[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Solution to McKain's worries





The alternative solution might go something like this (also known as the
Mother of Clipper):

1. Outlaw use of any crypto not authorized and provided by an Official
Source, which is to be provided in the form of hardware on the
CPU/Motherboard (or equivalent, depending on the computing/communications
device)

2. When you wish to send an encrypted communication or store encrypted
data, the Official Crypto Device from the Official Source first must obtain
a Secrecy Credential from a Central Repository, to which you have applied
for some strength crypto.  The Credential gives you certain secrecy
privileges ... as long as you're being a good citizen.  The Credential
enables the crypto on your official device: the device will not function
without communicating with the Central Repository and obtaining today's
Credential.

3. When LEA wants to tap you, it sends a control message to the Central
Repository which modifies your Secrecy Credential, dumbing you down to,
say, 40bits. They could even provide the entire session key (or other
secret as required by protocols.)  As long as this state is in effect, your
"encrypted" communications and storage are readable by the LEA.

Now: consider the profits to be made by the Central Repository, which is
responsible for maintaining your Credential.  Each Credential use could be
charged a transaction fee, as well as the annual licensing.  The crypto
device provider has a locked-in market for its silicon, as it must go on
all the motherboards and into the CPU's.  The big-system manufacturers
responsible for the servers and communications required to manage the
communications between the crypto and repository make out real well too.

It sounds like a perfect fit for Microsoft, Intel, together with HP-s ICF!!