LEADING CRYPTOGRAPHERS, COMPUTER SCIENTISTS SAY
GOVERNMENT KEY RECOVERY PLAN IS
EXPENSIVE, IMPRACTICAL,
AND POSES GRAVE RISKS TO PRIVACY AND SECURITY
A group of leading cryptographers and computer scientists today released a comprehensive report questioning the viability of key recovery encryption systems designed to meet law enforcement specifications for guaranteed access to private communications.
The report raises serious questions about the added risks, costs, and complexity of government key recovery proposals. "Building the secure infrastructure of the breathtaking scale and complexity demanded by these requirements is far beyond the experience and current competency of the field," the authors note. "Even if such an infrastructure could be built, the risks and costs of such a system may ultimately prove unacceptable."
The full text of the report can be found at http://www.crypto.com/key_study
The report substantially changes the terms of the ongoing debate over US encryption policy. For more than four years, the Clinton Administration has pushed for a policy of continued export restrictions on strong encryption, and the development of global key escrow and key recovery systems to address the concerns of law enforcement. The study, the first comprehensive analysis of the risks of key recovery and key escrow systems, calls into question the viability of the Administration's approach.
Drawing a sharp distinction between government requirements for key recovery and the types of recovery systems users want, the report found that government key recovery systems will produce:
- NEW VULNERABILITIES AND RISKS -- Key recovery systems make encryption systems less secure by "adding a new and vulnerable path to the unauthorized recovery of data" where one need never exist. Such backdoor paths remove the guaranteed security of encryption systems and create new "high-value targets" for attack in key recovery centers.
- NEW COMPLEXITIES -- Key recovery will require a vast infrastructure of recovery agents and government oversight bodies to manage access to the billions of keys that must be recoverable. "The field of cryptography has no experience in deploying secure systems of this scope and complexity."
- NEW COSTS -- Key recovery will cost "billions of dollars" to deploy, making encryption security both expensive and inconvenient.
Authors of the report include Hal Abelson, Steven M. Bellovin, Josh Benaloh, Matt Blaze, Whitfield Diffie, John Gilmore, Peter G. Neumann, Ronald L. Rivest, Jeffrey I. Schiller, Bruce Schneier.
(CDT policy post: http://www.cdt.org)