Let me preface this with the statement that "this is according to the NSA personnel who spoke at MIT a day ago"... Having said that: The NSA claims that they were asked to design an ecryption algorithm for government use that can be used security by the government but cannot be used against the government. In order to accomplish this (according to the NSA -- see the pattern yet? ;-) they developed a secure algorithm (a-t-t-NSA), but put it in a package such that it cannot be used without the key-escrow system. It is this key-escrow system that provides that functionality that "it cannot be used against the government" (NSA-person's words, not mine). I think the idea was that the government itself cannot operate without a government standard, so the NSA was asked to create one, and they did. They also said that the key escrow system was not designed to catch criminals, but to deter criminals from using the Skipjack encryption algorithm (which they claim has no trap doors, and is very secure). In a private conversation afterwards, I asked about the fact that once the two escrowed keys get discovered, say via a legal wiretap, then my key is no good anymore. They claimed that you can only read the data by using a special box such that this box gets inputs from all the escrow agencies and the law enforcement agency and outputs the conversation, and that you cannot extract the key information from this box. I replied in the standard manner: Show me this box and prove that is has these properties. Their response was, of course, that they could not do so, and that I had to trust them. When I said that I couldn't do that, the NSA employee suggested that I use PGP! :-) Anyways, I hope this sheds a little light (and maybe a little darkness ;-) on the subject. Flames to me personally, please! -derek Derek Atkins, SB '93 MIT EE, G MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) Home page: http://www.mit.edu:8001/people/warlord/home_page.html warlord@MIT.EDU PP-ASEL N1NWH PGP key available