9.19.1. "Are trapdoors--or some form of escrowed encryption-- justified in some cases?" + Sure. There are various reasons why individuals, companies, etc. may want to use crypto protocols that allow them to decrypt even if they've lost their key, perhaps by going to their lawyer and getting the sealed envelope they left with him, etc. - or using a form of "software key escrow" that allows them access + Corporations that wish to recover encrypted data + several scenarios - employee encrypts important files, then dies or is otherwise unavailable + employee leaves company before decrypting all files - some may be archived and not needed to be opened for many years - employee may demand "ransom" (closely related to virus extortion cases) - files are found but the original encryptor is unknown + Likely situation is that encryption algorithms will be mandated by corporation, with a "master key" kept available - like a trapdoor - the existence of the master key may not even be publicized within the company (to head off concerns about security, abuses, etc.) - The mandatory use of key escrow, a la a mandatory Clipper system, or the system many of us believe is being developed for software key escrow (SKE, also called "GAK," for "government access to keys, by Carl Ellison) is completely different, and is unacceptable. (Clipper is discussed in many places here.) 9.19.2. DSS + Continuing confusion over patents, standards, licensing, etc. - "FIPS186 is DSS. NIST is of the opinion that DSS does not violate PKP's patents. PKP (or at least Jim Bidzos) takes the position that it does. But for various reasons, PKP won't sue the government. But Bidzos threatens to sue private parties who infringe. Stay tuned...." [Steve Wildstrom, sci.crypt, 1994-08-19] - even Taher ElGamal believes it's a weak standard - subliminal channels issues 9.19.3. The U.S. is often hypocritical about basic rights - plans to "disarm" the Haitians, as we did to the Somalians (which made those we disarmed even more vulnerable to the local warlords) - government officials are proposing to "silence" a radio station in Ruanda they feel is sending out the wrong message! (Heard on "McNeil-Lehrer News Hour," 1994-07-21] 9.19.4. "is-a-person" and RSA-style credentials + a dangerous idea, that government will insist that keys be linked to persons, with only one per person - this is a flaw in AOCE system - many apps need new keys generated many times
Next Page: 10. Legal Issues
Previous Page: 9.18 Concerns
By Tim May, see README
HTML by Jonathan Rochkind