GAK Hacks! We did it for SSL, let's do it for GAK. Demonstrate that superencryption (encrypting within a GAK wrapper) defeats GAK. And other kinds of hacks, including releasing "damaged" (inoperative) versions of the proposed code (when it becomes available).
Tim, That's a start. Superencryption can protect the _content_ of the conversation, but it will not prevent _traffic analysis_. That is an important issue because, as I explain below, in our increasingly wired world, effective traffic analysis may become a _position_ escrow system, except that there won't even be any escrow. A GAK Hack that combines superencryption with a method to defeat traffic analysis would raise a lot more eyebrows than superencryption alone. Unfortunately, since we don't yet know what kind of LEAFs will be in the next-generation GAK proposal, I can only refer to some comments made awhile ago about Clipper-based traffic analysis: Date: Mon, 14 Mar 94 10:36:05 EST From: smb@research.att.com
The LEAF can be decrypted with just the family key; from what's been disclosed so far, local law enforcement agents will be able to do that without contacting the escrow sites. The LEAF contains the unit id of the chip, independent of what phone number it's being used from, ...
Imagine someone using a GAK/LEAF communication device while travelling throughout the day. Especially if the communications are wireless, no court order will be needed to track position during his/her journeys because a packet sniffer armed with the family key could detect any of his/her communications automatically. You may wonder "what packet sniffer could track communications like that"? Maybe I'm wrong, but isn't that what the recent Digital Telephony legislation was for? Now let's return to a recent message from tcmay@got.net:
The pernicious nature of the "escrow" idea, ... is that it says that surveillance is not so bad after all, because the results of the escrow will not be looked at except when "justified." ...
Or perhaps, once a GAK system with some kind of LEAFs is in place, no justification at all will be needed to accomplish efficient and fully automated massive position surveillance. Maybe key escrow is just a red herring to distract us from position surveillance? Of course, we can assume that these LEAFs will not be as vulnerable to forging as Matt Blaze demonstrated for Clipper (Tessera?). First we had: GAK = Government Access to Keys. Perhaps now we have: GULPS = Government Unlimited License for Position Surveillance? Frankly, I wouldn't be surprised if I have overstated the threat and more technically knowledgeable minds on this list will expose the flaws in my reasoning. Please do. Kevin Q. Brown kevin.q.brown@att.com kqb@whscad1.wh.att.com