[1591] in cryptography@c2.net mail archive
Re: Emphasizing a point by Donald Eastlake re key recovery
daemon@ATHENA.MIT.EDU (Carl Ellison)
Tue Sep 23 13:45:07 1997
Date: Tue, 23 Sep 1997 11:36:04 -0400
To: rivest@theory.lcs.mit.edu (Ron Rivest)
From: Carl Ellison <cme@cybercash.com>
Cc: cryptography@c2.net, dee@cybercash.com
In-Reply-To: <199709230250.AA12239@swan.lcs.mit.edu>
-----BEGIN PGP SIGNED MESSAGE-----
At 10:50 PM 9/22/97 EDT, Ron Rivest wrote:
>
>I'd like to emphasize an excellent point made by Donald Eastlake in a
>recent posting (attached below). Mandatory key recovery can have
>devastating effects on any use of public-key cryptography, not just
>its use for encryption. An unintended consequence of mandated key
>recovery would be to put the entire framework of digital signatures at
>risk. The reason is that a user's private key (with which he signs
>messages) is typically encrypted for safe storage on his computer (or
>on a server). Mandated key recovery could require that every user
>turn over to the FBI the password with which he encrypts his private key.
I agree that Donald's points are excellent. However, there is another
possibility -- that all private keys can be kept inside Fortezza cards, with
official NSA GAK providing access for the FBI. If that's the only way to
use public key cryptography, there is no encryption of private keys.
There's also a guaranteed continued relevance for the NSA's white-hat side
into the future.
- Carl
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQCVAwUBNCfh41QXJENzYr45AQERbAQAqlKf1fW5WuFtcmrl/Cma7pwhNhXv6t62
zA7keJUxOLlqxPemiGgvzYYfwP+IFMbv/E4XTt5C1MLqN6Rd62mjbXS94hlbtPKw
bQi4dFdew9ztSJXodMwqr31RJUe6tqJcoSGzEym9Wd08/P45JyHJW6WJ/RBHf3jG
lV9WPmUq1J4=
=R373
-----END PGP SIGNATURE-----
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+
