Key Escrow as Law Enforcement's *Worst Nightmare*

Timothy C. May tcmay at got.net
Tue Sep 12 14:07:02 PDT 1995



"Be careful what you ask for--you might get it." (Albanian Proverb)

I'll summarize my post with my last line: In short, key escrow could be law
enforcement's worst nightmare, as it truly opens up the Web as a worldwide,
distributed file system.

At 6:31 PM 9/12/95, S. Keeling wrote:

>        I would just like to point out that, when a LEA comes to you
>to get at the contents of your computer, (s)he is not going to
>patiently wait while your system wipes the offending evidence off your
>hard disk.  The first thing they do is make a copy of everything, so
>they can work from the copy.  Besides, you do have backup tapes laying
>around all over the place, don't you?

This is a main reason why "key escrow" is a double-edged sword for Law
Enforcement. That is, it is not an unadulterated "win" for them.

Consider the easy availability of a "key escrow" system (I'm deliberately
avoiding calling it either SKE, or CKE, or GAK) in which files may be
locally encrypted with the files, local decryption software, etc., stored
locally--but with efficient fast-erase methods (ranging from the
oft-mentioned "thermite charge" to a more user-friendly overvoltage to fry
the motherboard (for example, just to make the point).

(My point is not to speculate on what a "dead man switch" might look like,
but merely to look at the implications of widespread key escrow and data
destruction tools.)

Key escrow, with the keys deposited safely with one's "Family" (in both
senses of the term), and/or with one's lawyer, and/or in offshore
locations) could make the use of dead man switches much "safer." A numbers
game operator can rest easy in flushing his computer, knowing key escrow
and remote storage exists.

"Remote storage"? Sure, the Web offers easy and transparent ways to split
files up and store them in various locales. Kind of makes "search warrants"
a problem, doesn't it? The promise of the Web, to many of us, is that URLs
essentially make the machines accessible via the Web into a kind of huge,
distributed file system.

Remote sites can already be used for storage, obviously. The Web offers a
new degree of automation of the process, with many interesting
possibilities.

An interesting project would be build tools similar to ftp for automatic
backup of files to remote locations, perhaps locations that accept
"deposits" for a fee. (In digital money tokens, even.)

The tool could do multi-part splitting, and could encrypt the files. Keys
(and the locations of the parts) could independently exploit the kind of
"key escrow" mentioned above.

So, a raid is made on a site. The files are not found there, as they have
been automatically filed on other sites, with the key/location info
escrowed with escrow agents who are not cooperative with search warrants,
subpoenas, etc.

(It may be sufficient for a person to "remember" the N sites, as the sites
may be uncooperative enough so as to make it impossible for the law
enforcement people to "demand" access to files. I can discuss this furhter.
While not "secure" in a strong crypto sense, in practice this will be
pretty effective--after all, the pieces are similar to offshore bank
account access info, and law enforcement is pretty much powerless to get N
countries/banks to cooperate on a blanket search.)

In short, key escrow could be law enforcement's worst nightmare, as it
truly opens up the Web as a worldwide, distributed file system.

--Tim May

---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."








More information about the cypherpunks-legacy mailing list