CDR: Re: Zero Knowledge changes business model to Split Key Escrow(NSA-Key (press release)

Ray Dillinger bear at sonic.net
Tue Oct 31 11:54:48 PST 2000 


On Tue, 31 Oct 2000, Tim May wrote:

>And this process may not happen with just subpoenas. It will likely 
>happen with national security agencies. Without Alice knowing.
>
>This is what happens when Alice or any other customer of your product 
>uses "trusted third parties." GAK beats crack any day.
>
>This is the danger of building a "trusted third parties" system. And 
>is precisely the reason  the United Kingdom was campaigning for this 
>kind of system.
>
>By building precisely the tools they and other governments would need 
>to implement such a system, you are making such a system more likely 
>to happen.

'scuse me, but this gets a big raspberry.  The tools governments would 
need to implement such a system are already out there, in droves and 
gobs.  What ZKS does or does not contribute to that brew has little to 
do with whether broken security gets rammed down everyone's throats or 
not. 

Asking for crypto systems that cannot be used in such plans is a lot 
like asking for bricks that cannot be used to build unsound structures. 
Somebody might be able to develop such a brick: but it wouldn't be a 
general, flexible component, and there'd be so many *sound* structures 
you couldn't build with it, or had to expend a lot of head-sweat figuring 
out *how* to build with it, that all the construction workers would 
hate it and ignore it to death.

I think that crypto tools ought to support whatever the hell crypto 
operations the people using them want.  Including third party access 
to keys and the use of monoalphabetic substitution ciphers to encrypt 
correspondence if they're stupid enough to want that.  There is no 
foolproof system, and attempting to make foolproof systems only limits 
the uses to which they can be put by non-fools. 

Alice cannot give her private info to Bob and then expect Bob not 
to know it in some other situation; it has passed out of her control 
and any policy or tool Bob has in place to "maintain privacy" is 
equally out of Alice's control.  If Bob is trustworthy, there is no 
need for crypto at all because Bob will religiously *not* look at those 
records for any unauthorized purposes.  If Bob is untrustworthy, Bob 
will claim to be using crypto whether or not Bob is actually using it, 
and claim to have a privacy policy that he follows whether or not he 
actually does.  Either way, there is no reliable protection for Alice 
the consumer once she has passed her personal info in the clear to Bob.

				Bear

More information about the cypherpunks-legacy mailing list