[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GAK



>Date: Thu, 7 Sep 1995 13:09:03 -0800
>From: [email protected] (Douglas Barnes)
>
>One good (non-cypherpunk) argument against GAK is that it
>concentrates a very large quantity of valuable keys in a few
>places, where they become an extremely attractive target for
>government or corporate espionage.

[...]


>Note that a few million keys would fit very easily on even a
>low-end DAT tape (easily hidden in a pack of cigarettes).

The same danger happens with the TIS DRC (see the company web page), even
though there is no key escrow in the TIS system.  Instead, the emergency
access field (Data Recovery Field (DRF)) is stored with the file -- but the
key which encrypts it is the public key of the Data Recovery Center (DRC).

If too much attractive stuff is available by loss of any one public key,
that key gets attacked.  To compensate for this, the TIS DRC generates new
public keys periodically to give out to new (or old) customers.

However, a government warrant which demands the DRC's private key collection
would gain quite a harvest.

+--------------------------------------------------------------------------+
|Carl M. Ellison      [email protected]    http://www.clark.net/pub/cme/home.html|
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+