[cryptography] Key escrow 2012

Marsh Ray marsh at extendedsubset.com
Sun Mar 25 23:55:12 EDT 2012


(Nod to the rest of what you said)

On 03/25/2012 11:45 AM, Benjamin Kreuter wrote:
> The US government still wants a
> system where encrypted communications can be arbitrarily decrypted,
> they just dress up the argument and avoid using dirty words like "key
> escrow."

Aside from the deep moral and constitutional problems it poses, does 
anyone think the US Govt could have that even from a practical perspective?

* Some of the largest supercomputers in the world are botnets or are 
held by strategic competitor countries. This precludes the old key 
shortening trick.

* The Sony PS3 and HDMI cases show just how hard it can be to keep a 
master key secure sometimes. Master keys could be quite well protected, 
but from a policy perspective it's still a gamble that something won't 
go wrong which compromises everyone's real security (cause a public 
scandal, expose industrial secrets, etc.).

* Am I correct in thinking that computing additional trapdoor functions 
to enable USG/TLA/LEA decryption is not free? Mobile devices are 
becoming the primary computing devices for many. People may be willing 
to pay XX% in taxes, but nobody wants to pay a decrease in performance 
and battery life to enable such a misfeature.

- Marsh



More information about the cryptography mailing list