Timothy C. May
tcmay at netcom.com
Mon Feb 22 10:18:19 PST 1993
>Recently there was a thread on a public-key program that would involve a
>central, government-backed-or-authorized agency to issue key pairs and
>serve as a repository. Could someone please post some details on this --
>I seem to have gotten it into my head that this is how PEM works, and I
>don't know whether I'm right or just medicated. :-)
The proposal was slightly different and has not been officially proposed as
any kind of law. Here are some more details:
* Dorothy Denning, noted cypto and security expert, floated a trial balloon
at the Computer Security Conference last fall. (I summarized it and posted
it to sci.crypt, where more than 1000 messages related to this thread, "A
Trial Balloon to Ban Encryption?," eventually appeared.)
* Under her proposal, a user of P-K methods would take his _private_ key
and encrypt it to the _public_ key of an agency like the Justice Department
(which I'll use from now on to represent the government side). The
encrypted key would then be placed in a repository with another agency,
perhaps a private agency like the CPSR or even the EFF. The key storage
agency obviously could not read the messages (as they would be encryped to
the Justice Deparment's key).
* A properly-obtained warrant could then be presented to the key
repository, obtaining the specific key. The Justice Department could then
decrypt with its private key and thus have the private key of the user.
* Ostensibly, this prevents the Justice Department from simply snooping
through whatever messages it wishes to read.
* There are some obvious practical and constitutional issues:
- What happened to constitutional rights to privacy? Analogously, must one
escrow personal diaries? Install tape recorders in all private places and
escrow copies of all tapes? (Lots of comparisons to free speech, to gun
- What happens when people register the "wrong" key? Is this even detectable?
- If "noise" is sent, will the Justice Department demand the "key" be
presented? How? And what penalties for noncompliance?
- Many applications demand dynamic generation of keys---many public keys,
many session keys, etc. How will these be registered? What fees?
- It seems likely that a key registration scheme will also place limits on
many of the things we hold dear on this list--digital money, anonymous
systems, remailers, and all the other wonders of crypto anarchy.
There's a lot more. And there was a lot of debate in sci.crypt about this.
Fortunately, I don't see any further moves to make this a law. But it may
come in a few years.
Timothy C. May | Crypto Anarchy: encryption, digital money,
tcmay at netcom.com | anonymous networks, digital pseudonyms, zero
408-688-5409 | knowledge, reputations, information markets,
W.A.S.T.E.: Aptos, CA | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: MailSafe and PGP available.
More information about the cypherpunks-legacy