[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Key escrow granularity (Was: If only Vxxxx Fxxxxx had used encryption)

Monty Harder writes:
> The details of the protocol(s) can be worked out after the basic premise:
>        There is no reason for anyone to give up the "master key" to all
>      of their business, when the minimal overhead in storage space for
>      adding an escrowed =session= key will suffice.

More generally, the granularity of the chunk of data protected by each
escrowed key can be varied -- the tradeoff is between the cost of a key
loss and the cost of data storage. A few escrowed master keys are very
cheap to store and very expensive to lose. Each session key is
comparatively worthless on its own, but you could end up having to store an
avalanche of them.  I suspect that something close to session granularity
makes sense in the real world; multi-GB HDs tend to be much cheaper than
asking the NSA to guess your keys for you, etc. Of course, you could also
get into escrowing project keys, dept. keys, etc., ad nauseum.

Choosing session granularity is highly recommended when permitting GAK a la
SB 974 :|

-Futplex <[email protected]>