1994-06-18 - Re: a bit more information on key escrow

Header Data

From: roy@sendai.cybrspc.mn.org (Roy M. Silvernail)
To: cypherpunks@toad.com
Message Hash: ffb667e964f225209d69e1358d63ed6284258f64745fa7ddb96091315928c201
Message ID: <940617.012753.2E7.rusnews.w165w@sendai.cybrspc.mn.org>
Reply To: <9406172135.AA21111@toad.com>
UTC Datetime: 1994-06-18 00:05:38 UTC
Raw Date: Fri, 17 Jun 94 17:05:38 PDT

Raw message

From: roy@sendai.cybrspc.mn.org (Roy M. Silvernail)
Date: Fri, 17 Jun 94 17:05:38 PDT
To: cypherpunks@toad.com
Subject: Re: a bit more information on key escrow
In-Reply-To: <9406172135.AA21111@toad.com>
Message-ID: <940617.012753.2E7.rusnews.w165w@sendai.cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


In list.cypherpunks, smb@research.att.com writes:

> I and a few others sent a short list of questions to Dorothy Denning
> and Steve Kent, with a request that they forward them to the other review
> panel members.  Here are Denning's answers.  I do not know if they
> represent the view of the other committee members, or if more details
> will be forthcoming.  In particular, I do not know if anyone on the
> committee will ask NSA to declassify any information relative to these
> questions.  I did ask that if the answer to anything was ``it's
> classified'', that a persuasive rationale for the classification
> status be given.

First off, thanks for passing this along.  Ms. Denning's comments have
some, shall we say, disturbing implications in re this "target system".

> 11.     How are escrowed keys protected during transport and storage?
>         What about backup?


>         Encrypted Key Components are transported on floppy disks inside
>         tamper-detecting packages.  A number is written on each
>         package.  Upon arrival, the packages are checked for tampering and
>         the numbers are checked.  In the target system, key escrow data
>         will be transmitted electronically using cryptography for
>         protection.


> 14.     How will wiretap keys expire?
>         When the Escrow Officers load the Key Components into the
>         Decrypt Processor, they also type in the expiration date.  The
>         date is stored with the Unique Key, but the person operating
>         the Decrypt Processor must issue a command to delete the key.
>         When that happens, the Escrow Agents are to be notified of the
>         key deletion.  In the target system, the key will be deleted
>         automatically when the court order expires, and the
>         notification will be sent automatically from the Decrypt
>         Processor.

Somehow, it's not surprising that the current implementation must be
told explicitly to forget a key.  I wonder how many keys a decryptor can
remember at a time, as well.

But the "target system" references are even more sinister.  They seem to
describe an online system for retrieving and using escrowed keys.  Such
a system might be viewed as the data equivalent of the FBI's Digital
Telephony initiative.  And as we all know, where there is an online
connection, there may be a vulnerability.  Remembering that escrow
release will need only an affadavit claiming that a court order exists,
how susceptible to spoofing will the system be?  And if it's on the
Internet (which is, after all, the Highway 101 of the NII), will the
promiscuous packet sniffers be able to snag Clipper Keys on their way to
the spooks?

Can I turn my telescreen down now?
- -- 
Roy M. Silvernail --  roy@sendai.cybrspc.mn.org
                "There's no government like no government!"
                                    -- stolen sig quote

Version: 2.6