I really believe this discussion completely misses the point.
RFC 1984 says:
Even if escrowed encryption schemes are used, there is nothing to
prevent someone from using another encryption scheme first.
Certainly, any serious malefactors would do this; the outer
encryption layer, which would use an escrowed scheme, would be used
to divert suspicion.
In other words: even the most Byzantine escrow system is useless in the
face of a bad actor who chooses to implement and use a non-escrowed
system, concealing its existence using a government-approved escrowed
system on top. Escrow is only useful against law-abiding people who
trust the government(s) in the first place.
Regards
Brian
On 16/08/2015 02:10, John Leslie wrote:
John Levine <johnl(_at_)taugh(_dot_)com> wrote:
It seems to me there's some straightforward solutions here. As the
"Keys Under Doormats" paper notes, the same devices are used all over
the world and it is unlikely that countries would accept key escrow
that they don't control.
Excellent point!
If we do engineer a protocol such that keys can be escrowed without
effectively exposing those keys to every competent hacker (for now lets
just laugh, not argue whether that's possible!), _who_ do we give the
escrowed keys _to_?
Hence the obvious way to do key splitting is to send a piece to the
government of every country where they sell, say, iPhones. If the
governments of China, Vietnam, Pakistan, India, Saudi Arabia, Israel,
Nigeria, Venezuela, Bolivia, and Brazil (and the US) all agree that
something is bad enough to disclose, it must be pretty bad.
Cute idea!
(Of course, our competent hacker could just hack _all_ those
countries' escrow storage; but that's likely to prove hard in Israel.)
On the other hand, if that's a bad idea, or it's ridiculous, I'd be
interested in seeing the research comparing the largly hypothetical
costs of secure crypto to the easily measured costs of having our
high tech devices shut out of all those markets.
Another excellent point.
Governments _are_ going to control manufacturers within their bounds.
Backdoors _will_ show up in implementations, if needed to get permission
to sell in certain countries.
Which, to me, raises the question of whether we might do well to
standardize something _not_ for the multi-national companies, but for
the smaller single-nation companies to provide...
--
John Leslie <john(_at_)jlc(_dot_)net>