Escrowed encryption: Difference between revisions
imported>Sandy Harris No edit summary |
Pat Palmer (talk | contribs) mNo edit summary |
||
(5 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
{{subpages}} | {{PropDel}}<br><br>{{subpages}} | ||
'''Escrowed encryption''' is a system of [[encryption]] where the keys are held in escrow so that they can be accessed at need by national security or law enforcement. The best-known example was the US scheme for encrypted-but-tappable telephones based on the [[Clipper chip]]. | '''Escrowed encryption''' is a system of [[encryption]] where the keys are held in escrow so that they can be accessed at need by national security or law enforcement. The best-known example was the US scheme for encrypted-but-tappable telephones based on the [[escrowed encryption standard]]. The hardware involved was generally referred to as the [[Clipper chip]]. | ||
These systems are intended to be secure except in special circumstances; they use strong [[cryptography]] intended to be unbreakable by anyone without the key. Typically, two values are created which can be combined with exclusive OR to recover the key; each is put into escrow with a different agency. An unscrupulous employee at an escrow agency, or an intruder breaking into such an agency, can obtain one value but that does not give him the key, or even help him attack the cipher. However, a law enforcement or national security agency can obtain a warrant, present it to both escrow agencies, get both the secret values, and obtain the key. They can then read anything ever sent with that key. | These systems are intended to be secure except in special circumstances; they use strong [[cryptography]] intended to be unbreakable by anyone without the key. Typically, two values are created which can be combined with exclusive OR to recover the key; each is put into escrow with a different agency. An unscrupulous employee at an escrow agency, or an intruder breaking into such an agency, can obtain one value but that does not give him the key, or even help him attack the cipher. However, a law enforcement or national security agency can obtain a warrant, present it to both escrow agencies, get both the secret values, and obtain the key. They can then read anything ever sent with that key. | ||
Line 6: | Line 6: | ||
Advocates of such systems argue that police and national security people have a requirement for such access, and that adequate technical and legal safeguards can be built in. | Advocates of such systems argue that police and national security people have a requirement for such access, and that adequate technical and legal safeguards can be built in. | ||
Critics abound. In particular, escrowed encryption is anathema to | Critics abound. In particular, escrowed encryption is anathema to cypherpunks. Debate over the desirability of escrowed encryption was a major part of the controversies over cryptography in the 1990s; see [[politics of cryptography]]. Among the critics, a common term for escrowed encryption is '''GAK''' for '''government access to keys'''. The sound of "GAK" summarises their feelings on the matter. | ||
A panel of experts examined the questions and produced a report on the risks.<ref>{{citation | A panel of experts examined the questions and produced a report on the risks.<ref>{{citation | ||
| title = The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption | | title = The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption | ||
| author = [[Hal Abelson]], [[Ross Anderson]], | | author = [[Hal Abelson]], [[Ross Anderson]], Steven M. Bellovin, [[Josh Benaloh]], [[Matt Blaze]], [[Whitfield Diffie]], [[John Gilmore]], [[Peter G. Neumann]], [[Ron Rivest|Ronald L. Rivest]], [[Jeffrey I. Schiller]] & [[Bruce Schneier]] | ||
| date = 1998 | | date = 1998 | ||
| url = http://www.schneier.com/paper-key-escrow.html | | url = http://www.schneier.com/paper-key-escrow.html | ||
}}</ref> | }}</ref> | ||
== References == | |||
{{reflist}} |
Latest revision as of 13:42, 4 June 2024
This article may be deleted soon. | ||
---|---|---|
Escrowed encryption is a system of encryption where the keys are held in escrow so that they can be accessed at need by national security or law enforcement. The best-known example was the US scheme for encrypted-but-tappable telephones based on the escrowed encryption standard. The hardware involved was generally referred to as the Clipper chip. These systems are intended to be secure except in special circumstances; they use strong cryptography intended to be unbreakable by anyone without the key. Typically, two values are created which can be combined with exclusive OR to recover the key; each is put into escrow with a different agency. An unscrupulous employee at an escrow agency, or an intruder breaking into such an agency, can obtain one value but that does not give him the key, or even help him attack the cipher. However, a law enforcement or national security agency can obtain a warrant, present it to both escrow agencies, get both the secret values, and obtain the key. They can then read anything ever sent with that key. Advocates of such systems argue that police and national security people have a requirement for such access, and that adequate technical and legal safeguards can be built in. Critics abound. In particular, escrowed encryption is anathema to cypherpunks. Debate over the desirability of escrowed encryption was a major part of the controversies over cryptography in the 1990s; see politics of cryptography. Among the critics, a common term for escrowed encryption is GAK for government access to keys. The sound of "GAK" summarises their feelings on the matter. A panel of experts examined the questions and produced a report on the risks.[1] References |