1997-10-09 - Re: access to storage keys, NOT comms keys!
Header Data
From: Anonymous <nobody@REPLAY.COM>
To: cypherpunks@cyberpass.net
Message Hash: 867278dd1dc4f470c74db0fff5328ed7a7a3d7d54f2525f95a2e486412d513dc
Message ID: <199710090215.EAA02470@basement.replay.com>
Reply To: N/A
UTC Datetime: 1997-10-09 02:27:28 UTC
Raw Date: Thu, 9 Oct 1997 10:27:28 +0800
Raw message
From: Anonymous <nobody@REPLAY.COM>
Date: Thu, 9 Oct 1997 10:27:28 +0800
To: cypherpunks@cyberpass.net
Subject: Re: access to storage keys, NOT comms keys!
Message-ID: <199710090215.EAA02470@basement.replay.com>
MIME-Version: 1.0
Content-Type: text/plain
Here is what leading cryptographers say about email key recovery, from
http://www.crypto.com/key_study/report.shtml. This includes respected
figures like Bruce Schneier, Matt Blaze, Ron Rivest, Ross Anderson,
Whit Diffie, and more.
2.1 Communication Traffic vs. Stored Data
While key ``recoverability'' is a potentially important added-value
feature in certain stored data systems, in other applications of
cryptography there is little or no user demand for this feature. In
particular, there is hardly ever a reason for an encryption user to want
to recover the key used to protect a communication session such as a
telephone call, FAX transmission, or Internet link. If such a key is lost,
corrupted, or otherwise becomes unavailable, the problem can be detected
immediately and a new key negotiated. There is also no reason to trust
another party with such a key. Key recoverability, to the extent it has
a private-sector application at all, is useful only for the keys used
to protect irreproducible stored data. There is basically no business
model for other uses, as discussed below.
In stored data applications, key recovery is only one of a number of
options for assuring the continued availability of business-critical
information. These options include sharing the knowledge of keys
among several individuals (possibly using secret-sharing techniques),
obtaining keys from a local key registry that maintains backup copies,
careful backup management of the plaintext of stored encrypted data, or,
of course, some kind of key recovery mechanism. The best option among
these choices depends on the particular application and user.
Encrypted electronic mail is an interesting special case, in that it
has the characteristics of both communication and storage. Whether key
recovery is useful to the user of a secure E-mail system depends on
design of the particular system.
The government, on the other hand, proposes a key recovery infrastructure
that applies to virtually all cryptographic keys, including (especially)
those used to protect communications sessions.
They say that key recovery is not appropriate for transient keys used
during a communication session. However, email is a special case, having
characteristics of both communication and storage. In some systems,
email may be archived for long periods of time in the same format that
it was received. For such systems there is a business case for key
recovery in email.
Thread
Return to October 1997
- Return to “Adam Back <aba@dcs.ex.ac.uk>”
Return to “Anonymous <nobody@REPLAY.COM>”
- 1997-10-09 (Thu, 9 Oct 1997 10:27:28 +0800) - Re: access to storage keys, NOT comms keys! - Anonymous <nobody@REPLAY.COM>
- 1997-10-09 (Thu, 9 Oct 1997 17:08:48 +0800) - Re: access to storage keys, NOT comms keys! - Adam Back <aba@dcs.ex.ac.uk>