At 12:18 AM -0700 9/13/97, Bill Stewart wrote:
On the other hand, PGP 5.0 has a perfectly usable GAK feature, not that the Fedz would approve it. It's the "Always encrypt to default key", which is primarily intended for keeping copies in a form you can read later, but would work just as well with the FBI key instead.
Making the FBI key an immediate target for (1) Distributed factoring; (2) Stealing by hook, crook or bribery; or (3) Destruction of the coresponding secret key by some cypherliberty nut. :-) (1) and (2) would blow any secrets encrypted with the system. (3) would only stop GAK until new keys could be rammed down people's throats. My bet would be (2). Aldrich Ames wasn't the only spy in the world. If the FBI is monitoring phone calls set up with DH key agreement, they are going to need to access that secret key quite frequently. It will be very hard to protect it under those circumstances. An encrypt to FBI key system has some really serious vulnerabilities. I scares me to have our financial system, utilities, and airlines, to name just a few vital civilian services, depend on a system with such an obvious flaw. There are people and organizations out there who would love to disrupt these systems, and flawed encryption would give them a powerful tool. ------------------------------------------------------------------------- Bill Frantz | The Internet was designed | Periwinkle -- Consulting (408)356-8506 | to protect the free world | 16345 Englewood Ave. frantz@netcom.com | from hostile governments. | Los Gatos, CA 95032, USA