Difference between revisions of "Encryption Policy"

From CSEP590TU
Jump to: navigation, search
(Export Control)
m (Research and Production)
Line 63: Line 63:
  
 
= Research and Production =
 
= Research and Production =
 +
== DES ==
 +
== PGP ==
 +
 
= References =
 
= References =
 
== Summary websites ==
 
== Summary websites ==

Revision as of 04:10, 14 November 2004

Notes and references about encryption policy.

Overview

There seem to be three aspects to encryption policy: import/export control, usage restrictions, and production/research development. Another aspect that could be explored is corporate/private usage policy.

Export Control

  • New US encryption export regulations published Jan 14, 2000 which made it easier for companies and individuals in the US to export strong encryption in common products. [1]
    • "Retail" encryption products are widely exportable to all but certain "terrorist" nations though still subject to a government review and reporting requirements. [2]
    • Non-retail products are also exportable, subject to similar requirements, to most non-government users.
    • Encryption products with less than 64-bits are freely exportable. [3]
    • Some non-proprietary source code is exportable to most countries after notice to the government. [4]
  • Regulating the export of cryptography comes from the desire to give 'our side' an advantage and disadvantage the 'other side'. Given the huge impact that cryptography and cryptanalysis played in WWII, denying enemies (precieved or real) access to strong cryptographic. [5]
  • Cryptography methods were/are regulated similiarly to munitions
  • Cryptography methods beyond a certain strength (defined by key length) wouldn't be licensed except on a case by case basis
  • Some believe that export control prevented crypto from being incorporated into commercial products (PCs, Operating Systems)
  • Rise of internet and public release of crypto techniques eventually made regulation impossible to enforce
  • Crytpo methods are often among a countries most guarded secrets. Especially pre-internet/digial age.


Refererences

Import Control

Usage Restrictions

Key Recovery

Encryption systems designed to facilitate surreptitious government access to encrypted data and communications risks98.

Must Provide

  • covert access
  • ubiquitous adtopion
  • rapid access to plaintext (under two hours)

Steps to key recovery (risks98)

  • Reliably identify and authenticate requesting law enforcement agents (there are over 17,000 U.S. domestic law enforcement organizations).
  • Reliably authenticate court order or other documentation.
  • Reliably authenticate target user and data. Check authorized validity time period.
  • Recover session key, plaintext data, or other decryption information.
  • Put recovered data in required format.
  • Securely transfer recovered data, but only to authorized parties.
  • Reliably maintain an audit trail.

Quotes

  • "The deployment of key recovery systems designed to facilitate surreptitious government access to encrypted data and communications introduces substantial risks and costs." risks98
  • "there is a significant risk that widespread insertion of government-access key recovery systems into the information infrastructure will exacerbate, not alleviate, the potential for crime and information terrorism. Increasing the number of people with authorized access to the critical infrastructure and to business data will increase the likelihood of attack, whether through technical means, by exploitation of mistakes or through corruption." risks98
  • "In making information secure from unwanted eavesdropping, interception, and theft, strong encryption has an ancillary effect: it becomes more difficult for law enforcement to conduct certain kinds of surreptitious electronic surveillance (particularly wiretapping) against suspected criminals without the knowledge and assistance of the target. This difficulty is at the core of the debate over key recovery." risks98
  • "The requirements imposed by such government-driven key recovery systems are different from the features sought by encryption users, and ultimately impose substantial new risks and costs." risks98
  • "The key recovery infrastructure will tend to create extremely valuable targets, more likely to be worth the cost and risk of attack." risks98
  • "someone who steals -- or recovers -- a signature key for a law enforcement officer or a corporate officer could use this key to forge legitimate requests for many other keys." risks98

Notes

  • Governments desire the ability to monitor all internal and external communications. The reasons vary by country but can include monitoring: terrorists, journalists, civil dissidents, and criminals.
  • Commerical users that may want key recovery would probably not need covert access to the plaintext - this is uniquely a government/law enforcement requirement. Commercial users do not need ubiquitous adoption. Only the government wants mass-monitoring of communications
  • It may be impossible to provide an encryption system that satisfies the demands of government and the encryption users.
  • Key recovery systems provide access to the plaintext outside of the normal encryption and decryption channels
  • Keys must be stored securely for an extended period of time.
  • Scale is a major problem in key recovery systems as desired by the government (17,000 US law enforcement agencies, 100s of millions of internet users)

References

Research and Production

DES

PGP

References

Summary websites

Source documents

News Articles

Policy