[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New Threat on the Horizon: Software Key Escrow



Tim May writes:
>Diffie described in some detail a software-based scheme developed by
>NIST (and Dorothy Denning, if I recall correctly) that, as I recall
>the details, avoids public key methods. Perhaps this was also

If it's the same scheme that I'm thinking of (that Dorothy Denning
presented at the Karlshrue workshop), it was developed by Stephen
Walker and David Balenson of Trusted Information Systems, in
cooperation with NIST.

It's a cute scheme - it doesn't involve secret hardware or algorithms, but
does involve public key cryptography, roughly in place of the clipper
unit and family keys.  You can thwart the system with cooperation at both
ends, but you can't interoperate with legal users; in this sense it's
more robust against abuse than the Clipper hardware-based system

The basic idea is that each user gets a unique public key from the
government, which is used to encrypt the session key.  You encrypt the
session key with this key and send both it and the certified public key
to the reciever, who verifies the signature to confirm that it really was
issued by the government.  Now the receiver also encrypts the session key
and compares the result with what you sent, refusing to operate if they
don't match.

Of course, two parties can cheat by patching their verification routines.
But it's very hard to interoperate with non-rogues.

-matt