[Cryptography] Escrowing keys

[Jerry Leichter]

> The problem Apple has is all the devices
> in a single class have the same key and a forced
> legal disclosure impacts a million other devices.
Citation?  No description I've ever seen of Apple's approach to encryption involves such a key *to the devices*.

If you're saying that there's only one Apple *signing key* to sign legitimate updates - yes, that's true.  (Well, there's some small number, used for different things.)  The situation with that key - or the theoretical alternative, a database of unique signing keys for each device produced - involves interesting tradeoffs on the legal side.

> The million of other devices and the financial impact to
> the company protected Apple.
Well, yes, that's potentially a problem for the *government*, not Apple or its users.  It's been a common strategy to entangle stuff you want to protect with a whole bunch or other stuff belonging to others so that you can later claim a demand to produce something would inevitably let out a whole load of other stuff to which the government (or a private party in a lawsuit) is not entitled.  It's not clear how effective that strategy is.  Certainly, the majority of governments in the world don't much care about who's privacy is compromised along the way of getting what they want.  And even in countries like the US, with reasonably strong protections, we have by now an extensive history of successful claims by the government that incidental *collection* of masses of stuff that "is never looked at" doesn't invade anyone's privacy for legal purposes.
                                                        -- Jerry