[Cryptography] DEcryption Contract ENforcement Tool (DECENT): A Practical Alternative to Government Decryption Backdoors

Peter Linder peterlinder at alum.mit.edu
Fri Mar 11 15:47:27 EST 2016 

DEcryption Contract ENforcement Tool (DECENT): A Practical Alternative to Government Decryption Backdoors

The idea of using threshold password sharing to spread authority is interesting. The idea of forcing public scrutiny can be taken a step further by forcing an audit trail on a block chain. I recently released for review the architecture of a design which I have been working on that uses these technologies to avoid situations like the Apple/FBI standoff. If the authorities won't take NO for an answer, then it is worth asking what related question could be answered with YES. Agreeing in advance under what conditions a decryption key could be released and then automating that process in an audit-able way would be far more acceptable then parties tied up in court trying to force dangerous solutions. People with knowledge and motivation can always add extra layers of encryption outside this system. 

Technical description here: http://eprint.iacr.org/2016/245

Abstract: A cryptographic contract and enforcement technology would guarantee release of a data decryption key to an authorized party if and only if predetermined contract requirements are satisfied. Threshold secret sharing can be used to eliminate the need for access to the hidden key under normal circumstances. It can also eliminate the liability and burden normally carried by device manufacturers or service providers when they store the decryption keys of their customers. Blockchain technology provides a mechanism for a public audit trail of the creation and release of the hidden key. The use of peer-to-peer mix-net network overlay technology can be added to insure that the blockchain audit trail documents the release of the key even if an all-powerful entity forces actors to act under duress. 

Peter Linder

==============================================
J.M. Porup wrote on 3/10/2016 7:09 AM:
> Perhaps of interest to the list.
>
> http://arstechnica.co.uk/security/2016/03/cothority-to-apple-lets-make-secret-backdoors-impossible/
>
> Cothority, a new software project designed to make secret backdoored
> software updates nearly impossible, is offering to help Apple ensure
> that any secret court orders to backdoor its software cannot escape
> public scrutiny.
>
> and a blog post here:
>
> https://freedom-to-tinker.com/blog/bford/apple-fbi-and-software-transparency/
>
> jmp
>

More information about the cryptography mailing list