[765] in cryptography@c2.net mail archive
Re: key recovery vs data backup
daemon@ATHENA.MIT.EDU (Hal Finney)
Fri May 9 11:28:21 1997
Date: Thu, 8 May 1997 20:41:29 -0700
From: Hal Finney <hal@rain.org>
To: cryptography@c2.net
Kent Crispin, <kent@songbird.com>, writes:
> Contrast that with a key-safe model, where a copy of every encryption
> key is kept in a secure database. The encryption client software only
> talks to the key-safe when a new key is generated, over a
> cryptographically secure channel, of course. There is no policy the
> client has to know. The user encrypts freely without concern about
> who else should get copies. The organization knows that there is very
> little chance of data loss because of lost keys, and can use any
> policy it chooses to recover keys, from the company president's ad hoc
> whim to a carefully specified organization al security policy.
The problem with the key-safe model is that it does not handle outgoing
mail or other data. Outgoing email will be encrypted with keys of
the destination, and management won't have access to its contents in
a key-safe model. For some businesses this is an even more important
requirement than local or incoming data access, because they are afraid
their employees will export company secrets under the cover of encrypted
email.
You have to additionally configure the client so it always encrypts to
a message recovery key in addition to other recipients. This message
recovery key may be the user's own key in the key-safe model, or it may
be a special company key which is used for this purpose.
The result is that the key-safe model ends up not being as simple as it
sounds in order to address all the business needs.
Hal
