[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How I Would Ban Strong Crypto in the U.S.



> There has been some discussion at the last couple of crypto conferences
> about possible ways around this plan.  (I guess the idea goes back at
> least a year or two.)
> 
> One idea is to register a 2048 bit public key.  You have to give the
> secret key to the government in order to use the registry.  But what you
> do is to create a second key and embed it in the first.  It is, say, a
> 1024 bit key which is the lower half of the 2048 bit key.  It has
> different secret factors that nobody but you knows.  Then when people
> send you messages they encrypt using this modulus rather than the
> official one.
> 
> You get the benefit of the government-sponsored key certificate
> infrastructure, but the government is not able to crack your
> communications.

Sorry, but the government generates all keys.  Otherwise people might
mess up and choose insecure keys.