On Tue, Oct 31, 2000 at 09:11:23AM -0800, Tim May wrote: | >>Zero-Knowledge is committed to deploying systems that are | >>transparent and accountable. In keeping with this policy, | >>MPS will incorporate third party verification and split | >>encryption key structures | | Split encryption key. I think that says it all. Geez. I don't know how we ended up with that wording. Multiple key would have made more sense. The goal is to have a set of keys which are held by different entities. Thus, your data is encrypted such that each of those entities needs to be involved to decrypt it. By split key encryption, we mean: E_a(E_b(E_c(data))) where E is a strong algorithm (3des, twofish, AES), and the keys (abc) are full strength, properly generated and stored keys for the system. | >>, as well as provide consumers | >>with access to white papers, independent auditors' reports | >>or other materials that assure a company is doing what it | >>claims. With MPS Zero-Knowledge strengthens its commitment | >>to building responsible systems that empower consumers to | >>control the disclosure and use of their personal | >>information, while still enabling businesses to thrive in a | >>data and relationship-driven marketplace. | | "Empower consumers"? "Responsible systems"? "Strengthens its commitment"? | | How about: | | -- no key escrow, no split keys, no trusted third parties Ok. No key escrow. No split keys in that (a,b) is used as the encryption key for a single encrypt, where Alice and Bob each have half the key. Multiple key systems, as I explained above. Given that we're doing this for businesses that are collecting data now, if you consider those parties 'trusted third parties,' then we're increasing the assurance that surrounds them. We consider them 'merchants,' 'shipping companes' and other such businesses who today get data from you. They're not trusted third parties in the Clipper chip sense, but they are parties who store information about you, often in very insecure and unprivate ways, as MCI, CDnow, and others have found out. | -- public key crypto Sure. | With strong crypto widely available, what business (or knowledgeable | private person) is going to want or need this "ASSESS AND ADVISE" and | "COMMIT AND CAPITULATE" (ok, I'm changing their stages) stuff/ | | I can't see how a large company, like an Intel or an Amgen, is going | to move away from mathematically robust PKS systems and adopt some | throwback to the 1940s, some kind of split key or key escrow system. | And I can't see how Joe Consumer is going to pay for the (apparent) | "review" of his (presumed) needs and then get some key escrow package | tailored to his (presumed) needs. We can't either. | So, what sort of customer is this product tailored for? Some | middle-sized company which is clueless on crypto and which wants | hand-holding? Some company in a country which _requires_ key escrow? | Is ZKS setting itself up to be the premier supplier of key escrow and | LEAF tools? Sounds like it. This isn't primarily a crypto solution, its an integrated set of things, including an understanding of what data a company ought to collect, what the advantages of minimization are, and then help implementing it. We are not selling any key escrow, leaf, GAK, clipper, capstone, redcreek, or other such trust-me solution. We see a huge market in companies which are discovering that policies are not enough. We see them hiring CPOs, and looking for assistance. We're not abandoning Freedom--we think that controlling information about yourself is still the best approach. But we do get regular requests from businesses for something else, and we're going to provide it. We fully intend to provide explanations of what we build for each customer, a fair assessment of what we've built, and source where we can. We see those as essential for building trust in the system. We intend to build systems which we can be proud of. | The "relevant legislation" language is the real kicker. Sounds like | the many former government types working at ZKS got the focus shifted | from truly secure systems to basically uninteresting--and even | pernicious!--systems which "meet the legitimate needs of law | enforcement." We are meeting the needs of law enforcement the same way we always have. By building systems that protect people's privacy. By telling the world what we've built. And explaining, in great detail, why we think that key escrow, et cetera ad nauseum, is a mistake, and that we don't build it, don't ship it, don't support it. | Key escrow, in other words. | | | "Big Brother Inside" | | | Whew. | | | --Tim May | -- | ---------:---------:---------:---------:---------:---------:---------:---- | Timothy C. May | Crypto Anarchy: encryption, digital money, | ComSec 3DES: 831-728-0152 | anonymous networks, digital pseudonyms, zero | W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, | "Cyphernomicon" | black markets, collapse of governments. -- "It is seldom that liberty of any kind is lost all at once." -Hume