From: nobody@REPLAY.COM (Anonymous)
Message Hash: 7f524db1f7882f1dd28d1752f2a715470d54c294083aa711562fb73baa1ab69d
Message ID: <199709120531.HAA26749@basement.replay.com>
Reply To: N/A
UTC Datetime: 1997-09-12 05:43:36 UTC
Raw Date: Fri, 12 Sep 1997 13:43:36 +0800
From: nobody@REPLAY.COM (Anonymous) Date: Fri, 12 Sep 1997 13:43:36 +0800 To: email@example.com Subject: No Subject Message-ID: <199709120531.HAA26749@basement.replay.com> MIME-Version: 1.0 Content-Type: text/plain It is quite probable that this has been said before. In case it hasn't, however, I feel compelled to point out that mandatory key escrow/recovery could likely mean an economic disaster of unimaginable proportions. Okay, key escrow, whether by the goobermint or a contracted third-party, is beginning to scare the living crap out of me. Okay, let's assume that the ammended SAFE passes and is promptly signed into law(despite what the administration says, I don't think anyone believes for a second that it would be signed without hesitation). It's a simple matter for the Commerce Dept. to modify their review criteria to specify that the key escrow/recovery feature be enabled and that the end user not be able to disable it. This obviously doesn't affect anyone who can get their hands on the source and comment out a line or two, but think about what happens with big corporations, especially financial ones. It's highly likely that a good number of them will use crypto software just the way Big Brother would like them to, happily sending their keys off so that our friends in Washington can keep them nice and safe. Now think about this: You're Joe Random Govt. Worker at the official secret key repository, and there's a budget crisis going on - instead of paychecks, you're getting I.O.U.'s. Your terminal has access to thousands, perhaps millions, of secret keys. You grab one of CitiBank's, forge a few transactions, and 30 seconds later your Swiss bank account is a few million dollars fatter and according to the digital signature, the transaction originated in L.A.. Of course, one doesn't even have to be an underpaid govt. worker to join in on the fun. Just find a buffer overflow in the key repository's daemon software and trick it into tacking on a few secret keys with its "Big Brother thanks you for your cooperation." packet. Considering that even the CIA can't keep their severs secure, why should ANYONE, even thouse naive enough to trust the govt. to respect their privacy, ever trust such a corrupt and insecure organization with their encyption keys. Along the same lines, it's almost certain that someone is eventually going to fat-finger some code and keys are going to get sent in the clear, posted publicly, or something equally bad - with the government running the "key management infastructure", it'll probably be a 12 year old kid who got bored with Minesweeper who causes the global economic collapse.