crypto backdoors = terrorisms free reign
Matt Blaze
mab at research.att.com
Sat Sep 15 13:42:03 EDT 2001
mccoy at io.com writes:
...
>
> Incorrect. While it is possible that such a backdoor can be found it is by
> no means as simple as you imply, particularly for non-state entities. While
> such secrets can eventually leak out this task is not easy for even trained
> professionals, to claim that it is going to be a simple task for radicals
> and hostile countries is not consistent with the facts. While some secrets
> are hard to protect (especially over time) it is possible to build a system
> for key scrow that makes abuse difficult, albeit not impossible, and still
> provides the law enforcement assistance that the public may demand.
...
Although the subtleties of the problem may not be completely obvious, the
security risks introduced by key escrow mechanisms are quite significant.
See, e.g., our 1998 report:
http://www.crypto.com/papers/escrowrisks98.pdf
If anything, the risks we studied three years ago would be amplified
considerably today, given that encryption is now increasingly used as a
central component of the security of many critical services and systems.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list