CDR: Re: Zero Knowledge changes business model to Split Key Escrow(NSA-Key (press release)

Adam Shostack adam at homeport.org
Tue Oct 31 09:27:56 PST 2000 

On Tue, Oct 31, 2000 at 04:07:18PM +0100, cyphrpnk wrote:
| > >Privacy is good business. Companies in every industry are
| > >realizing they must institute the proper privacy policies,
| > >practices and infrastructures in order to succeed in
| > >today's digital economy. Zero-Knowledge Managed Privacy
| > >Services provides the tools and strategies that enable
| > >business to establish private customer relationships and
| > >earn consumer trust while ensuring legislative compliance
| > >and mitigating risk.
|                                       legistlative Compliance...
| Guess Lew Giles or the CSE came to visit

By legislative compliance, we mean compliance with laws.  There are no 
key escrow laws in Canada.  There is a privacy law, bill C-6, and we
will help companies comply with that.  We also will help companies
with HIPPA, GLB, the EU privacy directive, and other laws.  There is
also no key escrow law in the US or the EU to date, and we spend time
and energy lobbying to keep it that way.

| look at the following
| 
| >MPS will incorporate third party verification and split
| >encryption key structures, as well as provide consumers
| >with access to white papers, independent auditors' reports
| >or other materials that assure a company is doing what it 
| >claims.
| 
| third party verification and split encryption key structures,
| 
|                               Here we get to the meat of the issue... the
| item that NAI tried to force down our throats...Corporate Key Escrow..
| this time via key splitting... Shades of the NSA Key!!

Umm, so if we split a key three ways (or use three keys to
sequentially encrypt a blob), then no party can decrypt without the
cooperation of the others.  By three keys to sequentially encrypt, I
mean the stored cyphertext is (E_a(E_b(E_c(data)), not that we store
(E_a(data), E_b(data), E_c(data), which would be silly.

|     Sick em Adam!!
|     A cypherpunk whois tiring of government schemes to shell out
|     privacy companies.
| p.s. that freedom source code 2.0 for linux I was porting to BSD I guess will go
| into the bit bucket!! 1984 speak my ass!!

Sorry to hear that.  I guess your porting the code isn't enough for
you to trust it.  Odd.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume

More information about the cypherpunks-legacy mailing list