[17339] in cryptography@c2.net mail archive
Re: [Clips] Storm Brews Over Encryption 'Safe Harbor' in Data Breach Bills
daemon@ATHENA.MIT.EDU (Adam Shostack)
Fri Jun 3 10:44:19 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Fri, 3 Jun 2005 07:56:43 -0400
From: Adam Shostack <adam@homeport.org>
To: Thierry Moreau <thierry.moreau@connotech.com>
Cc: "R.A. Hettinga" <rah@shipwright.com>, cryptography@metzdowd.com
In-Reply-To: <429FD8AF.9070000@connotech.com>
On Fri, Jun 03, 2005 at 12:12:31AM -0400, Thierry Moreau wrote:
| Here is a suggestion for an encrypted data exception based on reasonable
| key management principles:
|
| --------------------
|
| Sec xyz) The [breach notification requirement set forth in section ...]
| does not apply to [breached data portions] for which the following
| conditions are demonstrably met:
|
| a) the [breached data portion] is in an encrypted form using an
| encryption algorithm and an encryption key that can be shown to be
| [resistant / comptatible or equivalent to NIST recommended practice for
| encrypting classified data],
|
| b) the said encryption key has always been under the sole control of the
| [data originator],
|
| c) the [data originator] is in a position to retire every copy of the
| said encryption key from operations, and
|
| d) the [data originator] takes all resaonable steps to so retire every
| copy of the said encryption key from operations as soon as the [data
| breach event] is known to [the data originator], and completes such
| retirement within [a delay e.g. the same delay as for notification].
|
| The evidence that conditions a) to d) are met shall be [kept for auditor
| review / filed with an incident report otherwise mandated]
|
| --------------------
|
| Is that actually a reasonable key management principle?
No. If I get your database with SQL injection, all conditions are
met, and I have your plaintext. But, the data is in an encrypted
form, and you're saved.
Adam
| Is it possible the the US law-makers adopt such sensible approaches?
|
| --
|
| - Thierry Moreau
|
| CONNOTECH Experts-conseils inc.
| 9130 Place de Montgolfier
| Montreal, Qc
| Canada H2M 2A1
|
| Tel.: (514)385-5691
| Fax: (514)385-5900
|
| web site: http://www.connotech.com
| e-mail: thierry.moreau@connotech.com
|
|
| ---------------------------------------------------------------------
| The Cryptography Mailing List
| Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
