May, see README
HTML by Jonathan Rochkind