Why key escrow is good (was Re: FWD: Internet e-mail)

Rich Graves llurch at networking.stanford.edu
Fri Jan 26 20:35:25 PST 1996 

-----BEGIN PGP SIGNED MESSAGE-----

[I'm sure all the points I'm making are really old news, but the fact
remains that I do not see distributed private key escrow applications, 
infrastructure, or advocacy, and I think there should be some.]

On Fri, 26 Jan 1996, Lynne L. Harrison, Esq. wrote:

> The following was posted to another list.  Has anybody heard about this?
> [Gee, I _wonder_ if there will be escrowed keys...]
> 
> ******Begin Forwarded Message*********
> >I just read in "legal.online" that the Postal Service plans to provide
> >secure email service.  It will include encryption plus offer U.S. mail fraud
> >protection.  Of course there is no estimate on cost.

Of course it will be escrowed. It will probably have other back doors too.
The customers will demand it. 

Most normal people don't want unescrowed strong cryptography. If they
forget their password, they want a way to get their stuff back. If they
die, they don't want their thoughts to die with them. They don't plan to
commit a major felony or, worse, run for public office, so the prospect
that a government (or someone else) will subpoena or strong-arm the keys
isn't a serious problem. 

I see no problem with this.

The problem is *government* key escrow, especially *exclusive* government
key escrow, which has none of the recoverability benefits that the average
clueless user would want associated with key escrow. 

I'd like to see strong crypto that supports distributed key escrow by 
default (of course there should be a way to turn it off). Give parts of 
your key to, say, ten people, and require that eight must concur in order 
to break into your stuff.

I would have few objections to a *properly drafted* law requiring widely
distributed key escrow *for certain applications*. It's certainly bad to
require escrow in two Federal clearing houses, and we'd have to think hard
about requiring that key escrow agencies be licensed and regulated. In
order to intercept my private communications, the government would need to
subpoena the people I trust, not itself. 

I'd feel secure, and in fact *better* than I feel about unescrowed strong
crypto, if my private stuff could be cracked by either myself in good mind
and body, or a combination of at least eight of: 

1. My boss
2. My best friend
3. My parents
4. The FBI (they get *one*, and the reason is to make it tougher for 
   nasty non-government bodies to strong-arm enough parts of my key)
5. The California Department of State (as above)
6. The Cypherpunk Escrow Agency in Berkeley
7. The Cypherpunk Escrow Agency in the Cayman Islands
8. The corner 7-11
9. Mail-order Escrows-R-Us
10. TRW

Gives a whole new meaning to the term "web of trust." By offering a piece
of your key, you're entrusting a part of your life; and by accepting a
piece of someone's key, you're agreeing to defend it with yours (life or
key, whatever -- presumably you would encrypt the keys you're escrowing in
your own escrowed key, which can be brute-forced in several ways). 

I'd like to see spring up a whole industry of both mom & pop and
institutional key escrow agents. In a way, it's kinda like those silly
cryogenics people who freeze their heads in the hopes of rising from the
dead. The only way my private thoughts can survive my death, senility, or
a really sharp blow to the head is escrow. And *I* think that at least
some of the things I would normally keep to myself are worth preserving.
Sure the world would survive without them, but we're talking about my ego
here. 

- -rich

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMQmiWo3DXUbM57SdAQEHMwQAoKZp0z7vEEGc9tPaXHfjcWGTu5kX4ImD
xMCcOvZK73GSPzqLhHGi0fiC41mGi9tueCpqVDyzoSSrzhqxE9xepUw+LFU2sypJ
KOMAVxC3AcKcRLru8Qb0WBTSZqtzvWxGBrBUq3xRnMt5FUz/RqDKtsOb2iC2F6gI
PlLmhki4wvI=
=KKyf
-----END PGP SIGNATURE-----

More information about the cypherpunks-legacy mailing list