Cyphernomicon Top
Cyphernomicon 9.19

Policy: Clipper,Key Escrow, and Digital Telephony:
Loose Ends


   9.19.1. "Are trapdoors--or some form of escrowed encryption--
            justified in some cases?"
           + Sure. There are various reasons why individuals, companies,
              etc. may want to use crypto protocols that allow them to
              decrypt even if they've lost their key, perhaps by going to
              their lawyer and getting the sealed envelope they left with
              him, etc.
             - or using a form of "software key escrow" that allows them
                access
           + Corporations that wish to recover encrypted data
             + several scenarios
               - employee encrypts important files, then dies or is
                  otherwise unavailable
               + employee leaves company before decrypting all files
                 - some may be archived and not needed to be opened for
                    many years
               - employee may demand "ransom" (closely related to virus
                  extortion cases)
               - files are found but the original encryptor is unknown
           + Likely situation is that encryption algorithms will be
              mandated by corporation, with a "master key" kept available
             - like a trapdoor
             - the existence of the master key may not even be
                publicized within the company (to head off concerns about
                security, abuses, etc.)
           - The mandatory use of key escrow, a la a mandatory Clipper
              system, or the system many of us believe is being developed
              for software key escrow (SKE, also called "GAK," for
              "government access to keys, by Carl Ellison) is completely
              different, and is unacceptable. (Clipper is discussed in
              many places here.)
   9.19.2. DSS
           + Continuing confusion over patents, standards, licensing,
              etc.
             - "FIPS186 is DSS. NIST is of the opinion that DSS does not
                violate PKP's patents. PKP (or at least Jim Bidzos) takes
                the position that it does. But for various reasons, PKP
                won't sue the government. But Bidzos threatens to sue
                private parties who infringe. Stay tuned...." [Steve
                Wildstrom, sci.crypt, 1994-08-19]
             - even Taher ElGamal believes it's a weak standard
           - subliminal channels issues
   9.19.3. The U.S. is often hypocritical about basic rights
           - plans to "disarm" the Haitians, as we did to the Somalians
              (which made those we disarmed even more vulnerable to the
              local warlords)
           - government officials are proposing to "silence" a radio
              station in Ruanda they feel is sending out the wrong
              message! (Heard on "McNeil-Lehrer News Hour," 1994-07-21]
   9.19.4. "is-a-person" and RSA-style credentials
           + a dangerous idea, that government will insist that keys be
              linked to persons, with only one per person
             - this is a flaw in AOCE system
             - many apps need new keys generated many times


Next Page: 10. Legal Issues
Previous Page: 9.18 Concerns

By Tim May, see README

HTML by Jonathan Rochkind