John Levine <johnl@xxxxxxxxx> wrote: > > It seems to me there's some straightforward solutions here. As the > "Keys Under Doormats" paper notes, the same devices are used all over > the world and it is unlikely that countries would accept key escrow > that they don't control. Excellent point! If we do engineer a protocol such that keys can be escrowed without effectively exposing those keys to every competent hacker (for now lets just laugh, not argue whether that's possible!), _who_ do we give the escrowed keys _to_? > Hence the obvious way to do key splitting is to send a piece to the > government of every country where they sell, say, iPhones. If the > governments of China, Vietnam, Pakistan, India, Saudi Arabia, Israel, > Nigeria, Venezuela, Bolivia, and Brazil (and the US) all agree that > something is bad enough to disclose, it must be pretty bad. Cute idea! (Of course, our competent hacker could just hack _all_ those countries' escrow storage; but that's likely to prove hard in Israel.) > On the other hand, if that's a bad idea, or it's ridiculous, I'd be > interested in seeing the research comparing the largly hypothetical > costs of secure crypto to the easily measured costs of having our > high tech devices shut out of all those markets. Another excellent point. Governments _are_ going to control manufacturers within their bounds. Backdoors _will_ show up in implementations, if needed to get permission to sell in certain countries. Which, to me, raises the question of whether we might do well to standardize something _not_ for the multi-national companies, but for the smaller single-nation companies to provide... -- John Leslie <john@xxxxxxx>