CDR: Re: Zero Knowledge changes business model (press release)

Adam Shostack adam at homeport.org
Tue Oct 31 10:06:34 PST 2000 

On Tue, Oct 31, 2000 at 09:11:23AM -0800, Tim May wrote:
| >>Zero-Knowledge is committed to deploying systems that are
| >>transparent and accountable. In keeping with this policy,
| >>MPS will incorporate third party verification and split
| >>encryption key structures
| 
| Split encryption key. I think that says it all.

Geez.  I don't know how we ended up with that wording. Multiple key
would have made more sense.  The goal is to have a set of keys which
are held by different entities.  Thus, your data is encrypted such
that each of those entities needs to be involved to decrypt it.

By split key encryption, we mean: E_a(E_b(E_c(data))) where E is a
strong algorithm (3des, twofish, AES), and the keys (abc) are full
strength, properly generated and stored keys for the system.

| >>, as well as provide consumers
| >>with access to white papers, independent auditors' reports
| >>or other materials that assure a company is doing what it
| >>claims. With MPS Zero-Knowledge strengthens its commitment
| >>to building responsible systems that empower consumers to
| >>control the disclosure and use of their personal
| >>information, while still enabling businesses to thrive in a
| >>data and relationship-driven marketplace.
| 
| "Empower consumers"? "Responsible systems"? "Strengthens its commitment"?
| 
| How about:
| 
| -- no key escrow, no split keys, no trusted third parties

Ok.

No key escrow.

No split keys in that (a,b) is used as the encryption key for a single 
encrypt, where Alice and Bob each have half the key.  Multiple key
systems, as I explained above.

Given that we're doing this for businesses that are collecting data
now, if you consider those parties 'trusted third parties,' then we're 
increasing the assurance that surrounds them.  We consider them
'merchants,' 'shipping companes' and other such businesses who today
get data from you.  They're not trusted third parties in the Clipper
chip sense, but they are parties who store information about you,
often in very insecure and unprivate ways, as MCI, CDnow, and others
have found out.

| -- public key crypto

Sure.

| With strong crypto widely available, what business (or knowledgeable 
| private person) is going to want or need this "ASSESS AND ADVISE" and 
| "COMMIT AND CAPITULATE" (ok, I'm changing their stages) stuff/
| 
| I can't see how a large company, like an Intel or an Amgen, is going 
| to move away from mathematically robust PKS systems and adopt some 
| throwback to the 1940s, some kind of split key or key escrow system. 
| And I can't see how Joe Consumer is going to pay for the (apparent) 
| "review" of his (presumed) needs and then get some key escrow package 
| tailored to his (presumed) needs.

We can't either.

| So, what sort of customer is this product tailored for? Some 
| middle-sized company which is clueless on crypto and which wants 
| hand-holding? Some company in a country which _requires_ key escrow? 
| Is ZKS setting itself up to be the premier supplier of key escrow and 
| LEAF tools? Sounds like it.

This isn't primarily a crypto solution, its an integrated set of
things, including an understanding of what data a company ought to
collect, what the advantages of minimization are, and then help
implementing it.

We are not selling any key escrow, leaf, GAK, clipper, capstone,
redcreek, or other such trust-me solution.

We see a huge market in companies which are discovering that policies
are not enough.  We see them hiring CPOs, and looking for assistance.
We're not abandoning Freedom--we think that controlling information
about yourself is still the best approach.  But we do get regular
requests from businesses for something else, and we're going to
provide it.  We fully intend to provide explanations of what we build
for each customer, a fair assessment of what we've built, and source
where we can.  We see those as essential for building trust in the
system.   We intend to build systems which we can be proud of.

| The "relevant legislation" language is the real kicker. Sounds like 
| the many former government types working at ZKS got the focus shifted 
| from truly secure systems to basically uninteresting--and even 
| pernicious!--systems which "meet the legitimate needs of law 
| enforcement."

We are meeting the needs of law enforcement the same way we always
have.  By building systems that protect people's privacy.  By telling
the world what we've built.  And explaining, in great detail, why we
think that key escrow, et cetera ad nauseum, is a mistake, and that we 
don't build it, don't ship it, don't support it.

| Key escrow, in other words.
| 
| 
| "Big Brother Inside"
| 
| 
| Whew.
| 
| 
| --Tim May
| -- 
| ---------:---------:---------:---------:---------:---------:---------:----
| Timothy C. May              | Crypto Anarchy: encryption, digital money,
| ComSec 3DES:   831-728-0152 | anonymous networks, digital pseudonyms, zero
| W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
| "Cyphernomicon"             | black markets, collapse of governments.

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume

More information about the cypherpunks-legacy mailing list