August 14th 07, 05:52 AM
technological underpinnings demanded by these requirements would be enormously
complex and is far beyond the experience and current competency of the field.
Even if such infrastructures could be built, the risks and costs of such an
operating environment may ultimately prove unacceptable. In addition, these
infrastructures would generally require extraordinary levels of human
trustworthiness.
These difficulties are a function of the basic government access requirements
proposed for key-recovery encryption systems. They exist regardless of the
design of the recovery systems - whether the systems use private-key crypto-
graphy or public-key cryptography; whether the databases are split with secret-
sharing techniques or maintained in a single hardened secure facility; whether
the recovery services provide private keys, session keys, or merely decrypt
specific data as needed; and whether there is a single centralized infrastruc-
ture, many decentralized infrastructures, or a collection of different
approaches.
All key-recovery systems require the existence of a highly sensitive and
highly-available secret key or collection of keys that must be maintained in a
secure manner over an extended time period. These systems must make decryption
information quickly accessible to law enforcement agencies without notice to
the key owners. These basic requirements make the problem of general key
recovery difficult and expensive - and potentially too insecure and too costly
for many applications and many users.
Attempts to force the widespread adoption of key-recovery encryption through
export controls, import or domestic use regulations, or international standards
should be considered in light of these factors. The public must carefully
consider the costs and benefits of embracing government-access key recovery
before imposing the new security risks and spending the huge investment
required (potentially many billions of dollars, in direct and indir
complex and is far beyond the experience and current competency of the field.
Even if such infrastructures could be built, the risks and costs of such an
operating environment may ultimately prove unacceptable. In addition, these
infrastructures would generally require extraordinary levels of human
trustworthiness.
These difficulties are a function of the basic government access requirements
proposed for key-recovery encryption systems. They exist regardless of the
design of the recovery systems - whether the systems use private-key crypto-
graphy or public-key cryptography; whether the databases are split with secret-
sharing techniques or maintained in a single hardened secure facility; whether
the recovery services provide private keys, session keys, or merely decrypt
specific data as needed; and whether there is a single centralized infrastruc-
ture, many decentralized infrastructures, or a collection of different
approaches.
All key-recovery systems require the existence of a highly sensitive and
highly-available secret key or collection of keys that must be maintained in a
secure manner over an extended time period. These systems must make decryption
information quickly accessible to law enforcement agencies without notice to
the key owners. These basic requirements make the problem of general key
recovery difficult and expensive - and potentially too insecure and too costly
for many applications and many users.
Attempts to force the widespread adoption of key-recovery encryption through
export controls, import or domestic use regulations, or international standards
should be considered in light of these factors. The public must carefully
consider the costs and benefits of embracing government-access key recovery
before imposing the new security risks and spending the huge investment
required (potentially many billions of dollars, in direct and indir