1996-04-05 - Re: So, what crypto legislation (if any) is necessary?

Header Data

From: “E. ALLEN SMITH” <EALLENSMITH@ocelot.Rutgers.EDU>
To: unicorn@schloss.li
Message Hash: 87a5693232fb0ad1f487818343fa1c65419ce11a4bda0e3c53c1f9add7e96725
Message ID: <01I35J1KFFB68ZE6BJ@mbcl.rutgers.edu>
Reply To: N/A
UTC Datetime: 1996-04-05 07:54:56 UTC
Raw Date: Fri, 5 Apr 1996 15:54:56 +0800

Raw message

From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Fri, 5 Apr 1996 15:54:56 +0800
To: unicorn@schloss.li
Subject: Re: So, what crypto legislation (if any) is necessary?
Message-ID: <01I35J1KFFB68ZE6BJ@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


	I have been doing some thinking about the whole key escrow retrieval
matter. There are a couple of situations in which I can see real reasons for
doing voluntary key escrow of sensitive material:
	A. You're afraid of losing the key.
	B. Your organization is afraid that you'll lose the key or be
unavailable.
	The second can be handled internally via key sharing; if all the people
you share the key with have as much to lose by the information getting out as
you do, then they should be trustworthy and as hard to subpoena as you are.
Encrypting the shared section with another, appropriate key should take care of
the cop-stealing problem (i.e., they break into the machine).
	The first is more of a problem. If where you've entrusted your keys is
known, then the cops can come in and strong-arm/subpoena your keys away. Thus,
the basic protection mechanism should be denying them that knowledge. (Another
protection mechanism is key sharing between key escrow organizations.)
	In other words, anonymous remailers with stable nyms for the key escrow
organizations, together with fully anonymous digital cash. One problem in this
is how the organization's reputation originally is established so people will
deal with them so they can get a reputation.... etcetera. The basic method of
doing so appears to be to post a digital cash bond. (I don't know the
mathematics well enough to tell whether one could post verifiable digital cash
with it still not being usable without a decryption step. If one can't, that's
a real problem... but I suspect that one can.) The encryption on such a bond
should be put into the hands of a group of above-ground "judges" via secret
sharing, who would be a group of people chosen by the key escrow organization
in hopes of their being trusted to resolve any disputes. Of course, digital
receipts would be a big help here...
	-Allen





Thread