[44944] in Cypherpunks
GAK solutions was: Is there a lawyer in the house?
daemon@ATHENA.MIT.EDU (Pat Farrell)
Thu Dec 7 22:15:10 1995
Date: Thu, 7 Dec 1995 22:07:00 -0400 (EDT)
From: "Pat Farrell" <pfarrell@netcom.com>
Reply-To: pfarrell@netcom.com
To: cme@acm.org, cypherpunks@toad.com
In message Thu, 7 Dec 95 16:27:23 EST, cme@acm.org writes:
> It could be even worse. I was on a panel last year with Scott Charney
> (sp?) (I believe from DoJ) during which he commented that if you give
> your secret key to anyone -- e.g., your own company -- then you have
> given up the presumption of privacy.
Interesting. At the NIST meeting, criteria #5 deals with decrypting
a conversation with only the key from one end.
I thought that would be hard to implement. But during the discussion,
they called on Miles Smid [sp?] who was obviously a NIST employee/consultant
with real knowledge. He suggested that you could encrypt the
session key with the public key of both parties, and send it along.
This would allow single ended GAK.
This is not far from the idea that CME proposed that the NSA/FBI/CIA
publish public keys, and we'll hack a voluntary version of PGP that
encrypts the session key with the LEA public key -- instant
voluntary Key Escrow.
Miles Smid's idea seemed reasonable, until you realize that he intends
you to escrow your private key...
Pat
Pat Farrell Grad Student http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage #include <standard.disclaimer>
