1997-12-03 - Re: *** PGP HAS A BACKDOOR - by Phil Zimmerman

Header Data

From: Charlie Comsec <comsec@nym.alias.net>
To: mail2news@basement.replay.com
Message Hash: 1f3890a831295cb8388f1bc6cc96b1803fc94996b3be2612e0d2ef9861d3ba47
Message ID: <19971203224005.20152.qmail@nym.alias.net>
Reply To: <6441635046.162107260@news.stray.cat.edu>
UTC Datetime: 1997-12-03 23:06:42 UTC
Raw Date: Thu, 4 Dec 1997 07:06:42 +0800

Raw message

From: Charlie Comsec <comsec@nym.alias.net>
Date: Thu, 4 Dec 1997 07:06:42 +0800
To: mail2news@basement.replay.com
Subject: Re: *** PGP HAS A BACKDOOR - by Phil Zimmerman
In-Reply-To: <6441635046.162107260@news.stray.cat.edu>
Message-ID: <19971203224005.20152.qmail@nym.alias.net>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Anonymous <nobody@REPLAY.COM> wrote:

> > PGP 5.5 for Business Security can be configured to use escrow keys. It
> > isn't automatic, you have to explicitly enable this. I am pretty sure,
> > but not positive, that once enabled, the user is warned that that an
> > escrow key is being used.
> 
> Okay, we lived with Viacrypt and PGP 4.5 before.
> Let's talk about reasons to include those pieces of suspicious code
> in the 5.0 -version for _personal privacy_.
> Activated or not, the idea alone is a bad thing and smells like betrayal.
> 
> Why has it been done? Certainly it is not a big problem to compile a version  
> 5.0 with an activated key escrow-function? Is PGP Inc. waiting for the
> law to catch up?
> We should observe closely in the future and look out for the little
> "enhancements" which will make PGP Inc. keep their market shares:

Actually, I'm told the reason for those code hooks is so that commercial
users can do INTERNAL key "escrowing", so that if a vital individual dies
or quits and refuses to turn over his key to his successor, his employer can
recover the key and access encrypted data that would otherwise remain
inaccessible.  If the employer is paying him to produce something, then the
end result is the property of the employer and should not be lost if the
employee dies or becomes disgruntled, quits, and refuses to turn over the
key (or claims he "forgot" his passphrase) to his employer.  OTOH, an
employee should be allowed to properly revoke his key upon quitting and
distribute the revocation certificate.  (The employer may be wise to
REQUIRE that.)

I really have no problem with that as long as its use remains VOLUNTARY
at the user's discretion.  Needless to say, an employee in a situation like
that should use one key for work-related purposes and a separate,
non-escrowed one for his personal use.

Although anything is possible, I doubt that the government would use this
as a means of implementing MANDATORY key escrowing.  The powers-that-be at
the NSA seem to have real fits with software encryption to start with, and
something that's available in source code and thus modifiable would give
them nightmares.  I'd expect anything they eventually approve/mandate to
be merely a software interface to a tamper-resistant encryption engine in
firmware (complete with embedded key[s]).

- ---
Finger <comsec@nym.alias.net> for PGP public key (Key ID=19BE8B0D)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQEVAwUBNIWeZQbp0h8ZvosNAQE1GAf9E0/ZlxyCZSO9FUMIQ8EbdWJce84wqXDs
Zm4MgrdVpOkaQJWeC14WEwE2cLl6RRtcS8NSq+2YWpaZw2+8lxFsOcAhPqSCowCi
5OoBw8MraGZd6ARmQSIoveqcEBWTvggwwg9hGUy1/Eh4JDNy2ZfWj+WLgRILG0Hj
kV6Uzrlm56oPKdDW4927jwelQcFdj76UDbQSfeVVWXM6hpJtEpxayDdB9vXCWRZ5
eOVf2FA5Lu6LM23zqQ3+gpA1+XTFK4ENCWO+MSDk3OU20Pk7l5SAZ89bfuI7887a
yai8KKwHnHmE18Y5DYOrKoP6aDbjgS0207R5Z5khKsv3BLqJ4zKdPQ==
=BnQo
-----END PGP SIGNATURE-----






Thread