I really believe this discussion completely misses the point. RFC 1984 says: Even if escrowed encryption schemes are used, there is nothing to prevent someone from using another encryption scheme first. Certainly, any serious malefactors would do this; the outer encryption layer, which would use an escrowed scheme, would be used to divert suspicion. In other words: even the most Byzantine escrow system is useless in the face of a bad actor who chooses to implement and use a non-escrowed system, concealing its existence using a government-approved escrowed system on top. Escrow is only useful against law-abiding people who trust the government(s) in the first place. Regards Brian On 16/08/2015 02:10, John Leslie wrote: > John Levine <johnl@xxxxxxxxx> wrote: >> >> It seems to me there's some straightforward solutions here. As the >> "Keys Under Doormats" paper notes, the same devices are used all over >> the world and it is unlikely that countries would accept key escrow >> that they don't control. > > Excellent point! > > If we do engineer a protocol such that keys can be escrowed without > effectively exposing those keys to every competent hacker (for now lets > just laugh, not argue whether that's possible!), _who_ do we give the > escrowed keys _to_? > >> Hence the obvious way to do key splitting is to send a piece to the >> government of every country where they sell, say, iPhones. If the >> governments of China, Vietnam, Pakistan, India, Saudi Arabia, Israel, >> Nigeria, Venezuela, Bolivia, and Brazil (and the US) all agree that >> something is bad enough to disclose, it must be pretty bad. > > Cute idea! > > (Of course, our competent hacker could just hack _all_ those > countries' escrow storage; but that's likely to prove hard in Israel.) > >> On the other hand, if that's a bad idea, or it's ridiculous, I'd be >> interested in seeing the research comparing the largly hypothetical >> costs of secure crypto to the easily measured costs of having our >> high tech devices shut out of all those markets. > > Another excellent point. > > Governments _are_ going to control manufacturers within their bounds. > Backdoors _will_ show up in implementations, if needed to get permission > to sell in certain countries. > > Which, to me, raises the question of whether we might do well to > standardize something _not_ for the multi-national companies, but for > the smaller single-nation companies to provide... > > -- > John Leslie <john@xxxxxxx> > >