[584] in cryptography@c2.net mail archive
RE: Escrow agencies closed?
daemon@ATHENA.MIT.EDU (Rick Smith)
Sat Apr 19 14:31:34 1997
Date: Sat, 19 Apr 1997 10:29:00 -0600
To: Bill Frantz <frantz@netcom.com>, Black Unicorn <unicorn@schloss.li>,
Larry Layten <larry@ljl.com>
From: smith@securecomputing.com (Rick Smith)
Cc: "cryptography@c2.net" <cryptography@c2.net>
At 6:33 PM 4/18/97, Bill Frantz wrote:
>I like the idea that someone, probably NSA, found a fatal flaw in the key
>"escrow" portion of the protocol, and they are trying to prevent other
>governments from GAKing their data. But then, I am a wide-eyed optimist.
In other words, situations were developing in which the govt couldn't
recover keys. I'm positive that's the inevitable result of any key recovery
scheme, given enough calendar time. Security properties are notoriously
hard to ensure in the real world.
Even if they feel certain that keys can be recovered when the system is
new, there's no certainty that accessibility will continue forever. We'll
probably find devices after a few years that provide crypto services but
the keys aren't recoverable for some unanticipated administrative or
technical reason. Our information technology just isn't that predictable,
especially over time.
So, we'll have systems whose users don't know for sure if Outsiders can
eavesdrop, and law enforcement types who find they can't eavesdrop in
situations they thought they could.
Rick.
smith@securecomputing.com secure computing corporation
