Govt. key escrow justification

Adam Back aba at dcs.ex.ac.uk
Thu Nov 6 11:42:45 PST 1997




This is scary stuff... Clipper VI (or whatever number we're up to) in
the making.  Expect a fresh onslaught of government master key
attempts from the US government based on this info war initiative.

Michael Wilson <0005514706 at MCIMAIL.COM> forwards:
>    "Key recovery is needed to provide business access to data when
>    encryption keys are lost or maliciously misplaced, 

Where they pervert commercial key recovery to mean central government
master access.  Nasty lies expertly spin-doctored.

>    and court-authorized
>    law enforcement access to the plain text of criminal related
>    communications and data lawfully seized," the report said.

Where criminals who rate the expense of wiretaps will be using pgp2.x
downloaded from Russia, or where ever.  More spin doctoring.

>    In its formal recommendations, the commission urged the government to
>    speed up pilot programs on key recovery, promote efforts to plan for
>    implementing large-scale key recovery systems and encourage
>    private-sector key recovery efforts.

And there it is, they now want to encourage private sector key
recovery.  Now why would they want to do that, if they don't plan to
use it as an infrastructure.

>      WASHINGTON The head of a presidential commission on cyber-terrorism
>      on Wednesday told a Senate panel that a mandatory system guaranteeing
>      third-party access to scrambled computer communications may be
>      necessary if industry does not embrace the Clinton administration's
>      plan for a voluntary encryption decoding system.

And there so soon we have another repetition of Freeh's comments about
mandatory being necessary.

>      But the key to national security, Marsh said, is strong encryption
>      coupled with a back-door access for law enforcement officials to
>      sensitive communications.

I don't buy this at all.  For an infrastructure attack you're worried
about pervasive problems in case someone tries to bring down the whole
system.  Building central control in _anything_ is asking for trouble
in info war terms.  Everything should be as distributed as possible,
to minimise scope of an attacker who compromises keys.

Law enforcement with the master keys to the whole country is a huge
risk.  Some law enforcement key custodian will simply be bribed or
coerced for the key, and then they really will have an info war risk.

>      "We want to see that adopted over all the critical control functions
>      at an early date," he told the Senate Judiciary Committee's
>      Subcommittee on Technology, Terrorism and Government Information.

They want to fast track mandatory government access also.

>      He told the panel that "we must lower the temperature of the
>      encryption debate" long enough to complete pilot projects on key
>      recovery that will prove to industry that such systems can work.

A dangerous climate to be building any recovery systems in, however
carefully constructed to reduce risks.  I am having doubts about the
safety of working on even about anything but the most ad-hoc local
recovery at this point.

>      Various agencies of the federal government currently are developing
>      13 key recovery pilot projects, which were on display Wednesday at a
>      Government Information Technology Services conference. Marsh said the
>      National Security Agency and the National Institutes for Standards
>      and Technology should head efforts to perfect those systems and set
>      standards for a national infrastructure protection office to carry
>      out.

Really gunning for it this time.  13 recovery pilots, NIST and NSA
involvement, standards setting.

>      Asked by the subcommittee's chairman, Jon Kyl, an Arizona Republican,
>      if those controls should be mandated, Marsh responded: "We think
>      businessmen will find it in their best interest to incorporate these
>      controls. ... Of course, in due time, that may be an option if they
>      are not willing to accept them."

That's a new one... give us master key access now, and we'll think
about allowing exceptions at some point in the future.

>      "Significant questions have been raised by leading cryptographers
>      about the security risks inherent in large-scale key recovery
>      systems, which introduce new vulnerabilities and targets for attack,
>      as well as about the costs and feasibility of implementing such
>      systems."

The main problem is the security and risk of government abuse.  I'm
not that sure cost or feasibility is a problem.

Adam
-- 
Now officially an EAR violation...
Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/

print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`







More information about the cypherpunks-legacy mailing list