[cryptography] Key escrow 2012
James A. Donald
jamesd at echeque.com
Fri Mar 30 22:39:07 EDT 2012
On 2012-03-30 10:10 PM, StealthMonger wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> Adam Back<adam at cypherspace.org> writes:
>> Not sure that we lost the crypto wars. US companies export full
>> crypto these days, and neither the US nor most other western
>> mandatory GAK. Seems like a win to me
> Nope. If we had won, crypto would be in widespread use today for
We did not understand what software was needed, and have not supplied it.
Widespread use of encryption requires end to end encryption. Mapping
names to keys is too much work for the end user if it is additional task
on top of doing what needs doing, so people do not bother.
Need a zooko triangle like system in which your key is your ID.
If key is your ID, need a system that substitutes for DNS which maps
keys to network addresses. (Does bitcoin map keys to network
addresses?. I don't think it could work unless it does.)
If encryption is end to end, needs to replace tcp with something built
on top of udp which supports NAT penetration.
So need a DNS and tcp replacement.
And, since committees are always a security hole (the committee always
comes under hostile state influence) the tcp/DNS replacement needs to
have an arbitrary and potentially large number of bits identifying the
protocol, instead of being limited to eight or sixteen bits of protocol
identification as tcp is, and a potentially multi step protocol
negotiation allowing client and server to search for a shared protocol
of a class, so that we can avoid the need for an ICANN
ICANN, and the states it represents, was implicit in thirty two bit
network addresses and in the eight to sixteen bit protocol identifiers
More information about the cryptography