[2618] in cryptography@c2.net mail archive
Re: Director of Central Intelligence on Trust
daemon@ATHENA.MIT.EDU (Dave Emery)
Fri May 1 17:22:50 1998
Date: Thu, 30 Apr 1998 23:20:08 -0400
From: Dave Emery <die@pig.die.com>
To: "Arnold G. Reinhold" <reinhold@world.std.com>,
koontz@netapp.com (David Koontz), cme@acm.org
Cc: cryptography@c2.net
Reply-To: die@die.com
Mail-Followup-To: "Arnold G. Reinhold" <reinhold@world.std.com>,
koontz@netapp.com (David Koontz), cme@acm.org, cryptography@c2.net
In-Reply-To: <v03130300b16e97be00f2@[24.128.40.70]>; from Arnold G. Reinhold on Thu, Apr 30, 1998 at 05:33:45PM -0400
On Thu, Apr 30, 1998 at 05:33:45PM -0400, Arnold G. Reinhold wrote:
> >>algorithms like Skipjack and SHA, plus "high grade algorithms:" BATON,
> >>FIREFLY, SDNS signature, STU-III
> >
> >FIREFLY is a public key certificate exchange system originally developed
> >for certifying the role of the recipient - classification level
> >authorization, role .
> >
>
> Indeed. The STE sets and Fortezza cards can each be programmed to enforce a
> variety of usage controls. Given the versatility of STE, I am suprised that
> e-mail isn't built in.
Does anybody know whether the KOV-14 actually implements key
escrow such that a third party with access to all the private key
components supplied by NSA could intercept the contents of a secure call ?
Can NSA do this to other government departments (they appear to have
legal authority for such as part of their INFOSEC mission) ? Is there
some equivalent of the Clipper LEAF field in each call setup ? Or is the
backdoor just based on the use of a unique to the particular KOV-14
public key supplied and known by NSA to encrypt the session keys
negotiated. Is there any way a STE user could communicate without
escrow ?
--
Dave Emery N1PRE, die@die.com DIE Consulting, Weston, Mass.
PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2 5D 27 BD B0 24 88 C3 18
