[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

TIS--Building in Big Brother for a Better Tommorrow



At 12:47 PM 2/22/96, Carl M. Ellison wrote:
>http://www.tis.com/crypto/cke.html
>
>have you guys checked out this page recently?  It shows TIS's change
>to a dual [domestic, international] approach to key recovery.
>

I hadn't looked at the TIS site in a while, so thanks for the heads up.

I just looked at it, and am not cheered by what I see. It looks to me that
any company with international sites it wishes to include in its overall
system (meaning, integrating key recovery in overall communications), must
use the more restrictive Commercial Key Escrow (tm) system:

"CKE meets the following U.S. Government requirements: 1.) tamper-resistant
escrow functionality, 2). no interoperation with non-export-approved
cryptosystems, 3). Data Recovery Centers must meet government ownership
qualifications, and 4). escrow access must be available at either end of a
communication (sender or receiver)."

Item #2 indicates that a company or organization--such as Intel or Amnesty
International or Bank of America--has two choices:

1. Use the stronger Commercial Key Recovery (CKR) for domestic
communications, the weaker, BB-Enabled (Big Brother-Enabled) Commercial Key
Escrow for offshore sites, with no interoperability...

or

2. Use the BB-Enabled CKE for all communications, thus allowing domestic
sites to communicate with their offshore sites.

My hunch is that NSA is hoping that the escrowed system, complete with weak
64-bit keys!, will be adopted as the default system, thus allowing one less
system to worry about and letting multinational companies (and what company
isn't multinational these days?) use one system. Or that Netscape and other
such companies will adopt CKE as a standard.

I haven't studied the Commercial Key Recovery (CKR) variant....I'm no
expert on these confusing protocols and see no need to become one. It is
also complicated, and it's not clear to me just how free users are to
select, say, their grandmother or their lawyer, as the holder of their
"lockbox key." I'm not claiming they're not free to do so, just that CKR
may also have unacceptable intrusions into private communications that
aren't obvious from the TIS statements I read. (The TIS statement points
out that: "Separate licensing arrangements are necessary for organizations
desiring Data Recovery
Center ownership.", so there is the chance that if I want Grandma to be my
spare key holder she might have to pay bucks to TIS and pass their
scrutiny...if so, not a very nice option, and one which could turn even CKR
into BB-Enabled software with a change in DRC policies...see point below.)

One thing to look out for is a TIS/Netscape/Lotus/etc. situation wherein
both services are offered, but the BB-enabled version is much easier to get
approval for, or even easier to set up and use, so that the skids are
greased in favor of the BB-enabled version and companies just say, "Oh, to
hell with the CKR version, let's just standardize on CKE...we have nothing
to hide."

Another thing to look for is any structural evidence in the specs for CKR
that indicates it could be "turned into" the CKE BB-Enable version by the
flip of a switch. What I mean by this is that we should always be wary of
systems which look to preserve liberties but which can be "switched" easily
once widely deployed. (Not to make a gun rights argument here, but this is
essentially what the folks worried about "gun registration" are concerned
about: any system in which guns can be registered could be converted with
the stroke of a pen into a system for confiscation; this is the main reason
they fight gun registration. I would look to see if any such parallels can
be found in the CKR variant: can the CKR variant be turned into the CKE
variant when President Buchanan decides he's had enough of these U.S.
companies communicating with those foreigners and their un-Christian ways?)

Be worried, be very worried.

(Side note: Of course, we're back to asking what the policies of the
offshore site countries may be. Imagine how thrilled the Department of
Commerce and NSA will be when Intel informs them that the government of
Japan insists that all communications with Japanese sites must use "Nippon
Key Escrow," to ensure that Chobetsu (Japanese NSA) can read Intel's
discussions of chip yields and production plans. Or that Israel wants the
Jew bits set....)

Thanks, TIS, for putting a "Big Brother Inside" sticker on your products.

No thanks.

--Tim May



Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
[email protected]  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^756839 - 1  | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."