[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How I Would Ban Strong Crypto in the U.S.



At  9:58 AM 7/15/96 -0400, Raph Levien wrote:
>4. Thus, the best leverage for the TLAs to win is to guide the 
>development of a key management infrastructure with the following 
>property: if you don't register your key, you can't play. I believe that 
>this is the true meaning of the word "voluntary:" you're free to make 
>the choice not to participate.
>
>5. This is _important_. If you can't get the keys for your 
>correspondents, you can't use encryption. If they build a key management 
>infrastructure that actually works, people will use it.

The obvious counter is to use the key management infrastructure for
authentication, but use a technique like Diffie-Hellman to decide on a
session key.  I see two problems with this approach:

(1) It still allows traffic analysis.
(2) It will be difficult to implement for one-way transmissions (e.g. email).

A more complex structure would overcome (2) above.  Use you GAK key to sign
your PGP key.  Post your PGP key on the MIT server (or successors), and
people who want non-GAKed communication with you would use your PGP key,
with the benefit of government approved authentication.

I still think this whole GAK thing is going to fail on the, "Which
government?" question.  I don't see either multi-nationals or their
governments wanting to share their secrets with each other, and I don't see
how to set up universal GAK to prevent that form of industrial espionage. 
Also, the key which decodes the GAKed data is just too valuable and too
easy to steal.


-------------------------------------------------------------------------
Bill Frantz       | The Internet may fairly be | Periwinkle -- Consulting
(408)356-8506     | regarded as a never-ending | 16345 Englewood Ave.
[email protected] | worldwide conversation.    | Los Gatos, CA 95032, USA