Recently there was a thread on a public-key program that would involve a central, government-backed-or-authorized agency to issue key pairs and serve as a repository. Could someone please post some details on this -- I seem to have gotten it into my head that this is how PEM works, and I don't know whether I'm right or just medicated. :-)
Loyd
The proposal was slightly different and has not been officially proposed as any kind of law. Here are some more details: * Dorothy Denning, noted cypto and security expert, floated a trial balloon at the Computer Security Conference last fall. (I summarized it and posted it to sci.crypt, where more than 1000 messages related to this thread, "A Trial Balloon to Ban Encryption?," eventually appeared.) * Under her proposal, a user of P-K methods would take his _private_ key and encrypt it to the _public_ key of an agency like the Justice Department (which I'll use from now on to represent the government side). The encrypted key would then be placed in a repository with another agency, perhaps a private agency like the CPSR or even the EFF. The key storage agency obviously could not read the messages (as they would be encryped to the Justice Deparment's key). * A properly-obtained warrant could then be presented to the key repository, obtaining the specific key. The Justice Department could then decrypt with its private key and thus have the private key of the user. * Ostensibly, this prevents the Justice Department from simply snooping through whatever messages it wishes to read. * There are some obvious practical and constitutional issues: - What happened to constitutional rights to privacy? Analogously, must one escrow personal diaries? Install tape recorders in all private places and escrow copies of all tapes? (Lots of comparisons to free speech, to gun control, etc.) - What happens when people register the "wrong" key? Is this even detectable? - If "noise" is sent, will the Justice Department demand the "key" be presented? How? And what penalties for noncompliance? - Many applications demand dynamic generation of keys---many public keys, many session keys, etc. How will these be registered? What fees? - It seems likely that a key registration scheme will also place limits on many of the things we hold dear on this list--digital money, anonymous systems, remailers, and all the other wonders of crypto anarchy. There's a lot more. And there was a lot of debate in sci.crypt about this. Fortunately, I don't see any further moves to make this a law. But it may come in a few years. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: MailSafe and PGP available.
participants (1)
-
tcmay@netcom.com